summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xconfigure4
-rw-r--r--cypher.h2
-rw-r--r--srtp/.cvsignore7
-rw-r--r--srtp/CHANGES223
-rw-r--r--srtp/CVS/Entries28
-rw-r--r--srtp/CVS/Repository1
-rw-r--r--srtp/CVS/Root1
-rw-r--r--srtp/LICENSE35
-rw-r--r--srtp/Makefile232
-rw-r--r--srtp/Makefile.in232
-rw-r--r--srtp/README174
-rw-r--r--srtp/TODO66
-rw-r--r--srtp/VERSION1
-rwxr-xr-xsrtp/config.guess1447
-rw-r--r--srtp/config.h_win32vc7170
-rw-r--r--srtp/config.hw192
-rw-r--r--srtp/config.log1118
-rwxr-xr-xsrtp/config.status993
-rwxr-xr-xsrtp/config.sub1555
-rw-r--r--srtp/config_in.h170
-rwxr-xr-xsrtp/configure8603
-rw-r--r--srtp/configure.in206
-rw-r--r--srtp/crypto/.cvsignore1
-rw-r--r--srtp/crypto/CVS/Entries12
-rw-r--r--srtp/crypto/CVS/Repository1
-rw-r--r--srtp/crypto/CVS/Root1
-rw-r--r--srtp/crypto/Makefile130
-rw-r--r--srtp/crypto/Makefile.in130
-rw-r--r--srtp/crypto/VERSION1
-rw-r--r--srtp/crypto/ae_xfm/CVS/Entries2
-rw-r--r--srtp/crypto/ae_xfm/CVS/Repository1
-rw-r--r--srtp/crypto/ae_xfm/CVS/Root1
-rw-r--r--srtp/crypto/ae_xfm/xfm.c570
-rw-r--r--srtp/crypto/cipher/CVS/Entries6
-rw-r--r--srtp/crypto/cipher/CVS/Repository1
-rw-r--r--srtp/crypto/cipher/CVS/Root1
-rw-r--r--srtp/crypto/cipher/aes.c1951
-rw-r--r--srtp/crypto/cipher/aes_cbc.c444
-rw-r--r--srtp/crypto/cipher/aes_icm.c511
-rw-r--r--srtp/crypto/cipher/cipher.c407
-rw-r--r--srtp/crypto/cipher/null_cipher.c152
-rw-r--r--srtp/crypto/hash/CVS/Entries5
-rw-r--r--srtp/crypto/hash/CVS/Repository1
-rw-r--r--srtp/crypto/hash/CVS/Root1
-rw-r--r--srtp/crypto/hash/auth.c173
-rw-r--r--srtp/crypto/hash/hmac.c267
-rw-r--r--srtp/crypto/hash/null_auth.c160
-rw-r--r--srtp/crypto/hash/sha1.c404
-rw-r--r--srtp/crypto/include/.cvsignore1
-rw-r--r--srtp/crypto/include/CVS/Entries29
-rw-r--r--srtp/crypto/include/CVS/Repository1
-rw-r--r--srtp/crypto/include/CVS/Root1
-rw-r--r--srtp/crypto/include/aes.h84
-rw-r--r--srtp/crypto/include/aes_cbc.h50
-rw-r--r--srtp/crypto/include/aes_icm.h56
-rw-r--r--srtp/crypto/include/alloc.h57
-rw-r--r--srtp/crypto/include/auth.h159
-rw-r--r--srtp/crypto/include/cipher.h218
-rw-r--r--srtp/crypto/include/config.h171
-rw-r--r--srtp/crypto/include/crypto.h43
-rw-r--r--srtp/crypto/include/crypto_kernel.h258
-rw-r--r--srtp/crypto/include/crypto_math.h273
-rw-r--r--srtp/crypto/include/crypto_types.h206
-rw-r--r--srtp/crypto/include/cryptoalg.h133
-rw-r--r--srtp/crypto/include/datatypes.h427
-rw-r--r--srtp/crypto/include/err.h174
-rw-r--r--srtp/crypto/include/gf2_8.h79
-rw-r--r--srtp/crypto/include/hmac.h78
-rw-r--r--srtp/crypto/include/integers.h147
-rw-r--r--srtp/crypto/include/kernel_compat.h84
-rw-r--r--srtp/crypto/include/key.h82
-rw-r--r--srtp/crypto/include/null_auth.h68
-rw-r--r--srtp/crypto/include/null_cipher.h80
-rw-r--r--srtp/crypto/include/prng.h54
-rw-r--r--srtp/crypto/include/rand_source.h91
-rw-r--r--srtp/crypto/include/rdb.h94
-rw-r--r--srtp/crypto/include/rdbx.h146
-rw-r--r--srtp/crypto/include/sha1.h108
-rw-r--r--srtp/crypto/include/stat.h69
-rw-r--r--srtp/crypto/include/xfm.h139
-rw-r--r--srtp/crypto/kernel/CVS/Entries5
-rw-r--r--srtp/crypto/kernel/CVS/Repository1
-rw-r--r--srtp/crypto/kernel/CVS/Root1
-rw-r--r--srtp/crypto/kernel/alloc.c119
-rw-r--r--srtp/crypto/kernel/crypto_kernel.c523
-rw-r--r--srtp/crypto/kernel/err.c148
-rw-r--r--srtp/crypto/kernel/key.c115
-rw-r--r--srtp/crypto/math/CVS/Entries5
-rw-r--r--srtp/crypto/math/CVS/Repository1
-rw-r--r--srtp/crypto/math/CVS/Root1
-rw-r--r--srtp/crypto/math/datatypes.c600
-rw-r--r--srtp/crypto/math/gf2_8.c83
-rw-r--r--srtp/crypto/math/math.c962
-rw-r--r--srtp/crypto/math/stat.c367
-rw-r--r--srtp/crypto/replay/CVS/Entries4
-rw-r--r--srtp/crypto/replay/CVS/Repository1
-rw-r--r--srtp/crypto/replay/CVS/Root1
-rw-r--r--srtp/crypto/replay/rdb.c137
-rw-r--r--srtp/crypto/replay/rdbx.c289
-rw-r--r--srtp/crypto/replay/ut_sim.c105
-rw-r--r--srtp/crypto/rng/CVS/Entries5
-rw-r--r--srtp/crypto/rng/CVS/Repository1
-rw-r--r--srtp/crypto/rng/CVS/Root1
-rw-r--r--srtp/crypto/rng/ctr_prng.c108
-rw-r--r--srtp/crypto/rng/prng.c180
-rw-r--r--srtp/crypto/rng/rand_linux_kernel.c65
-rw-r--r--srtp/crypto/rng/rand_source.c153
-rw-r--r--srtp/crypto/test/.cvsignore8
-rw-r--r--srtp/crypto/test/CVS/Entries11
-rw-r--r--srtp/crypto/test/CVS/Repository1
-rw-r--r--srtp/crypto/test/CVS/Root1
-rwxr-xr-xsrtp/crypto/test/aes_calcbin0 -> 38187 bytes
-rw-r--r--srtp/crypto/test/aes_calc.c111
-rw-r--r--srtp/crypto/test/auth_driver.c200
-rwxr-xr-xsrtp/crypto/test/cipher_driverbin0 -> 62039 bytes
-rw-r--r--srtp/crypto/test/cipher_driver.c491
-rwxr-xr-xsrtp/crypto/test/datatypes_driverbin0 -> 20388 bytes
-rw-r--r--srtp/crypto/test/datatypes_driver.c237
-rw-r--r--srtp/crypto/test/env.c99
-rwxr-xr-xsrtp/crypto/test/kernel_driverbin0 -> 85238 bytes
-rw-r--r--srtp/crypto/test/kernel_driver.c126
-rwxr-xr-xsrtp/crypto/test/rand_genbin0 -> 85220 bytes
-rw-r--r--srtp/crypto/test/rand_gen.c140
-rwxr-xr-xsrtp/crypto/test/sha1_driverbin0 -> 172433 bytes
-rw-r--r--srtp/crypto/test/sha1_driver.c533
-rwxr-xr-xsrtp/crypto/test/stat_driverbin0 -> 55087 bytes
-rw-r--r--srtp/crypto/test/stat_driver.c101
-rw-r--r--srtp/doc/.cvsignore3
-rw-r--r--srtp/doc/CVS/Entries11
-rw-r--r--srtp/doc/CVS/Repository1
-rw-r--r--srtp/doc/CVS/Root1
-rw-r--r--srtp/doc/Doxyfile1042
-rw-r--r--srtp/doc/Makefile44
-rw-r--r--srtp/doc/Makefile.in44
-rw-r--r--srtp/doc/crypto_kernel.txt76
-rw-r--r--srtp/doc/draft-irtf-cfrg-icm-00.txt1
-rw-r--r--srtp/doc/header.template115
-rw-r--r--srtp/doc/intro.txt395
-rw-r--r--srtp/doc/libsrtp.pdfbin0 -> 364186 bytes
-rw-r--r--srtp/doc/references.txt21
-rw-r--r--srtp/doc/rfc3711.txt3139
-rw-r--r--srtp/include/CVS/Entries7
-rw-r--r--srtp/include/CVS/Repository1
-rw-r--r--srtp/include/CVS/Root1
-rw-r--r--srtp/include/getopt_s.h60
-rw-r--r--srtp/include/rtp.h127
-rw-r--r--srtp/include/rtp_priv.h74
-rw-r--r--srtp/include/srtp.h919
-rw-r--r--srtp/include/srtp_priv.h245
-rw-r--r--srtp/include/ut_sim.h80
-rwxr-xr-xsrtp/install-sh251
-rw-r--r--srtp/libsrtp.abin0 -> 135348 bytes
-rw-r--r--srtp/srtp.def92
-rw-r--r--srtp/srtp.vcproj588
-rw-r--r--srtp/srtp/CVS/Entries2
-rw-r--r--srtp/srtp/CVS/Repository1
-rw-r--r--srtp/srtp/CVS/Root1
-rw-r--r--srtp/srtp/srtp.c1907
-rw-r--r--srtp/srtp7.sln21
-rw-r--r--srtp/srtp7.vcproj298
-rw-r--r--srtp/tables/.cvsignore1
-rw-r--r--srtp/tables/CVS/Entries3
-rw-r--r--srtp/tables/CVS/Repository1
-rw-r--r--srtp/tables/CVS/Root1
-rw-r--r--srtp/tables/aes_tables.c346
-rw-r--r--srtp/test/.cvsignore12
-rw-r--r--srtp/test/CVS/Entries12
-rw-r--r--srtp/test/CVS/Repository1
-rw-r--r--srtp/test/CVS/Root1
-rwxr-xr-xsrtp/test/dtls_srtp_driverbin0 -> 98864 bytes
-rw-r--r--srtp/test/dtls_srtp_driver.c245
-rw-r--r--srtp/test/getopt_s.c112
-rw-r--r--srtp/test/lfsr.c310
-rwxr-xr-xsrtp/test/rdbx_driverbin0 -> 22096 bytes
-rw-r--r--srtp/test/rdbx_driver.c306
-rwxr-xr-xsrtp/test/replay_driverbin0 -> 20687 bytes
-rw-r--r--srtp/test/replay_driver.c209
-rwxr-xr-xsrtp/test/roc_driverbin0 -> 20511 bytes
-rw-r--r--srtp/test/roc_driver.c165
-rw-r--r--srtp/test/rtp.c167
-rwxr-xr-xsrtp/test/rtpwbin0 -> 103664 bytes
-rw-r--r--srtp/test/rtpw.c519
-rwxr-xr-xsrtp/test/rtpw_test.sh77
-rwxr-xr-xsrtp/test/srtp_driverbin0 -> 117098 bytes
-rw-r--r--srtp/test/srtp_driver.c1491
-rw-r--r--srtp/timing1
-rwxr-xr-xsrtp/undos.sh10
-rwxr-xr-xsrtp/update.sh15
188 files changed, 44067 insertions, 0 deletions
diff --git a/configure b/configure
index 555c460..c8bb9a7 100755
--- a/configure
+++ b/configure
@@ -2,3 +2,7 @@
cd openvpn
./configure --disable-lzo --disable-crypto
cd ..
+
+cd srtp
+./configure
+cd ..
diff --git a/cypher.h b/cypher.h
index b60306e..a225ebd 100644
--- a/cypher.h
+++ b/cypher.h
@@ -33,6 +33,8 @@
#include "buffer.h"
+// this is a svn test comment
+
class Cypher
{
public:
diff --git a/srtp/.cvsignore b/srtp/.cvsignore
new file mode 100644
index 0000000..8e7e1f4
--- /dev/null
+++ b/srtp/.cvsignore
@@ -0,0 +1,7 @@
+Debug
+Makefile
+Root
+autom4te.cache
+config.log
+config.status
+fixcvs.sh
diff --git a/srtp/CHANGES b/srtp/CHANGES
new file mode 100644
index 0000000..949c389
--- /dev/null
+++ b/srtp/CHANGES
@@ -0,0 +1,223 @@
+Changelog
+
+1.3.20
+
+ Lots of changes. Thanks to Jeff Chan for catching a memory leak and
+ helping track down the endian issues with the SSRCs.
+
+1.3.8
+
+ This is an interim release. Several little-endian bugs were identified
+ and fixed; this means that we can use intel/linux for development again.
+
+ Cleaned up sha1 and hmac code significantly, got rid of some excess
+ functions and properly documented the fuctions in the .h files.
+
+ Eliminated some vestigial files.
+
+ There is a SIGBUS error in the AES encrypt function on sparc
+ (observed on both solaris and openbsd) with gcc 2.95. Was unable to
+ find bad pointer anywhere, so I'm wondering if it isn't a compiler
+ problem (there's a known problem whose profile it fits). It doesn't
+ appear on any other platform, even in the cipher_driver stress
+ tests.
+
+ Planned changes
+
+ Change interface to nonces (xtd_seq_num_t) so that it uses
+ network byte ordering, and is consistent with other arguments.
+
+
+1.3.6
+
+ Changed /dev/random (in configure.in and crypto/rng/rand_source.c) to
+ /dev/urandom; the latter is non-blocking on all known platforms (which
+ corrects some programs that seem to hang) and is actually present on
+ Open BSD (unlike /dev/random, which only works in the presence of
+ hardware supported random number generation).
+
+ Added machine/types.h case in include/integers.h.
+
+1.3.5
+
+ Removing srtp_t::template and stream_clone().
+
+ Adding a new policy structure, which will reflect a complete SRTP
+ policy (including SRTCP).
+
+ This version is *incomplete* and will undergo more changes. It is
+ provided only as a basis for discussion.
+
+1.3.4
+
+ Removed tmmh.c and tmmh.h, which implemented version one of TMMH.
+
+ Changed srtp_get_trailer_length() to act on streams rather than
+ sessions, and documented the macro SRTP_MAX_TRAILER_LEN, which should
+ usually be used rather than that function.
+
+ Removed 'salt' from cipher input.
+
+ Changed rdbx to use err.h error codes.
+
+ Changed malloc() and free() to xalloc() and xfree; these functions
+ are defined in crypto/kernel/alloc.c and declared in
+ include/alloc.h.
+
+ Added 'output' functions to cipher, in addition to 'encrypt'
+ functions. It is no longer necessary to zeroize a buffer before
+ encrypting in order to get keystream.
+
+ Changed octet_string_hex_string() so that "times two" isn't needed
+ in its input.
+
+ Added crypto_kernel_init() prior to command-line parsing, so that
+ kernel can be passed command-line arguments, such as "-d
+ debug_module". This was done to for the applications
+ test/srtp-driver, test/kernel-driver, and test/ust-driver.
+
+ Improved srtp_init_aes_128_prf - wrote key derivation function
+ (srtp_kdf_t).
+
+ Add the tag_len as an argument to the auth_compute() function, but
+ not the corresponding macro. This change allows the tag length for
+ a given auth func to be set to different values at initialization
+ time. Previously, the structure auth_t contained the
+ output_length, but that value was inaccessible from hmac_compute()
+ and other functions.
+
+ Re-named files from a-b.c to a_b.c. in order to help portability.
+
+ Re-named rijndael to aes (or aes_128 as appropriate).
+
+
+1.2.1
+
+ Changes so that 1.2.0 compiles on cygwin-win2k.
+
+ Added better error reporting system. If syslog is present on the
+ OS, then it is used.
+
+
+1.2.0 Many improvements and additions, and a fex fixes
+
+ Fixed endian issues in RTP header construction in the function
+ rtp_sendto() in srtp/rtp.c.
+
+ Implemented RIJNDAEL decryption operation, adding the functions
+ rijndael_decrypt() and rijndael_expand_decryption_key(). Also
+ re-named rijndael_expand_key() to rijndael_expand_encryption_key()
+ for consistency.
+
+ Implemented random number source using /dev/random, in the files
+ crypto/rng/rand_source.c and include/rand_source.h.
+
+ Added index check to SEAL cipher (only values less than 2^32 are
+ allowed)
+
+ Added test case for null_auth authentication function.
+
+ Added a timing test which tests the effect of CPU cache thrash on
+ cipher throughput. The test is done by the function
+ cipher_test_throughput_array(); the function
+ cipher_array_alloc_init() creates an array of ciphers for use in
+ this test. This test can be accessed by using the -a flag to
+ the application cipher-driver in the test subdirectory.
+
+ Added argument processing to ust-driver.c, and added that app to
+ the 'runtest' target in Makefile.in.
+
+ A minor auth_t API change: last argument of auth_init() eliminated.
+
+
+1.0.6 A small but important fix
+
+ Fixed srtp_init_aes_128_prf() by adding octet_string_set_to_zero()
+ after buffer allocation.
+
+ Eliminated references to no-longer-existing variables in debugging
+ code in srtp/srtp.c. This fixes the compilation failure that
+ occured when using PRINT_DEBUG in that file.
+
+ Corrected spelling of Richard Priestley's name in credits. Sorry
+ Richard!
+
+
+1.0.5 Many little fixes
+
+ Fixed octet_string_set_to_zero(), which was writing one
+ more zero octet than it should. This bug caused srtp_protect()
+ and srtp_unprotect() to overwrite the byte that followed the
+ srtp packet.
+
+ Changed sizeof(uint32_t) to srtp_get_trailer_length() in
+ srtp-driver.c. This is just defensive coding.
+
+ Added NULL check to malloc in srtp_alloc().
+
+
+1.0.4 Many minor fixes and two big ones (thanks for the bug reports!)
+
+ Removed 'ssrc' from the srtp_init_aes_128_prf() function argument
+ list. This is so that applications which do not a priori know the
+ ssrc which they will be receiving can still use libsrtp. Now the
+ SSRC value is gleaned from the rtp header and exored into the
+ counter mode offset in the srtp_protect() and srtp_unprotect()
+ functions, if that cipher is used. This change cascaed through
+ many other functions, including srtp_init_from_hex(),
+ srtp_sender_init() and srtp_receiver_init() in rtp.c, and also
+ changing the CLI to test/rtpw. In the future, another function
+ call will be added to the library that enables multiple ssrc/key
+ pairs to be installed into the same srtp session, so that libsrtp
+ works with multiple srtp senders. For now, this functionality is
+ lacking.
+
+ Removed the GDOI interface to the rtpw demo program. This will be
+ added again at a later date, after the SRTP and GDOI distributions
+ stabilize. For now, I've left in the GDOI #defines and autoconf
+ definitions so that they'll be in place when needed.
+
+ Updated tmmhv2_compute() so that it didn't assume any particular
+ alginment of the output tag.
+
+ Changed bit field variables in srtp.h to unsigned char from
+ unsigned int in order to avoid a potential endianness issue.
+
+ Fixed rdbx_estimate_index() to handle all input cases. This solves
+ the now notorious "abaft" bug in the rtpw demo app on linux/intel,
+ in which spurious replay protection failures happen after that word
+ is received.
+
+ Added ntohs(hdr->seq) to srtp_protect and srtp_unprotect, removed
+ from rijndael_icm_set_segment().
+
+ Added error checking and handling to srtp_sender_init() and
+ srtp_receiver_init().
+
+ Changed srtp_alloc() so that it does what you'd expect: allocate an
+ srtp_ctx_t structure. This hides the library internals.
+
+
+1.0.1 Many minor fixes
+
+ Added cipher_driver_buffer_test(...) to test/cipher-driver.c. This
+ function checks that the byte-buffering functions used by a cipher
+ are correct.
+
+ Fixed SunOS/Solaris build problems: added HAVE_SYS_INT_TYPES_H and
+ changed index_t to xtd_seq_num_t (see include/rdbx.h).
+
+ Fixed SEAL3.0 output byte buffering, added byte-buffering test to
+ cipher/cipher-driver.c.
+
+ Fixed roc-driver so that the non-sequential insertion test
+ automatically recovers from bad estimates. This was required to
+ prevent spurious failures.
+
+ Made rdbx_estimate_index(...) function smarter, so that initial RTP
+ sequence numbers greater than 32,768 don't cause it to estimate the
+ rollover counter of 0xffffffff.
+
+
+1.0.0 Initial release
+
diff --git a/srtp/CVS/Entries b/srtp/CVS/Entries
new file mode 100644
index 0000000..06cb0eb
--- /dev/null
+++ b/srtp/CVS/Entries
@@ -0,0 +1,28 @@
+/.cvsignore/1.3/Wed Jul 12 22:22:08 2006//
+/CHANGES/1.1.1.1/Wed Sep 21 22:51:36 2005//
+/LICENSE/1.3/Wed Jul 12 00:50:56 2006//
+/Makefile.in/1.18/Tue Jul 18 17:42:42 2006//
+/TODO/1.2/Fri Sep 23 19:34:11 2005//
+/config.guess/1.2/Sun Oct 2 19:03:54 2005//
+/config.h_win32vc7/1.1/Wed Jul 12 22:27:47 2006//
+/config.hw/1.1/Mon May 22 20:46:21 2006//
+/config.sub/1.2/Sun Oct 2 19:03:53 2005//
+/config_in.h/1.7/Mon Oct 3 15:24:08 2005//
+/configure/1.9/Mon Oct 3 15:23:13 2005//
+/configure.in/1.10/Mon Oct 3 15:19:02 2005//
+/install-sh/1.1.1.1/Wed Sep 21 22:51:38 2005//
+/srtp.def/1.1/Mon May 22 20:46:21 2006//
+/srtp.vcproj/1.1/Mon May 22 20:46:21 2006//
+/srtp7.sln/1.1/Wed Jul 12 22:22:08 2006//
+/srtp7.vcproj/1.1/Wed Jul 12 22:22:08 2006//
+/timing/1.1.1.1/Wed Sep 21 22:51:38 2005//
+/undos.sh/1.1.1.1/Wed Sep 21 22:51:38 2005//
+/update.sh/1.2/Thu Jun 8 17:00:25 2006//
+D/crypto////
+D/doc////
+D/include////
+D/srtp////
+D/tables////
+D/test////
+/README/1.4/Fri May 4 20:14:47 2007//
+/VERSION/1.4/Fri May 4 20:11:37 2007//
diff --git a/srtp/CVS/Repository b/srtp/CVS/Repository
new file mode 100644
index 0000000..3f1f3cb
--- /dev/null
+++ b/srtp/CVS/Repository
@@ -0,0 +1 @@
+srtp
diff --git a/srtp/CVS/Root b/srtp/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/LICENSE b/srtp/LICENSE
new file mode 100644
index 0000000..dd43240
--- /dev/null
+++ b/srtp/LICENSE
@@ -0,0 +1,35 @@
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
diff --git a/srtp/Makefile b/srtp/Makefile
new file mode 100644
index 0000000..ca24945
--- /dev/null
+++ b/srtp/Makefile
@@ -0,0 +1,232 @@
+# Makefile for secure rtp
+#
+# David A. McGrew
+# Cisco Systems, Inc.
+
+# targets:
+#
+# runtest runs test applications
+# test builds test applications
+# libcrypt.a static library implementing crypto engine
+# libsrtp.a static library implementing srtp
+# clean removes objects, libs, and executables
+# distribution cleans and builds a .tgz
+# tags builds etags file from all .c and .h files
+
+.PHONY: all test build_table_apps
+
+all: test
+
+runtest: build_table_apps test
+ @echo "running libsrtp test applications..."
+ crypto/test/cipher_driver$(EXE) -v >/dev/null
+ crypto/test/kernel_driver$(EXE) -v >/dev/null
+ test/rdbx_driver$(EXE) -v >/dev/null
+ test/srtp_driver$(EXE) -v >/dev/null
+ test/roc_driver$(EXE) -v >/dev/null
+ test/replay_driver$(EXE) -v >/dev/null
+ test/dtls_srtp_driver$(EXE) >/dev/null
+ cd test; ./rtpw_test.sh >/dev/null
+ @echo "libsrtp test applications passed."
+ $(MAKE) -C crypto runtest
+
+# makefile variables
+
+CC = gcc
+INCDIR = -Icrypto/include -I$(srcdir)/include -I$(srcdir)/crypto/include
+DEFS = -DHAVE_CONFIG_H
+CPPFLAGS=
+CFLAGS = -Wall -O4 -fexpensive-optimizations -funroll-loops
+LIBS =
+LDFLAGS = -L.
+COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS)
+SRTPLIB = -lsrtp
+
+RANLIB = ranlib
+INSTALL = /usr/bin/install -c
+
+# EXE defines the suffix on executables - it's .exe for Windows, and
+# null on linux, bsd, and OS X and other OSes.
+EXE =
+# gdoi is the group domain of interpretation for isakmp, a group key
+# management system which can provide keys for srtp
+gdoi =
+# Random source.
+RNG_OBJS = rand_source.o
+
+srcdir = .
+top_srcdir = .
+top_builddir =
+
+prefix = /usr/local
+exec_prefix = ${prefix}
+includedir = ${prefix}/include
+libdir = ${exec_prefix}/lib
+
+
+# implicit rules for object files and test apps
+
+%.o: %.c
+ $(COMPILE) -c $< -o $@
+
+%$(EXE): %.c
+ $(COMPILE) $(LDFLAGS) $< -o $@ $(SRTPLIB) $(LIBS)
+
+
+# libcrypt.a (the crypto engine)
+ciphers = crypto/cipher/cipher.o crypto/cipher/null_cipher.o \
+ crypto/cipher/aes.o crypto/cipher/aes_icm.o \
+ crypto/cipher/aes_cbc.o
+
+hashes = crypto/hash/null_auth.o crypto/hash/sha1.o \
+ crypto/hash/hmac.o crypto/hash/auth.o # crypto/hash/tmmhv2.o
+
+replay = crypto/replay/rdb.o crypto/replay/rdbx.o \
+ crypto/replay/ut_sim.o
+
+math = crypto/math/datatypes.o crypto/math/stat.o
+
+ust = crypto/ust/ust.o
+
+rng = crypto/rng/$(RNG_OBJS) crypto/rng/prng.o crypto/rng/ctr_prng.o
+
+err = crypto/kernel/err.o
+
+kernel = crypto/kernel/crypto_kernel.o crypto/kernel/alloc.o \
+ crypto/kernel/key.o $(rng) $(err) # $(ust)
+
+cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(replay)
+
+# libsrtp.a (implements srtp processing)
+
+srtpobj = srtp/srtp.o
+
+libsrtp.a: $(srtpobj) $(cryptobj) $(gdoi)
+ ar cr libsrtp.a $^
+ $(RANLIB) libsrtp.a
+
+# libcryptomath.a contains general-purpose routines that are used to
+# generate tables and verify cryptoalgorithm implementations - this
+# library is not meant to be included in production code
+
+cryptomath = crypto/math/math.o crypto/math/gf2_8.o
+
+libcryptomath.a: $(cryptomath)
+ ar cr libcryptomath.a $(cryptomath)
+ $(RANLIB) libcryptomath.a
+
+
+# test applications
+
+crypto_testapp = crypto/test/aes_calc$(EXE) crypto/test/cipher_driver$(EXE) \
+ crypto/test/datatypes_driver$(EXE) crypto/test/kernel_driver$(EXE) \
+ crypto/test/rand_gen$(EXE) crypto/test/sha1_driver$(EXE) \
+ crypto/test/stat_driver$(EXE)
+
+testapp = $(crypto_testapp) test/srtp_driver$(EXE) test/replay_driver$(EXE) \
+ test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE) \
+ test/dtls_srtp_driver$(EXE)
+
+$(testapp): libsrtp.a
+
+test/rtpw$(EXE): test/rtpw.c test/rtp.c test/getopt_s.c
+ $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+
+test/srtp_driver$(EXE): test/srtp_driver.c test/getopt_s.c
+ $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+
+test/rdbx_driver$(EXE): test/rdbx_driver.c test/getopt_s.c
+ $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+
+test/dtls_srtp_driver$(EXE): test/dtls_srtp_driver.c test/getopt_s.c
+ $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+
+test: $(testapp)
+ @echo "Build done. Please run '$(MAKE) runtest' to run self tests."
+
+memtest: test/srtp_driver
+ @test/srtp_driver -v -d "alloc" > tmp
+ @grep freed tmp | wc -l > freed
+ @grep allocated tmp | wc -l > allocated
+ @echo "checking for memory leaks (only works with --enable-stdout)"
+ cmp -s allocated freed
+ @echo "passed (same number of alloc() and dealloc() calls found)"
+ @rm freed allocated tmp
+
+# tables_apps are used to generate the tables used in the crypto
+# implementations; these need only be generated during porting, not
+# for building libsrtp or the test applications
+
+table_apps = tables/aes_tables
+
+build_table_apps: $(table_apps)
+
+# in the tables/ subdirectory, we use libcryptomath instead of libsrtp
+
+tables/%: tables/%.c libcryptomath.a
+ $(COMPILE) $(LDFLAGS) $< -o $@ $(LIBS) libcryptomath.a
+
+# the target 'plot' runs the timing test (test/srtp_driver -t) then
+# uses gnuplot to produce plots of the results - see the script file
+# 'timing'
+
+plot: test/srtp_driver
+ test/srtp_driver -t > timing.dat
+
+
+# bookkeeping: tags, clean, and distribution
+
+tags:
+ etags */*.[ch] */*/*.[ch]
+
+
+# documentation - the target libsrtpdoc builds a PDF file documenting
+# libsrtp
+
+libsrtpdoc:
+ $(MAKE) -C doc
+
+.PHONY: clean superclean install
+
+install:
+ @if [ -d $(DESTDIR)$(includedir)/srtp ]; then \
+ echo "you should run 'make uninstall' first"; exit 1; \
+ fi
+ $(INSTALL) -d $(DESTDIR)$(includedir)/srtp
+ $(INSTALL) -d $(DESTDIR)$(libdir)
+ cp include/*.h $(DESTDIR)$(includedir)/srtp
+ cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp
+ if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi
+
+uninstall:
+ rm -rf $(DESTDIR)$(includedir)/srtp
+ rm -rf $(DESTDIR)$(libdir)/libsrtp.a
+
+clean:
+ rm -rf $(cryptobj) $(srtpobj) $(cryptomath) TAGS \
+ libcryptomath.a libsrtp.a core *.core test/core
+ for a in * */* */*/*; do \
+ if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
+ done;
+ for a in $(testapp) $(table_apps); do rm -rf $$a$(EXE); done
+ rm -rf *.pict *.jpg *.dat
+ rm -rf freed allocated tmp
+ $(MAKE) -C doc clean
+ $(MAKE) -C crypto clean
+
+
+superclean: clean
+ rm -rf crypto/include/config.h config.log config.cache config.status \
+ Makefile .gdb_history test/.gdb_history .DS_Store
+ rm -rf autom4te.cache
+
+distname = srtp-$(shell cat VERSION)
+
+distribution: runtest superclean
+ if ! [ -f VERSION ]; then exit 1; fi
+ if [ -f ../$(distname).tgz ]; then \
+ mv ../$(distname).tgz ../$(distname).tgz.bak; \
+ fi
+ cd ..; tar cvzf $(distname).tgz srtp
+
+# EOF
diff --git a/srtp/Makefile.in b/srtp/Makefile.in
new file mode 100644
index 0000000..97f5cb8
--- /dev/null
+++ b/srtp/Makefile.in
@@ -0,0 +1,232 @@
+# Makefile for secure rtp
+#
+# David A. McGrew
+# Cisco Systems, Inc.
+
+# targets:
+#
+# runtest runs test applications
+# test builds test applications
+# libcrypt.a static library implementing crypto engine
+# libsrtp.a static library implementing srtp
+# clean removes objects, libs, and executables
+# distribution cleans and builds a .tgz
+# tags builds etags file from all .c and .h files
+
+.PHONY: all test build_table_apps
+
+all: test
+
+runtest: build_table_apps test
+ @echo "running libsrtp test applications..."
+ crypto/test/cipher_driver$(EXE) -v >/dev/null
+ crypto/test/kernel_driver$(EXE) -v >/dev/null
+ test/rdbx_driver$(EXE) -v >/dev/null
+ test/srtp_driver$(EXE) -v >/dev/null
+ test/roc_driver$(EXE) -v >/dev/null
+ test/replay_driver$(EXE) -v >/dev/null
+ test/dtls_srtp_driver$(EXE) >/dev/null
+ cd test; ./rtpw_test.sh >/dev/null
+ @echo "libsrtp test applications passed."
+ $(MAKE) -C crypto runtest
+
+# makefile variables
+
+CC = @CC@
+INCDIR = -Icrypto/include -I$(srcdir)/include -I$(srcdir)/crypto/include
+DEFS = @DEFS@
+CPPFLAGS= @CPPFLAGS@
+CFLAGS = @CFLAGS@
+LIBS = @LIBS@
+LDFLAGS = @LDFLAGS@ -L.
+COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS)
+SRTPLIB = -lsrtp
+
+RANLIB = @RANLIB@
+INSTALL = @INSTALL@
+
+# EXE defines the suffix on executables - it's .exe for Windows, and
+# null on linux, bsd, and OS X and other OSes.
+EXE = @EXE@
+# gdoi is the group domain of interpretation for isakmp, a group key
+# management system which can provide keys for srtp
+gdoi = @GDOI_OBJS@
+# Random source.
+RNG_OBJS = @RNG_OBJS@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+top_builddir = @top_builddir@
+VPATH = @srcdir@
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+includedir = @includedir@
+libdir = @libdir@
+
+
+# implicit rules for object files and test apps
+
+%.o: %.c
+ $(COMPILE) -c $< -o $@
+
+%$(EXE): %.c
+ $(COMPILE) $(LDFLAGS) $< -o $@ $(SRTPLIB) $(LIBS)
+
+
+# libcrypt.a (the crypto engine)
+ciphers = crypto/cipher/cipher.o crypto/cipher/null_cipher.o \
+ crypto/cipher/aes.o crypto/cipher/aes_icm.o \
+ crypto/cipher/aes_cbc.o
+
+hashes = crypto/hash/null_auth.o crypto/hash/sha1.o \
+ crypto/hash/hmac.o crypto/hash/auth.o # crypto/hash/tmmhv2.o
+
+replay = crypto/replay/rdb.o crypto/replay/rdbx.o \
+ crypto/replay/ut_sim.o
+
+math = crypto/math/datatypes.o crypto/math/stat.o
+
+ust = crypto/ust/ust.o
+
+rng = crypto/rng/$(RNG_OBJS) crypto/rng/prng.o crypto/rng/ctr_prng.o
+
+err = crypto/kernel/err.o
+
+kernel = crypto/kernel/crypto_kernel.o crypto/kernel/alloc.o \
+ crypto/kernel/key.o $(rng) $(err) # $(ust)
+
+cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(replay)
+
+# libsrtp.a (implements srtp processing)
+
+srtpobj = srtp/srtp.o
+
+libsrtp.a: $(srtpobj) $(cryptobj) $(gdoi)
+ ar cr libsrtp.a $^
+ $(RANLIB) libsrtp.a
+
+# libcryptomath.a contains general-purpose routines that are used to
+# generate tables and verify cryptoalgorithm implementations - this
+# library is not meant to be included in production code
+
+cryptomath = crypto/math/math.o crypto/math/gf2_8.o
+
+libcryptomath.a: $(cryptomath)
+ ar cr libcryptomath.a $(cryptomath)
+ $(RANLIB) libcryptomath.a
+
+
+# test applications
+
+crypto_testapp = crypto/test/aes_calc$(EXE) crypto/test/cipher_driver$(EXE) \
+ crypto/test/datatypes_driver$(EXE) crypto/test/kernel_driver$(EXE) \
+ crypto/test/rand_gen$(EXE) crypto/test/sha1_driver$(EXE) \
+ crypto/test/stat_driver$(EXE)
+
+testapp = $(crypto_testapp) test/srtp_driver$(EXE) test/replay_driver$(EXE) \
+ test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE) \
+ test/dtls_srtp_driver$(EXE)
+
+$(testapp): libsrtp.a
+
+test/rtpw$(EXE): test/rtpw.c test/rtp.c test/getopt_s.c
+ $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+
+test/srtp_driver$(EXE): test/srtp_driver.c test/getopt_s.c
+ $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+
+test/rdbx_driver$(EXE): test/rdbx_driver.c test/getopt_s.c
+ $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+
+test/dtls_srtp_driver$(EXE): test/dtls_srtp_driver.c test/getopt_s.c
+ $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+
+test: $(testapp)
+ @echo "Build done. Please run '$(MAKE) runtest' to run self tests."
+
+memtest: test/srtp_driver
+ @test/srtp_driver -v -d "alloc" > tmp
+ @grep freed tmp | wc -l > freed
+ @grep allocated tmp | wc -l > allocated
+ @echo "checking for memory leaks (only works with --enable-stdout)"
+ cmp -s allocated freed
+ @echo "passed (same number of alloc() and dealloc() calls found)"
+ @rm freed allocated tmp
+
+# tables_apps are used to generate the tables used in the crypto
+# implementations; these need only be generated during porting, not
+# for building libsrtp or the test applications
+
+table_apps = tables/aes_tables
+
+build_table_apps: $(table_apps)
+
+# in the tables/ subdirectory, we use libcryptomath instead of libsrtp
+
+tables/%: tables/%.c libcryptomath.a
+ $(COMPILE) $(LDFLAGS) $< -o $@ $(LIBS) libcryptomath.a
+
+# the target 'plot' runs the timing test (test/srtp_driver -t) then
+# uses gnuplot to produce plots of the results - see the script file
+# 'timing'
+
+plot: test/srtp_driver
+ test/srtp_driver -t > timing.dat
+
+
+# bookkeeping: tags, clean, and distribution
+
+tags:
+ etags */*.[ch] */*/*.[ch]
+
+
+# documentation - the target libsrtpdoc builds a PDF file documenting
+# libsrtp
+
+libsrtpdoc:
+ $(MAKE) -C doc
+
+.PHONY: clean superclean install
+
+install:
+ @if [ -d $(DESTDIR)$(includedir)/srtp ]; then \
+ echo "you should run 'make uninstall' first"; exit 1; \
+ fi
+ $(INSTALL) -d $(DESTDIR)$(includedir)/srtp
+ $(INSTALL) -d $(DESTDIR)$(libdir)
+ cp include/*.h $(DESTDIR)$(includedir)/srtp
+ cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp
+ if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi
+
+uninstall:
+ rm -rf $(DESTDIR)$(includedir)/srtp
+ rm -rf $(DESTDIR)$(libdir)/libsrtp.a
+
+clean:
+ rm -rf $(cryptobj) $(srtpobj) $(cryptomath) TAGS \
+ libcryptomath.a libsrtp.a core *.core test/core
+ for a in * */* */*/*; do \
+ if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
+ done;
+ for a in $(testapp) $(table_apps); do rm -rf $$a$(EXE); done
+ rm -rf *.pict *.jpg *.dat
+ rm -rf freed allocated tmp
+ $(MAKE) -C doc clean
+ $(MAKE) -C crypto clean
+
+
+superclean: clean
+ rm -rf crypto/include/config.h config.log config.cache config.status \
+ Makefile .gdb_history test/.gdb_history .DS_Store
+ rm -rf autom4te.cache
+
+distname = srtp-$(shell cat VERSION)
+
+distribution: runtest superclean
+ if ! [ -f VERSION ]; then exit 1; fi
+ if [ -f ../$(distname).tgz ]; then \
+ mv ../$(distname).tgz ../$(distname).tgz.bak; \
+ fi
+ cd ..; tar cvzf $(distname).tgz srtp
+
+# EOF
diff --git a/srtp/README b/srtp/README
new file mode 100644
index 0000000..08fafae
--- /dev/null
+++ b/srtp/README
@@ -0,0 +1,174 @@
+Secure RTP (SRTP) Reference Implementation
+David A. McGrew
+Cisco Systems, Inc.
+mcgrew@cisco.com
+
+
+This package provides an implementation of the Secure Real-time
+Transport Protocol (SRTP), the Universal Security Transform (UST), and
+a supporting cryptographic kernel. These mechanisms are documented in
+the Internet Drafts in the doc/ subdirectory. The SRTP API is
+documented in include/srtp.h, and the library is in libsrtp.a (after
+compilation). An overview and reference manual is available in
+doc/libsrtp.pdf. The PDF documentation is more up to date than this
+file.
+
+
+Installation:
+
+./configure [ options ] # GNU autoconf script
+make # or gmake if needed; use GNU make
+
+The configure script accepts the following options:
+
+ --help provides a usage summary
+ --disable-debug compile without the runtime debugging system
+ --enable-syslog use syslog for error reporting
+ --disable-stdout use stdout for error reporting
+ --enable-console use /dev/console for error reporting
+ --gdoi use GDOI key management (disabled at present)
+
+By default, debbuging is enabled and stdout is used for debugging.
+You can use the above configure options to have the debugging output
+sent to syslog or the system console. Alternatively, you can define
+ERR_REPORTING_FILE in include/conf.h to be any other file that can be
+opened by libSRTP, and debug messages will be sent to it.
+
+This package has been tested on Mac OS X (powerpc-apple-darwin1.4),
+Cygwin (i686-pc-cygwin), and Sparc (sparc-sun-solaris2.6). Previous
+versions have been tested on Linux and OpenBSD on both x86 and sparc
+platforms.
+
+A quick tour of this package:
+
+Makefile targets: all, clean, ...
+README this file
+CHANGES change log
+VERSION version number of this package
+LICENSE legal details (it's a BSD-like license)
+crypto/ciphers/ ciphers (null, aes_icm, ...)
+crypto/math/ crypto math routines
+crypto/hash/ crypto hashing (hmac, tmmhv2, ...)
+crypto/replay/ replay protection
+doc/ documentation: rfcs, apis, and suchlike
+include/ include files for all code in distribution
+srtp/ secure real-time transport protocol implementation
+tables/ apps for generating tables (useful in porting)
+test/ test drivers
+
+
+Applications
+
+ Several test drivers and a simple and portable srtp application
+ are included in the test/ subdirectory.
+
+ test driver function tested
+ -------------------------------------------------------------
+ kernel_driver crypto kernel (ciphers, auth funcs, rng)
+ srtp_driver srtp in-memory tests (does not use the network)
+ rdbx_driver rdbx (extended replay database)
+ roc_driver extended sequence number functions
+ replay_driver replay database (n.b. not used in libsrtp)
+ cipher_driver ciphers
+ auth_driver hash functions
+
+ The app rtpw is a simple rtp application which reads words from
+ /usr/dict/words and then sends them out one at a time using [s]rtp.
+ Manual srtp keying uses the -k option; automated key management
+ using gdoi will be added later.
+
+usage: rtpw [-d <debug>]* [-k <key> [-a][-e]] [-s | -r] dest_ip dest_port
+or rtpw -l
+
+ Either the -s (sender) or -r (receiver) option must be chosen.
+
+ The values dest_ip, dest_port are the ip address and udp port to
+ which the dictionary will be sent, respectively.
+
+ options:
+
+ -s (s)rtp sender - causes app to send words
+
+ -r (s)rtp receive - causes app to receve words
+
+ -k <key> use srtp master key <key>, where the
+ key is a hexadecimal value (without the
+ leading "0x")
+
+ -e encrypt/decrypt (for data confidentiality)
+ (requires use of -k option as well)
+
+ -a message authentication
+ (requires use of -k option as well)
+
+ -l list debug modules
+
+ -d <debug> turn on debugging for module <debug>
+
+
+In order to get random 30-byte values for use as key/salt pairs , you
+can use the following bash function to format the output of
+/dev/random (where that device is available).
+
+function randhex() {
+ cat /dev/random | od --read-bytes=32 --width=32 -x | awk '{ print $2 $3 $4 $5 $6 $7 $8 $9 $10 $11 $12 $13 $14 $15 $16 }'
+}
+
+
+An example of an SRTP session using two rtpw programs follows:
+
+set k=c1eec3717da76195bb878578790af71c4ee9f859e197a414a78d5abc7451
+
+[sh1]$ test/rtpw -s -k $k -ea 0.0.0.0 9999
+Security services: confidentiality message authentication
+set master key/salt to C1EEC3717DA76195BB878578790AF71C/4EE9F859E197A414A78D5ABC7451
+setting SSRC to 2078917053
+sending word: A
+sending word: a
+sending word: aa
+sending word: aal
+...
+
+[sh2]$ test/rtpw -r -k $k -ea 0.0.0.0 9999
+security services: confidentiality message authentication
+set master key/salt to C1EEC3717DA76195BB878578790AF71C/4EE9F859E197A414A78D5ABC7451
+19 octets received from SSRC 2078917053 word: A
+19 octets received from SSRC 2078917053 word: a
+20 octets received from SSRC 2078917053 word: aa
+21 octets received from SSRC 2078917053 word: aal
+...
+
+Implementation Notes
+
+ * The srtp_protect() function assumes that the buffer holding the
+ rtp packet has enough storage allocated that the authentication
+ tag can be written to the end of that packet. If this assumption
+ is not valid, memory corruption will ensue.
+
+ * Automated tests for the crypto functions are provided through
+ the cipher_type_self_test() and auth_type_self_test() functions.
+ These functions should be used to test each port of this code
+ to a new platform.
+
+ * Replay protection is contained in the crypto engine, and
+ tests for it are provided.
+
+ * This implementation provides calls to initialize, protect, and
+ unprotect RTP packets, and makes as few as possible assumptions
+ about how these functions will be called. For example, the
+ caller is not expected to provide packets in order (though if
+ they're called more than 65k out of sequence, synchronization
+ will be lost).
+
+ * The sequence number in the rtp packet is used as the low 16 bits
+ of the sender's local packet index. Note that RTP will start its
+ sequence number in a random place, and the SRTP layer just jumps
+ forward to that number at its first invocation. An earlier
+ version of this library used initial sequence numbers that are
+ less than 32,768; this trick is no longer required as the
+ rdbx_estimate_index(...) function has been made smarter.
+
+ * The replay window is 128 bits in length, and is hard-coded to this
+ value for now.
+
+
diff --git a/srtp/TODO b/srtp/TODO
new file mode 100644
index 0000000..18846e8
--- /dev/null
+++ b/srtp/TODO
@@ -0,0 +1,66 @@
+TODO List
+
+1.4.1
+
+ - document which fields are in NBO/HBO, and check for consistency.
+
+ - move HAVE_U_LONG_LONG inside of datatypes.c, or some other
+ separate file
+
+ - re-write configure.in to make cross-compilation easier
+
+ - eliminate GENERIC_AESICM by generalizing the code a bit
+
+Older comments
+
+ - add tests for key_limit_t datatype
+
+ - move octet_get_weight() from datatypes.c to math.c (any other
+ funcs?)
+
+Changes and additions planned
+
+ Make cipher and auth dealloc() functions zeroize the key-storage
+ areas before calling free().
+
+ Eliminate key_len from auth_init()
+
+ Doucument internal APIs (cipher, auth, srtp_protect, ...)
+
+
+SRTP options not (yet) included in this libaray:
+
+ - the aes-f8-mode cipher
+ - the Master Key Index
+ - re-keying using the key derivation function (only the initial
+ use of the PRF has been implemented, as it's sufficient
+ for most uses)
+
+
+(OLD) PLANNED CHANGES
+
+ strip out test/lfsr.c
+
+ Write new documentation!!!
+
+ Fix the x86 assembly code in aes.c.
+
+ Eliminate /* DAM */ - there's one in srtp.c
+
+ Change debugging so that it can print more than one line. Or perhaps
+ just change it so that a single check of the debug-enabled flag is
+ needed.
+
+ Improve interface between cipher and rdbx - perhaps generalize rdbx
+ into 'nonce' datatype.
+
+ Make rijndael_icm accept variable sized keys.
+
+ Add rdbx functions that allow different-sized explicit sequence
+ numbers to be used.
+
+ Write uniform byte-buffering code for PRFs, preferably as macros.
+
+ Consider eliminating low-level alloc functions in favor of len()
+ functions, so that there need not be multiple allocations within a
+ particular alloc() function.
diff --git a/srtp/VERSION b/srtp/VERSION
new file mode 100644
index 0000000..1c99cf0
--- /dev/null
+++ b/srtp/VERSION
@@ -0,0 +1 @@
+1.4.4
diff --git a/srtp/config.guess b/srtp/config.guess
new file mode 100755
index 0000000..7d0185e
--- /dev/null
+++ b/srtp/config.guess
@@ -0,0 +1,1447 @@
+#! /bin/sh
+# Attempt to guess a canonical system name.
+# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
+# 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
+
+timestamp='2004-09-07'
+
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Originally written by Per Bothner <per@bothner.com>.
+# Please send patches to <config-patches@gnu.org>. Submit a context
+# diff and a properly formatted ChangeLog entry.
+#
+# This script attempts to guess a canonical system name similar to
+# config.sub. If it succeeds, it prints the system name on stdout, and
+# exits with 0. Otherwise, it exits with 1.
+#
+# The plan is that this can be called by configure scripts if you
+# don't specify an explicit build system type.
+
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION]
+
+Output the configuration name of the system \`$me' is run on.
+
+Operation modes:
+ -h, --help print this help, then exit
+ -t, --time-stamp print date of last modification, then exit
+ -v, --version print version number, then exit
+
+Report bugs and patches to <config-patches@gnu.org>."
+
+version="\
+GNU config.guess ($timestamp)
+
+Originally written by Per Bothner.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004
+Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions. There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+ case $1 in
+ --time-stamp | --time* | -t )
+ echo "$timestamp" ; exit 0 ;;
+ --version | -v )
+ echo "$version" ; exit 0 ;;
+ --help | --h* | -h )
+ echo "$usage"; exit 0 ;;
+ -- ) # Stop option processing
+ shift; break ;;
+ - ) # Use stdin as input.
+ break ;;
+ -* )
+ echo "$me: invalid option $1$help" >&2
+ exit 1 ;;
+ * )
+ break ;;
+ esac
+done
+
+if test $# != 0; then
+ echo "$me: too many arguments$help" >&2
+ exit 1
+fi
+
+trap 'exit 1' 1 2 15
+
+# CC_FOR_BUILD -- compiler used by this script. Note that the use of a
+# compiler to aid in system detection is discouraged as it requires
+# temporary files to be created and, as you can see below, it is a
+# headache to deal with in a portable fashion.
+
+# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still
+# use `HOST_CC' if defined, but it is deprecated.
+
+# Portable tmp directory creation inspired by the Autoconf team.
+
+set_cc_for_build='
+trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ;
+trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ;
+: ${TMPDIR=/tmp} ;
+ { tmp=`(umask 077 && mktemp -d -q "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } ||
+ { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } ||
+ { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } ||
+ { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ;
+dummy=$tmp/dummy ;
+tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ;
+case $CC_FOR_BUILD,$HOST_CC,$CC in
+ ,,) echo "int x;" > $dummy.c ;
+ for c in cc gcc c89 c99 ; do
+ if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then
+ CC_FOR_BUILD="$c"; break ;
+ fi ;
+ done ;
+ if test x"$CC_FOR_BUILD" = x ; then
+ CC_FOR_BUILD=no_compiler_found ;
+ fi
+ ;;
+ ,,*) CC_FOR_BUILD=$CC ;;
+ ,*,*) CC_FOR_BUILD=$HOST_CC ;;
+esac ;'
+
+# This is needed to find uname on a Pyramid OSx when run in the BSD universe.
+# (ghazi@noc.rutgers.edu 1994-08-24)
+if (test -f /.attbin/uname) >/dev/null 2>&1 ; then
+ PATH=$PATH:/.attbin ; export PATH
+fi
+
+UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown
+UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown
+UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown
+UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
+
+# Note: order is significant - the case branches are not exclusive.
+
+case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
+ *:NetBSD:*:*)
+ # NetBSD (nbsd) targets should (where applicable) match one or
+ # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*,
+ # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently
+ # switched to ELF, *-*-netbsd* would select the old
+ # object file format. This provides both forward
+ # compatibility and a consistent mechanism for selecting the
+ # object file format.
+ #
+ # Note: NetBSD doesn't particularly care about the vendor
+ # portion of the name. We always set it to "unknown".
+ sysctl="sysctl -n hw.machine_arch"
+ UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \
+ /usr/sbin/$sysctl 2>/dev/null || echo unknown)`
+ case "${UNAME_MACHINE_ARCH}" in
+ armeb) machine=armeb-unknown ;;
+ arm*) machine=arm-unknown ;;
+ sh3el) machine=shl-unknown ;;
+ sh3eb) machine=sh-unknown ;;
+ *) machine=${UNAME_MACHINE_ARCH}-unknown ;;
+ esac
+ # The Operating System including object format, if it has switched
+ # to ELF recently, or will in the future.
+ case "${UNAME_MACHINE_ARCH}" in
+ arm*|i386|m68k|ns32k|sh3*|sparc|vax)
+ eval $set_cc_for_build
+ if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
+ | grep __ELF__ >/dev/null
+ then
+ # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
+ # Return netbsd for either. FIX?
+ os=netbsd
+ else
+ os=netbsdelf
+ fi
+ ;;
+ *)
+ os=netbsd
+ ;;
+ esac
+ # The OS release
+ # Debian GNU/NetBSD machines have a different userland, and
+ # thus, need a distinct triplet. However, they do not need
+ # kernel version information, so it can be replaced with a
+ # suitable tag, in the style of linux-gnu.
+ case "${UNAME_VERSION}" in
+ Debian*)
+ release='-gnu'
+ ;;
+ *)
+ release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
+ ;;
+ esac
+ # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM:
+ # contains redundant information, the shorter form:
+ # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used.
+ echo "${machine}-${os}${release}"
+ exit 0 ;;
+ amd64:OpenBSD:*:*)
+ echo x86_64-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ amiga:OpenBSD:*:*)
+ echo m68k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ cats:OpenBSD:*:*)
+ echo arm-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ hp300:OpenBSD:*:*)
+ echo m68k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ luna88k:OpenBSD:*:*)
+ echo m88k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ mac68k:OpenBSD:*:*)
+ echo m68k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ macppc:OpenBSD:*:*)
+ echo powerpc-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ mvme68k:OpenBSD:*:*)
+ echo m68k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ mvme88k:OpenBSD:*:*)
+ echo m88k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ mvmeppc:OpenBSD:*:*)
+ echo powerpc-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ sgi:OpenBSD:*:*)
+ echo mips64-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ sun3:OpenBSD:*:*)
+ echo m68k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ *:OpenBSD:*:*)
+ echo ${UNAME_MACHINE}-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ *:ekkoBSD:*:*)
+ echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE}
+ exit 0 ;;
+ macppc:MirBSD:*:*)
+ echo powerppc-unknown-mirbsd${UNAME_RELEASE}
+ exit 0 ;;
+ *:MirBSD:*:*)
+ echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE}
+ exit 0 ;;
+ alpha:OSF1:*:*)
+ case $UNAME_RELEASE in
+ *4.0)
+ UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'`
+ ;;
+ *5.*)
+ UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'`
+ ;;
+ esac
+ # According to Compaq, /usr/sbin/psrinfo has been available on
+ # OSF/1 and Tru64 systems produced since 1995. I hope that
+ # covers most systems running today. This code pipes the CPU
+ # types through head -n 1, so we only detect the type of CPU 0.
+ ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1`
+ case "$ALPHA_CPU_TYPE" in
+ "EV4 (21064)")
+ UNAME_MACHINE="alpha" ;;
+ "EV4.5 (21064)")
+ UNAME_MACHINE="alpha" ;;
+ "LCA4 (21066/21068)")
+ UNAME_MACHINE="alpha" ;;
+ "EV5 (21164)")
+ UNAME_MACHINE="alphaev5" ;;
+ "EV5.6 (21164A)")
+ UNAME_MACHINE="alphaev56" ;;
+ "EV5.6 (21164PC)")
+ UNAME_MACHINE="alphapca56" ;;
+ "EV5.7 (21164PC)")
+ UNAME_MACHINE="alphapca57" ;;
+ "EV6 (21264)")
+ UNAME_MACHINE="alphaev6" ;;
+ "EV6.7 (21264A)")
+ UNAME_MACHINE="alphaev67" ;;
+ "EV6.8CB (21264C)")
+ UNAME_MACHINE="alphaev68" ;;
+ "EV6.8AL (21264B)")
+ UNAME_MACHINE="alphaev68" ;;
+ "EV6.8CX (21264D)")
+ UNAME_MACHINE="alphaev68" ;;
+ "EV6.9A (21264/EV69A)")
+ UNAME_MACHINE="alphaev69" ;;
+ "EV7 (21364)")
+ UNAME_MACHINE="alphaev7" ;;
+ "EV7.9 (21364A)")
+ UNAME_MACHINE="alphaev79" ;;
+ esac
+ # A Pn.n version is a patched version.
+ # A Vn.n version is a released version.
+ # A Tn.n version is a released field test version.
+ # A Xn.n version is an unreleased experimental baselevel.
+ # 1.2 uses "1.2" for uname -r.
+ echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+ exit 0 ;;
+ Alpha\ *:Windows_NT*:*)
+ # How do we know it's Interix rather than the generic POSIX subsystem?
+ # Should we change UNAME_MACHINE based on the output of uname instead
+ # of the specific Alpha model?
+ echo alpha-pc-interix
+ exit 0 ;;
+ 21064:Windows_NT:50:3)
+ echo alpha-dec-winnt3.5
+ exit 0 ;;
+ Amiga*:UNIX_System_V:4.0:*)
+ echo m68k-unknown-sysv4
+ exit 0;;
+ *:[Aa]miga[Oo][Ss]:*:*)
+ echo ${UNAME_MACHINE}-unknown-amigaos
+ exit 0 ;;
+ *:[Mm]orph[Oo][Ss]:*:*)
+ echo ${UNAME_MACHINE}-unknown-morphos
+ exit 0 ;;
+ *:OS/390:*:*)
+ echo i370-ibm-openedition
+ exit 0 ;;
+ *:OS400:*:*)
+ echo powerpc-ibm-os400
+ exit 0 ;;
+ arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
+ echo arm-acorn-riscix${UNAME_RELEASE}
+ exit 0;;
+ SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*)
+ echo hppa1.1-hitachi-hiuxmpp
+ exit 0;;
+ Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*)
+ # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE.
+ if test "`(/bin/universe) 2>/dev/null`" = att ; then
+ echo pyramid-pyramid-sysv3
+ else
+ echo pyramid-pyramid-bsd
+ fi
+ exit 0 ;;
+ NILE*:*:*:dcosx)
+ echo pyramid-pyramid-svr4
+ exit 0 ;;
+ DRS?6000:unix:4.0:6*)
+ echo sparc-icl-nx6
+ exit 0 ;;
+ DRS?6000:UNIX_SV:4.2*:7*)
+ case `/usr/bin/uname -p` in
+ sparc) echo sparc-icl-nx7 && exit 0 ;;
+ esac ;;
+ sun4H:SunOS:5.*:*)
+ echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit 0 ;;
+ sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
+ echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit 0 ;;
+ i86pc:SunOS:5.*:*)
+ echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit 0 ;;
+ sun4*:SunOS:6*:*)
+ # According to config.sub, this is the proper way to canonicalize
+ # SunOS6. Hard to guess exactly what SunOS6 will be like, but
+ # it's likely to be more like Solaris than SunOS4.
+ echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit 0 ;;
+ sun4*:SunOS:*:*)
+ case "`/usr/bin/arch -k`" in
+ Series*|S4*)
+ UNAME_RELEASE=`uname -v`
+ ;;
+ esac
+ # Japanese Language versions have a version number like `4.1.3-JL'.
+ echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'`
+ exit 0 ;;
+ sun3*:SunOS:*:*)
+ echo m68k-sun-sunos${UNAME_RELEASE}
+ exit 0 ;;
+ sun*:*:4.2BSD:*)
+ UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null`
+ test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3
+ case "`/bin/arch`" in
+ sun3)
+ echo m68k-sun-sunos${UNAME_RELEASE}
+ ;;
+ sun4)
+ echo sparc-sun-sunos${UNAME_RELEASE}
+ ;;
+ esac
+ exit 0 ;;
+ aushp:SunOS:*:*)
+ echo sparc-auspex-sunos${UNAME_RELEASE}
+ exit 0 ;;
+ # The situation for MiNT is a little confusing. The machine name
+ # can be virtually everything (everything which is not
+ # "atarist" or "atariste" at least should have a processor
+ # > m68000). The system name ranges from "MiNT" over "FreeMiNT"
+ # to the lowercase version "mint" (or "freemint"). Finally
+ # the system name "TOS" denotes a system which is actually not
+ # MiNT. But MiNT is downward compatible to TOS, so this should
+ # be no problem.
+ atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*)
+ echo m68k-atari-mint${UNAME_RELEASE}
+ exit 0 ;;
+ atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*)
+ echo m68k-atari-mint${UNAME_RELEASE}
+ exit 0 ;;
+ *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*)
+ echo m68k-atari-mint${UNAME_RELEASE}
+ exit 0 ;;
+ milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*)
+ echo m68k-milan-mint${UNAME_RELEASE}
+ exit 0 ;;
+ hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*)
+ echo m68k-hades-mint${UNAME_RELEASE}
+ exit 0 ;;
+ *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
+ echo m68k-unknown-mint${UNAME_RELEASE}
+ exit 0 ;;
+ m68k:machten:*:*)
+ echo m68k-apple-machten${UNAME_RELEASE}
+ exit 0 ;;
+ powerpc:machten:*:*)
+ echo powerpc-apple-machten${UNAME_RELEASE}
+ exit 0 ;;
+ RISC*:Mach:*:*)
+ echo mips-dec-mach_bsd4.3
+ exit 0 ;;
+ RISC*:ULTRIX:*:*)
+ echo mips-dec-ultrix${UNAME_RELEASE}
+ exit 0 ;;
+ VAX*:ULTRIX*:*:*)
+ echo vax-dec-ultrix${UNAME_RELEASE}
+ exit 0 ;;
+ 2020:CLIX:*:* | 2430:CLIX:*:*)
+ echo clipper-intergraph-clix${UNAME_RELEASE}
+ exit 0 ;;
+ mips:*:*:UMIPS | mips:*:*:RISCos)
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+#ifdef __cplusplus
+#include <stdio.h> /* for printf() prototype */
+ int main (int argc, char *argv[]) {
+#else
+ int main (argc, argv) int argc; char *argv[]; {
+#endif
+ #if defined (host_mips) && defined (MIPSEB)
+ #if defined (SYSTYPE_SYSV)
+ printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0);
+ #endif
+ #if defined (SYSTYPE_SVR4)
+ printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0);
+ #endif
+ #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD)
+ printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0);
+ #endif
+ #endif
+ exit (-1);
+ }
+EOF
+ $CC_FOR_BUILD -o $dummy $dummy.c \
+ && $dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \
+ && exit 0
+ echo mips-mips-riscos${UNAME_RELEASE}
+ exit 0 ;;
+ Motorola:PowerMAX_OS:*:*)
+ echo powerpc-motorola-powermax
+ exit 0 ;;
+ Motorola:*:4.3:PL8-*)
+ echo powerpc-harris-powermax
+ exit 0 ;;
+ Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*)
+ echo powerpc-harris-powermax
+ exit 0 ;;
+ Night_Hawk:Power_UNIX:*:*)
+ echo powerpc-harris-powerunix
+ exit 0 ;;
+ m88k:CX/UX:7*:*)
+ echo m88k-harris-cxux7
+ exit 0 ;;
+ m88k:*:4*:R4*)
+ echo m88k-motorola-sysv4
+ exit 0 ;;
+ m88k:*:3*:R3*)
+ echo m88k-motorola-sysv3
+ exit 0 ;;
+ AViiON:dgux:*:*)
+ # DG/UX returns AViiON for all architectures
+ UNAME_PROCESSOR=`/usr/bin/uname -p`
+ if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ]
+ then
+ if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \
+ [ ${TARGET_BINARY_INTERFACE}x = x ]
+ then
+ echo m88k-dg-dgux${UNAME_RELEASE}
+ else
+ echo m88k-dg-dguxbcs${UNAME_RELEASE}
+ fi
+ else
+ echo i586-dg-dgux${UNAME_RELEASE}
+ fi
+ exit 0 ;;
+ M88*:DolphinOS:*:*) # DolphinOS (SVR3)
+ echo m88k-dolphin-sysv3
+ exit 0 ;;
+ M88*:*:R3*:*)
+ # Delta 88k system running SVR3
+ echo m88k-motorola-sysv3
+ exit 0 ;;
+ XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3)
+ echo m88k-tektronix-sysv3
+ exit 0 ;;
+ Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD)
+ echo m68k-tektronix-bsd
+ exit 0 ;;
+ *:IRIX*:*:*)
+ echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'`
+ exit 0 ;;
+ ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX.
+ echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id
+ exit 0 ;; # Note that: echo "'`uname -s`'" gives 'AIX '
+ i*86:AIX:*:*)
+ echo i386-ibm-aix
+ exit 0 ;;
+ ia64:AIX:*:*)
+ if [ -x /usr/bin/oslevel ] ; then
+ IBM_REV=`/usr/bin/oslevel`
+ else
+ IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
+ fi
+ echo ${UNAME_MACHINE}-ibm-aix${IBM_REV}
+ exit 0 ;;
+ *:AIX:2:3)
+ if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #include <sys/systemcfg.h>
+
+ main()
+ {
+ if (!__power_pc())
+ exit(1);
+ puts("powerpc-ibm-aix3.2.5");
+ exit(0);
+ }
+EOF
+ $CC_FOR_BUILD -o $dummy $dummy.c && $dummy && exit 0
+ echo rs6000-ibm-aix3.2.5
+ elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
+ echo rs6000-ibm-aix3.2.4
+ else
+ echo rs6000-ibm-aix3.2
+ fi
+ exit 0 ;;
+ *:AIX:*:[45])
+ IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
+ if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
+ IBM_ARCH=rs6000
+ else
+ IBM_ARCH=powerpc
+ fi
+ if [ -x /usr/bin/oslevel ] ; then
+ IBM_REV=`/usr/bin/oslevel`
+ else
+ IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
+ fi
+ echo ${IBM_ARCH}-ibm-aix${IBM_REV}
+ exit 0 ;;
+ *:AIX:*:*)
+ echo rs6000-ibm-aix
+ exit 0 ;;
+ ibmrt:4.4BSD:*|romp-ibm:BSD:*)
+ echo romp-ibm-bsd4.4
+ exit 0 ;;
+ ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and
+ echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to
+ exit 0 ;; # report: romp-ibm BSD 4.3
+ *:BOSX:*:*)
+ echo rs6000-bull-bosx
+ exit 0 ;;
+ DPX/2?00:B.O.S.:*:*)
+ echo m68k-bull-sysv3
+ exit 0 ;;
+ 9000/[34]??:4.3bsd:1.*:*)
+ echo m68k-hp-bsd
+ exit 0 ;;
+ hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*)
+ echo m68k-hp-bsd4.4
+ exit 0 ;;
+ 9000/[34678]??:HP-UX:*:*)
+ HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+ case "${UNAME_MACHINE}" in
+ 9000/31? ) HP_ARCH=m68000 ;;
+ 9000/[34]?? ) HP_ARCH=m68k ;;
+ 9000/[678][0-9][0-9])
+ if [ -x /usr/bin/getconf ]; then
+ sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null`
+ sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
+ case "${sc_cpu_version}" in
+ 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0
+ 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1
+ 532) # CPU_PA_RISC2_0
+ case "${sc_kernel_bits}" in
+ 32) HP_ARCH="hppa2.0n" ;;
+ 64) HP_ARCH="hppa2.0w" ;;
+ '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20
+ esac ;;
+ esac
+ fi
+ if [ "${HP_ARCH}" = "" ]; then
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+
+ #define _HPUX_SOURCE
+ #include <stdlib.h>
+ #include <unistd.h>
+
+ int main ()
+ {
+ #if defined(_SC_KERNEL_BITS)
+ long bits = sysconf(_SC_KERNEL_BITS);
+ #endif
+ long cpu = sysconf (_SC_CPU_VERSION);
+
+ switch (cpu)
+ {
+ case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
+ case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
+ case CPU_PA_RISC2_0:
+ #if defined(_SC_KERNEL_BITS)
+ switch (bits)
+ {
+ case 64: puts ("hppa2.0w"); break;
+ case 32: puts ("hppa2.0n"); break;
+ default: puts ("hppa2.0"); break;
+ } break;
+ #else /* !defined(_SC_KERNEL_BITS) */
+ puts ("hppa2.0"); break;
+ #endif
+ default: puts ("hppa1.0"); break;
+ }
+ exit (0);
+ }
+EOF
+ (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy`
+ test -z "$HP_ARCH" && HP_ARCH=hppa
+ fi ;;
+ esac
+ if [ ${HP_ARCH} = "hppa2.0w" ]
+ then
+ # avoid double evaluation of $set_cc_for_build
+ test -n "$CC_FOR_BUILD" || eval $set_cc_for_build
+ if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E -) | grep __LP64__ >/dev/null
+ then
+ HP_ARCH="hppa2.0w"
+ else
+ HP_ARCH="hppa64"
+ fi
+ fi
+ echo ${HP_ARCH}-hp-hpux${HPUX_REV}
+ exit 0 ;;
+ ia64:HP-UX:*:*)
+ HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+ echo ia64-hp-hpux${HPUX_REV}
+ exit 0 ;;
+ 3050*:HI-UX:*:*)
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #include <unistd.h>
+ int
+ main ()
+ {
+ long cpu = sysconf (_SC_CPU_VERSION);
+ /* The order matters, because CPU_IS_HP_MC68K erroneously returns
+ true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct
+ results, however. */
+ if (CPU_IS_PA_RISC (cpu))
+ {
+ switch (cpu)
+ {
+ case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break;
+ case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break;
+ case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break;
+ default: puts ("hppa-hitachi-hiuxwe2"); break;
+ }
+ }
+ else if (CPU_IS_HP_MC68K (cpu))
+ puts ("m68k-hitachi-hiuxwe2");
+ else puts ("unknown-hitachi-hiuxwe2");
+ exit (0);
+ }
+EOF
+ $CC_FOR_BUILD -o $dummy $dummy.c && $dummy && exit 0
+ echo unknown-hitachi-hiuxwe2
+ exit 0 ;;
+ 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* )
+ echo hppa1.1-hp-bsd
+ exit 0 ;;
+ 9000/8??:4.3bsd:*:*)
+ echo hppa1.0-hp-bsd
+ exit 0 ;;
+ *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*)
+ echo hppa1.0-hp-mpeix
+ exit 0 ;;
+ hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* )
+ echo hppa1.1-hp-osf
+ exit 0 ;;
+ hp8??:OSF1:*:*)
+ echo hppa1.0-hp-osf
+ exit 0 ;;
+ i*86:OSF1:*:*)
+ if [ -x /usr/sbin/sysversion ] ; then
+ echo ${UNAME_MACHINE}-unknown-osf1mk
+ else
+ echo ${UNAME_MACHINE}-unknown-osf1
+ fi
+ exit 0 ;;
+ parisc*:Lites*:*:*)
+ echo hppa1.1-hp-lites
+ exit 0 ;;
+ C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
+ echo c1-convex-bsd
+ exit 0 ;;
+ C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
+ if getsysinfo -f scalar_acc
+ then echo c32-convex-bsd
+ else echo c2-convex-bsd
+ fi
+ exit 0 ;;
+ C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
+ echo c34-convex-bsd
+ exit 0 ;;
+ C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
+ echo c38-convex-bsd
+ exit 0 ;;
+ C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
+ echo c4-convex-bsd
+ exit 0 ;;
+ CRAY*Y-MP:*:*:*)
+ echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit 0 ;;
+ CRAY*[A-Z]90:*:*:*)
+ echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \
+ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \
+ -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \
+ -e 's/\.[^.]*$/.X/'
+ exit 0 ;;
+ CRAY*TS:*:*:*)
+ echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit 0 ;;
+ CRAY*T3E:*:*:*)
+ echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit 0 ;;
+ CRAY*SV1:*:*:*)
+ echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit 0 ;;
+ *:UNICOS/mp:*:*)
+ echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit 0 ;;
+ F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
+ FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+ FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+ FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
+ echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+ exit 0 ;;
+ 5000:UNIX_System_V:4.*:*)
+ FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+ FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'`
+ echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+ exit 0 ;;
+ i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*)
+ echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
+ exit 0 ;;
+ sparc*:BSD/OS:*:*)
+ echo sparc-unknown-bsdi${UNAME_RELEASE}
+ exit 0 ;;
+ *:BSD/OS:*:*)
+ echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
+ exit 0 ;;
+ *:FreeBSD:*:*)
+ echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
+ exit 0 ;;
+ i*:CYGWIN*:*)
+ echo ${UNAME_MACHINE}-pc-cygwin
+ exit 0 ;;
+ i*:MINGW*:*)
+ echo ${UNAME_MACHINE}-pc-mingw32
+ exit 0 ;;
+ i*:PW*:*)
+ echo ${UNAME_MACHINE}-pc-pw32
+ exit 0 ;;
+ x86:Interix*:[34]*)
+ echo i586-pc-interix${UNAME_RELEASE}|sed -e 's/\..*//'
+ exit 0 ;;
+ [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
+ echo i${UNAME_MACHINE}-pc-mks
+ exit 0 ;;
+ i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
+ # How do we know it's Interix rather than the generic POSIX subsystem?
+ # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
+ # UNAME_MACHINE based on the output of uname instead of i386?
+ echo i586-pc-interix
+ exit 0 ;;
+ i*:UWIN*:*)
+ echo ${UNAME_MACHINE}-pc-uwin
+ exit 0 ;;
+ p*:CYGWIN*:*)
+ echo powerpcle-unknown-cygwin
+ exit 0 ;;
+ prep*:SunOS:5.*:*)
+ echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit 0 ;;
+ *:GNU:*:*)
+ # the GNU system
+ echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'`
+ exit 0 ;;
+ *:GNU/*:*:*)
+ # other systems with GNU libc and userland
+ echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu
+ exit 0 ;;
+ i*86:Minix:*:*)
+ echo ${UNAME_MACHINE}-pc-minix
+ exit 0 ;;
+ arm*:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ cris:Linux:*:*)
+ echo cris-axis-linux-gnu
+ exit 0 ;;
+ crisv32:Linux:*:*)
+ echo crisv32-axis-linux-gnu
+ exit 0 ;;
+ frv:Linux:*:*)
+ echo frv-unknown-linux-gnu
+ exit 0 ;;
+ ia64:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ m32r*:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ m68*:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ mips:Linux:*:*)
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #undef CPU
+ #undef mips
+ #undef mipsel
+ #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
+ CPU=mipsel
+ #else
+ #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
+ CPU=mips
+ #else
+ CPU=
+ #endif
+ #endif
+EOF
+ eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=`
+ test x"${CPU}" != x && echo "${CPU}-unknown-linux-gnu" && exit 0
+ ;;
+ mips64:Linux:*:*)
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #undef CPU
+ #undef mips64
+ #undef mips64el
+ #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
+ CPU=mips64el
+ #else
+ #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
+ CPU=mips64
+ #else
+ CPU=
+ #endif
+ #endif
+EOF
+ eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=`
+ test x"${CPU}" != x && echo "${CPU}-unknown-linux-gnu" && exit 0
+ ;;
+ ppc:Linux:*:*)
+ echo powerpc-unknown-linux-gnu
+ exit 0 ;;
+ ppc64:Linux:*:*)
+ echo powerpc64-unknown-linux-gnu
+ exit 0 ;;
+ alpha:Linux:*:*)
+ case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
+ EV5) UNAME_MACHINE=alphaev5 ;;
+ EV56) UNAME_MACHINE=alphaev56 ;;
+ PCA56) UNAME_MACHINE=alphapca56 ;;
+ PCA57) UNAME_MACHINE=alphapca56 ;;
+ EV6) UNAME_MACHINE=alphaev6 ;;
+ EV67) UNAME_MACHINE=alphaev67 ;;
+ EV68*) UNAME_MACHINE=alphaev68 ;;
+ esac
+ objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null
+ if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
+ echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
+ exit 0 ;;
+ parisc:Linux:*:* | hppa:Linux:*:*)
+ # Look for CPU level
+ case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in
+ PA7*) echo hppa1.1-unknown-linux-gnu ;;
+ PA8*) echo hppa2.0-unknown-linux-gnu ;;
+ *) echo hppa-unknown-linux-gnu ;;
+ esac
+ exit 0 ;;
+ parisc64:Linux:*:* | hppa64:Linux:*:*)
+ echo hppa64-unknown-linux-gnu
+ exit 0 ;;
+ s390:Linux:*:* | s390x:Linux:*:*)
+ echo ${UNAME_MACHINE}-ibm-linux
+ exit 0 ;;
+ sh64*:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ sh*:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ sparc:Linux:*:* | sparc64:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ x86_64:Linux:*:*)
+ echo x86_64-unknown-linux-gnu
+ exit 0 ;;
+ i*86:Linux:*:*)
+ # The BFD linker knows what the default object file format is, so
+ # first see if it will tell us. cd to the root directory to prevent
+ # problems with other programs or directories called `ld' in the path.
+ # Set LC_ALL=C to ensure ld outputs messages in English.
+ ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \
+ | sed -ne '/supported targets:/!d
+ s/[ ][ ]*/ /g
+ s/.*supported targets: *//
+ s/ .*//
+ p'`
+ case "$ld_supported_targets" in
+ elf32-i386)
+ TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu"
+ ;;
+ a.out-i386-linux)
+ echo "${UNAME_MACHINE}-pc-linux-gnuaout"
+ exit 0 ;;
+ coff-i386)
+ echo "${UNAME_MACHINE}-pc-linux-gnucoff"
+ exit 0 ;;
+ "")
+ # Either a pre-BFD a.out linker (linux-gnuoldld) or
+ # one that does not give us useful --help.
+ echo "${UNAME_MACHINE}-pc-linux-gnuoldld"
+ exit 0 ;;
+ esac
+ # Determine whether the default compiler is a.out or elf
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #include <features.h>
+ #ifdef __ELF__
+ # ifdef __GLIBC__
+ # if __GLIBC__ >= 2
+ LIBC=gnu
+ # else
+ LIBC=gnulibc1
+ # endif
+ # else
+ LIBC=gnulibc1
+ # endif
+ #else
+ #ifdef __INTEL_COMPILER
+ LIBC=gnu
+ #else
+ LIBC=gnuaout
+ #endif
+ #endif
+ #ifdef __dietlibc__
+ LIBC=dietlibc
+ #endif
+EOF
+ eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=`
+ test x"${LIBC}" != x && echo "${UNAME_MACHINE}-pc-linux-${LIBC}" && exit 0
+ test x"${TENTATIVE}" != x && echo "${TENTATIVE}" && exit 0
+ ;;
+ i*86:DYNIX/ptx:4*:*)
+ # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
+ # earlier versions are messed up and put the nodename in both
+ # sysname and nodename.
+ echo i386-sequent-sysv4
+ exit 0 ;;
+ i*86:UNIX_SV:4.2MP:2.*)
+ # Unixware is an offshoot of SVR4, but it has its own version
+ # number series starting with 2...
+ # I am not positive that other SVR4 systems won't match this,
+ # I just have to hope. -- rms.
+ # Use sysv4.2uw... so that sysv4* matches it.
+ echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION}
+ exit 0 ;;
+ i*86:OS/2:*:*)
+ # If we were able to find `uname', then EMX Unix compatibility
+ # is probably installed.
+ echo ${UNAME_MACHINE}-pc-os2-emx
+ exit 0 ;;
+ i*86:XTS-300:*:STOP)
+ echo ${UNAME_MACHINE}-unknown-stop
+ exit 0 ;;
+ i*86:atheos:*:*)
+ echo ${UNAME_MACHINE}-unknown-atheos
+ exit 0 ;;
+ i*86:syllable:*:*)
+ echo ${UNAME_MACHINE}-pc-syllable
+ exit 0 ;;
+ i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*)
+ echo i386-unknown-lynxos${UNAME_RELEASE}
+ exit 0 ;;
+ i*86:*DOS:*:*)
+ echo ${UNAME_MACHINE}-pc-msdosdjgpp
+ exit 0 ;;
+ i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*)
+ UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'`
+ if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then
+ echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL}
+ else
+ echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL}
+ fi
+ exit 0 ;;
+ i*86:*:5:[78]*)
+ case `/bin/uname -X | grep "^Machine"` in
+ *486*) UNAME_MACHINE=i486 ;;
+ *Pentium) UNAME_MACHINE=i586 ;;
+ *Pent*|*Celeron) UNAME_MACHINE=i686 ;;
+ esac
+ echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION}
+ exit 0 ;;
+ i*86:*:3.2:*)
+ if test -f /usr/options/cb.name; then
+ UNAME_REL=`sed -n 's/.*Version //p' </usr/options/cb.name`
+ echo ${UNAME_MACHINE}-pc-isc$UNAME_REL
+ elif /bin/uname -X 2>/dev/null >/dev/null ; then
+ UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')`
+ (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486
+ (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \
+ && UNAME_MACHINE=i586
+ (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \
+ && UNAME_MACHINE=i686
+ (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \
+ && UNAME_MACHINE=i686
+ echo ${UNAME_MACHINE}-pc-sco$UNAME_REL
+ else
+ echo ${UNAME_MACHINE}-pc-sysv32
+ fi
+ exit 0 ;;
+ pc:*:*:*)
+ # Left here for compatibility:
+ # uname -m prints for DJGPP always 'pc', but it prints nothing about
+ # the processor, so we play safe by assuming i386.
+ echo i386-pc-msdosdjgpp
+ exit 0 ;;
+ Intel:Mach:3*:*)
+ echo i386-pc-mach3
+ exit 0 ;;
+ paragon:*:*:*)
+ echo i860-intel-osf1
+ exit 0 ;;
+ i860:*:4.*:*) # i860-SVR4
+ if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then
+ echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4
+ else # Add other i860-SVR4 vendors below as they are discovered.
+ echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4
+ fi
+ exit 0 ;;
+ mini*:CTIX:SYS*5:*)
+ # "miniframe"
+ echo m68010-convergent-sysv
+ exit 0 ;;
+ mc68k:UNIX:SYSTEM5:3.51m)
+ echo m68k-convergent-sysv
+ exit 0 ;;
+ M680?0:D-NIX:5.3:*)
+ echo m68k-diab-dnix
+ exit 0 ;;
+ M68*:*:R3V[5678]*:*)
+ test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;;
+ 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0)
+ OS_REL=''
+ test -r /etc/.relid \
+ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
+ /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+ && echo i486-ncr-sysv4.3${OS_REL} && exit 0
+ /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
+ && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;;
+ 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
+ /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+ && echo i486-ncr-sysv4 && exit 0 ;;
+ m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
+ echo m68k-unknown-lynxos${UNAME_RELEASE}
+ exit 0 ;;
+ mc68030:UNIX_System_V:4.*:*)
+ echo m68k-atari-sysv4
+ exit 0 ;;
+ TSUNAMI:LynxOS:2.*:*)
+ echo sparc-unknown-lynxos${UNAME_RELEASE}
+ exit 0 ;;
+ rs6000:LynxOS:2.*:*)
+ echo rs6000-unknown-lynxos${UNAME_RELEASE}
+ exit 0 ;;
+ PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*)
+ echo powerpc-unknown-lynxos${UNAME_RELEASE}
+ exit 0 ;;
+ SM[BE]S:UNIX_SV:*:*)
+ echo mips-dde-sysv${UNAME_RELEASE}
+ exit 0 ;;
+ RM*:ReliantUNIX-*:*:*)
+ echo mips-sni-sysv4
+ exit 0 ;;
+ RM*:SINIX-*:*:*)
+ echo mips-sni-sysv4
+ exit 0 ;;
+ *:SINIX-*:*:*)
+ if uname -p 2>/dev/null >/dev/null ; then
+ UNAME_MACHINE=`(uname -p) 2>/dev/null`
+ echo ${UNAME_MACHINE}-sni-sysv4
+ else
+ echo ns32k-sni-sysv
+ fi
+ exit 0 ;;
+ PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
+ # says <Richard.M.Bartel@ccMail.Census.GOV>
+ echo i586-unisys-sysv4
+ exit 0 ;;
+ *:UNIX_System_V:4*:FTX*)
+ # From Gerald Hewes <hewes@openmarket.com>.
+ # How about differentiating between stratus architectures? -djm
+ echo hppa1.1-stratus-sysv4
+ exit 0 ;;
+ *:*:*:FTX*)
+ # From seanf@swdc.stratus.com.
+ echo i860-stratus-sysv4
+ exit 0 ;;
+ *:VOS:*:*)
+ # From Paul.Green@stratus.com.
+ echo hppa1.1-stratus-vos
+ exit 0 ;;
+ mc68*:A/UX:*:*)
+ echo m68k-apple-aux${UNAME_RELEASE}
+ exit 0 ;;
+ news*:NEWS-OS:6*:*)
+ echo mips-sony-newsos6
+ exit 0 ;;
+ R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*)
+ if [ -d /usr/nec ]; then
+ echo mips-nec-sysv${UNAME_RELEASE}
+ else
+ echo mips-unknown-sysv${UNAME_RELEASE}
+ fi
+ exit 0 ;;
+ BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only.
+ echo powerpc-be-beos
+ exit 0 ;;
+ BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only.
+ echo powerpc-apple-beos
+ exit 0 ;;
+ BePC:BeOS:*:*) # BeOS running on Intel PC compatible.
+ echo i586-pc-beos
+ exit 0 ;;
+ SX-4:SUPER-UX:*:*)
+ echo sx4-nec-superux${UNAME_RELEASE}
+ exit 0 ;;
+ SX-5:SUPER-UX:*:*)
+ echo sx5-nec-superux${UNAME_RELEASE}
+ exit 0 ;;
+ SX-6:SUPER-UX:*:*)
+ echo sx6-nec-superux${UNAME_RELEASE}
+ exit 0 ;;
+ Power*:Rhapsody:*:*)
+ echo powerpc-apple-rhapsody${UNAME_RELEASE}
+ exit 0 ;;
+ *:Rhapsody:*:*)
+ echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE}
+ exit 0 ;;
+ *:Darwin:*:*)
+ UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
+ case $UNAME_PROCESSOR in
+ *86) UNAME_PROCESSOR=i686 ;;
+ unknown) UNAME_PROCESSOR=powerpc ;;
+ esac
+ echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
+ exit 0 ;;
+ *:procnto*:*:* | *:QNX:[0123456789]*:*)
+ UNAME_PROCESSOR=`uname -p`
+ if test "$UNAME_PROCESSOR" = "x86"; then
+ UNAME_PROCESSOR=i386
+ UNAME_MACHINE=pc
+ fi
+ echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE}
+ exit 0 ;;
+ *:QNX:*:4*)
+ echo i386-pc-qnx
+ exit 0 ;;
+ NSR-?:NONSTOP_KERNEL:*:*)
+ echo nsr-tandem-nsk${UNAME_RELEASE}
+ exit 0 ;;
+ *:NonStop-UX:*:*)
+ echo mips-compaq-nonstopux
+ exit 0 ;;
+ BS2000:POSIX*:*:*)
+ echo bs2000-siemens-sysv
+ exit 0 ;;
+ DS/*:UNIX_System_V:*:*)
+ echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE}
+ exit 0 ;;
+ *:Plan9:*:*)
+ # "uname -m" is not consistent, so use $cputype instead. 386
+ # is converted to i386 for consistency with other x86
+ # operating systems.
+ if test "$cputype" = "386"; then
+ UNAME_MACHINE=i386
+ else
+ UNAME_MACHINE="$cputype"
+ fi
+ echo ${UNAME_MACHINE}-unknown-plan9
+ exit 0 ;;
+ *:TOPS-10:*:*)
+ echo pdp10-unknown-tops10
+ exit 0 ;;
+ *:TENEX:*:*)
+ echo pdp10-unknown-tenex
+ exit 0 ;;
+ KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*)
+ echo pdp10-dec-tops20
+ exit 0 ;;
+ XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*)
+ echo pdp10-xkl-tops20
+ exit 0 ;;
+ *:TOPS-20:*:*)
+ echo pdp10-unknown-tops20
+ exit 0 ;;
+ *:ITS:*:*)
+ echo pdp10-unknown-its
+ exit 0 ;;
+ SEI:*:*:SEIUX)
+ echo mips-sei-seiux${UNAME_RELEASE}
+ exit 0 ;;
+ *:DragonFly:*:*)
+ echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
+ exit 0 ;;
+ *:*VMS:*:*)
+ UNAME_MACHINE=`(uname -p) 2>/dev/null`
+ case "${UNAME_MACHINE}" in
+ A*) echo alpha-dec-vms && exit 0 ;;
+ I*) echo ia64-dec-vms && exit 0 ;;
+ V*) echo vax-dec-vms && exit 0 ;;
+ esac
+esac
+
+#echo '(No uname command or uname output not recognized.)' 1>&2
+#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2
+
+eval $set_cc_for_build
+cat >$dummy.c <<EOF
+#ifdef _SEQUENT_
+# include <sys/types.h>
+# include <sys/utsname.h>
+#endif
+main ()
+{
+#if defined (sony)
+#if defined (MIPSEB)
+ /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed,
+ I don't know.... */
+ printf ("mips-sony-bsd\n"); exit (0);
+#else
+#include <sys/param.h>
+ printf ("m68k-sony-newsos%s\n",
+#ifdef NEWSOS4
+ "4"
+#else
+ ""
+#endif
+ ); exit (0);
+#endif
+#endif
+
+#if defined (__arm) && defined (__acorn) && defined (__unix)
+ printf ("arm-acorn-riscix"); exit (0);
+#endif
+
+#if defined (hp300) && !defined (hpux)
+ printf ("m68k-hp-bsd\n"); exit (0);
+#endif
+
+#if defined (NeXT)
+#if !defined (__ARCHITECTURE__)
+#define __ARCHITECTURE__ "m68k"
+#endif
+ int version;
+ version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`;
+ if (version < 4)
+ printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version);
+ else
+ printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version);
+ exit (0);
+#endif
+
+#if defined (MULTIMAX) || defined (n16)
+#if defined (UMAXV)
+ printf ("ns32k-encore-sysv\n"); exit (0);
+#else
+#if defined (CMU)
+ printf ("ns32k-encore-mach\n"); exit (0);
+#else
+ printf ("ns32k-encore-bsd\n"); exit (0);
+#endif
+#endif
+#endif
+
+#if defined (__386BSD__)
+ printf ("i386-pc-bsd\n"); exit (0);
+#endif
+
+#if defined (sequent)
+#if defined (i386)
+ printf ("i386-sequent-dynix\n"); exit (0);
+#endif
+#if defined (ns32000)
+ printf ("ns32k-sequent-dynix\n"); exit (0);
+#endif
+#endif
+
+#if defined (_SEQUENT_)
+ struct utsname un;
+
+ uname(&un);
+
+ if (strncmp(un.version, "V2", 2) == 0) {
+ printf ("i386-sequent-ptx2\n"); exit (0);
+ }
+ if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */
+ printf ("i386-sequent-ptx1\n"); exit (0);
+ }
+ printf ("i386-sequent-ptx\n"); exit (0);
+
+#endif
+
+#if defined (vax)
+# if !defined (ultrix)
+# include <sys/param.h>
+# if defined (BSD)
+# if BSD == 43
+ printf ("vax-dec-bsd4.3\n"); exit (0);
+# else
+# if BSD == 199006
+ printf ("vax-dec-bsd4.3reno\n"); exit (0);
+# else
+ printf ("vax-dec-bsd\n"); exit (0);
+# endif
+# endif
+# else
+ printf ("vax-dec-bsd\n"); exit (0);
+# endif
+# else
+ printf ("vax-dec-ultrix\n"); exit (0);
+# endif
+#endif
+
+#if defined (alliant) && defined (i860)
+ printf ("i860-alliant-bsd\n"); exit (0);
+#endif
+
+ exit (1);
+}
+EOF
+
+$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && $dummy && exit 0
+
+# Apollos put the system type in the environment.
+
+test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; }
+
+# Convex versions that predate uname can use getsysinfo(1)
+
+if [ -x /usr/convex/getsysinfo ]
+then
+ case `getsysinfo -f cpu_type` in
+ c1*)
+ echo c1-convex-bsd
+ exit 0 ;;
+ c2*)
+ if getsysinfo -f scalar_acc
+ then echo c32-convex-bsd
+ else echo c2-convex-bsd
+ fi
+ exit 0 ;;
+ c34*)
+ echo c34-convex-bsd
+ exit 0 ;;
+ c38*)
+ echo c38-convex-bsd
+ exit 0 ;;
+ c4*)
+ echo c4-convex-bsd
+ exit 0 ;;
+ esac
+fi
+
+cat >&2 <<EOF
+$0: unable to guess system type
+
+This script, last modified $timestamp, has failed to recognize
+the operating system you are using. It is advised that you
+download the most up to date version of the config scripts from
+
+ ftp://ftp.gnu.org/pub/gnu/config/
+
+If the version you run ($0) is already up to date, please
+send the following data and any information you think might be
+pertinent to <config-patches@gnu.org> in order to provide the needed
+information to handle your system.
+
+config.guess timestamp = $timestamp
+
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null`
+/bin/uname -X = `(/bin/uname -X) 2>/dev/null`
+
+hostinfo = `(hostinfo) 2>/dev/null`
+/bin/universe = `(/bin/universe) 2>/dev/null`
+/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null`
+/bin/arch = `(/bin/arch) 2>/dev/null`
+/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null`
+
+UNAME_MACHINE = ${UNAME_MACHINE}
+UNAME_RELEASE = ${UNAME_RELEASE}
+UNAME_SYSTEM = ${UNAME_SYSTEM}
+UNAME_VERSION = ${UNAME_VERSION}
+EOF
+
+exit 1
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
diff --git a/srtp/config.h_win32vc7 b/srtp/config.h_win32vc7
new file mode 100644
index 0000000..b6ae0a7
--- /dev/null
+++ b/srtp/config.h_win32vc7
@@ -0,0 +1,170 @@
+/* Hacked config.h for Windows XP 32-bit & VC7 */
+
+/* Define if building for a CISC machine (e.g. Intel). */
+#define CPU_CISC 1
+
+/* Define if building for a RISC machine (assume slow byte access). */
+#undef CPU_RISC
+
+/* Path to random device */
+#undef DEV_URANDOM
+
+/* Define to compile in dynamic debugging system. */
+#undef ENABLE_DEBUGGING
+
+/* Report errors to this file. */
+#undef ERR_REPORTING_FILE
+
+/* Define to use logging to stdout. */
+#undef ERR_REPORTING_STDOUT
+
+/* Define this to use ISMAcryp code. */
+#undef GENERIC_AESICM
+
+/* Define to 1 if you have the <arpa/inet.h> header file. */
+#undef HAVE_ARPA_INET_H
+
+/* Define to 1 if you have the <byteswap.h> header file. */
+#undef HAVE_BYTESWAP_H
+
+/* Define to 1 if you have the `inet_aton' function. */
+#define HAVE_INET_ATON 1
+
+/* Define to 1 if the system has the type `int16_t'. */
+#undef HAVE_INT16_T
+
+/* Define to 1 if the system has the type `int32_t'. */
+#undef HAVE_INT32_T
+
+/* Define to 1 if the system has the type `int8_t'. */
+#undef HAVE_INT8_T
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#undef HAVE_INTTYPES_H
+
+/* Define to 1 if you have the `socket' library (-lsocket). */
+#undef HAVE_LIBSOCKET
+
+/* Define to 1 if you have the <machine/types.h> header file. */
+#undef HAVE_MACHINE_TYPES_H
+
+/* Define to 1 if you have the <memory.h> header file. */
+#define HAVE_MEMORY_H 1
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+#undef HAVE_NETINET_IN_H
+
+/* Define to 1 if you have the `socket' function. */
+#define HAVE_SOCKET 1
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#undef HAVE_STDINT_H
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#define HAVE_STDLIB_H 1
+
+/* Define to 1 if you have the <strings.h> header file. */
+#define HAVE_STRINGS_H 1
+
+/* Define to 1 if you have the <string.h> header file. */
+#define HAVE_STRING_H 1
+
+/* Define to 1 if you have the <syslog.h> header file. */
+#undef HAVE_SYSLOG_H
+
+/* Define to 1 if you have the <sys/int_types.h> header file. */
+#undef HAVE_SYS_INT_TYPES_H
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+#undef HAVE_SYS_SOCKET_H
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#undef HAVE_SYS_STAT_H
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#undef HAVE_SYS_TYPES_H
+
+/* Define to 1 if you have the <sys/uio.h> header file. */
+#undef HAVE_SYS_UIO_H
+
+/* Define to 1 if the system has the type `uint16_t'. */
+#undef HAVE_UINT16_T
+
+/* Define to 1 if the system has the type `uint32_t'. */
+#undef HAVE_UINT32_T
+
+/* Define to 1 if the system has the type `uint64_t'. */
+#undef HAVE_UINT64_T
+
+/* Define to 1 if the system has the type `uint8_t'. */
+#undef HAVE_UINT8_T
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#define HAVE_UNISTD_H 1
+
+/* Define to 1 if you have the `usleep' function. */
+#define HAVE_USLEEP 1
+
+/* Define to 1 if you have the <windows.h> header file. */
+#define HAVE_WINDOWS_H 1
+
+/* Define to 1 if you have the <winsock2.h> header file. */
+#define HAVE_WINSOCK2_H 1
+
+/* Define to use X86 inlined assembly code */
+#undef HAVE_X86
+
+/* Define to the address where bug reports for this package should be sent. */
+#undef PACKAGE_BUGREPORT
+
+/* Define to the full name of this package. */
+#undef PACKAGE_NAME
+
+/* Define to the full name and version of this package. */
+#undef PACKAGE_STRING
+
+/* Define to the one symbol short name of this package. */
+#undef PACKAGE_TARNAME
+
+/* Define to the version of this package. */
+#undef PACKAGE_VERSION
+
+/* The size of a `unsigned long', as computed by sizeof. */
+#define SIZEOF_UNSIGNED_LONG 4
+
+/* The size of a `unsigned long long', as computed by sizeof. */
+#define SIZEOF_UNSIGNED_LONG_LONG 8
+
+/* Define to use GDOI. */
+#undef SRTP_GDOI
+
+/* Define to compile for kernel contexts. */
+#undef SRTP_KERNEL
+
+/* Define to compile for Linux kernel context. */
+#undef SRTP_KERNEL_LINUX
+
+/* Define to 1 if you have the ANSI C header files. */
+#undef STDC_HEADERS
+
+/* Write errors to this file */
+#undef USE_ERR_REPORTING_FILE
+
+/* Define to use syslog logging. */
+#undef USE_SYSLOG
+
+/* Define to 1 if your processor stores words with the most significant byte
+ first (like Motorola and SPARC, unlike Intel and VAX). */
+#undef WORDS_BIGENDIAN
+
+/* Define to empty if `const' does not conform to ANSI C. */
+//#undef const
+/* Define to `__inline__' or `__inline' if that's what the C compiler
+ calls it, or to nothing if 'inline' is not supported under any name. */
+//#ifndef __cplusplus
+//#undef inline
+//#endif
+#define inline __inline
+
+/* Define to `unsigned' if <sys/types.h> does not define. */
+//#undef size_t
diff --git a/srtp/config.hw b/srtp/config.hw
new file mode 100644
index 0000000..1cc4f5b
--- /dev/null
+++ b/srtp/config.hw
@@ -0,0 +1,192 @@
+/* crypto/include/config.h. Generated by configure. */
+/* config_in.h. Generated from configure.in by autoheader. */
+
+/* Define if building for a CISC machine (e.g. Intel). */
+#define CPU_CISC 1
+
+/* Define if building for a RISC machine (assume slow byte access). */
+/* #undef CPU_RISC */
+
+/* Path to random device */
+/* #define DEV_URANDOM "/dev/urandom" */
+
+/* Define to compile in dynamic debugging system. */
+#define ENABLE_DEBUGGING 1
+
+/* Report errors to this file. */
+/* #undef ERR_REPORTING_FILE */
+
+/* Define to use logging to stdout. */
+#define ERR_REPORTING_STDOUT 1
+
+/* Define this to use ISMAcryp code. */
+/* #undef GENERIC_AESICM */
+
+/* Define to 1 if you have the <arpa/inet.h> header file. */
+/* #undef HAVE_ARPA_INET_H */
+
+/* Define to 1 if you have the <byteswap.h> header file. */
+/* #undef HAVE_BYTESWAP_H */
+
+/* Define to 1 if you have the `inet_aton' function. */
+/* #undef HAVE_INET_ATON */
+
+/* Define to 1 if the system has the type `int16_t'. */
+#define HAVE_INT16_T 1
+
+/* Define to 1 if the system has the type `int32_t'. */
+#define HAVE_INT32_T 1
+
+/* Define to 1 if the system has the type `int8_t'. */
+#define HAVE_INT8_T 1
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+/* #undef HAVE_INTTYPES_H */
+
+/* Define to 1 if you have the `socket' library (-lsocket). */
+/* #undef HAVE_LIBSOCKET */
+
+/* Define to 1 if you have the <machine/types.h> header file. */
+/* #undef HAVE_MACHINE_TYPES_H */
+
+/* Define to 1 if you have the <memory.h> header file. */
+#define HAVE_MEMORY_H 1
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+/* #undef HAVE_NETINET_IN_H */
+
+/* Define to 1 if you have the `socket' function. */
+/* #undef HAVE_SOCKET */
+
+/* Define to 1 if you have the <stdint.h> header file. */
+/* #undef HAVE_STDINT_H */
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#define HAVE_STDLIB_H 1
+
+/* Define to 1 if you have the <strings.h> header file. */
+#define HAVE_STRINGS_H 1
+
+/* Define to 1 if you have the <string.h> header file. */
+#define HAVE_STRING_H 1
+
+/* Define to 1 if you have the <syslog.h> header file. */
+/* #undef HAVE_SYSLOG_H */
+
+/* Define to 1 if you have the <sys/int_types.h> header file. */
+/* #undef HAVE_SYS_INT_TYPES_H */
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+/* #undef HAVE_SYS_SOCKET_H */
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#define HAVE_SYS_STAT_H 1
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#define HAVE_SYS_TYPES_H 1
+
+/* Define to 1 if you have the <sys/uio.h> header file. */
+/* #undef HAVE_SYS_UIO_H */
+
+/* Define to 1 if the system has the type `uint16_t'. */
+#define HAVE_UINT16_T 1
+
+/* Define to 1 if the system has the type `uint32_t'. */
+#define HAVE_UINT32_T 1
+
+/* Define to 1 if the system has the type `uint64_t'. */
+#define HAVE_UINT64_T 1
+
+/* Define to 1 if the system has the type `uint8_t'. */
+#define HAVE_UINT8_T 1
+
+/* Define to 1 if you have the <unistd.h> header file. */
+/* #undef HAVE_UNISTD_H */
+
+/* Define to 1 if you have the `usleep' function. */
+/* #undef HAVE_USLEEP */
+
+/* Define to 1 if you have the <windows.h> header file. */
+#define HAVE_WINDOWS_H 1
+
+/* Define to 1 if you have the <winsock2.h> header file. */
+#define HAVE_WINSOCK2_H 1
+
+/* Define to use X86 inlined assembly code */
+/* #undef HAVE_X86 */
+
+/* Define to the address where bug reports for this package should be sent. */
+#define PACKAGE_BUGREPORT ""
+
+/* Define to the full name of this package. */
+#define PACKAGE_NAME ""
+
+/* Define to the full name and version of this package. */
+#define PACKAGE_STRING ""
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME ""
+
+/* Define to the version of this package. */
+#define PACKAGE_VERSION ""
+
+/* The size of a `unsigned long', as computed by sizeof. */
+#define SIZEOF_UNSIGNED_LONG 4
+
+/* The size of a `unsigned long long', as computed by sizeof. */
+#define SIZEOF_UNSIGNED_LONG_LONG 8
+
+/* Define to use GDOI. */
+/* #undef SRTP_GDOI */
+
+/* Define to compile for kernel contexts. */
+/* #undef SRTP_KERNEL */
+
+/* Define to compile for Linux kernel context. */
+/* #undef SRTP_KERNEL_LINUX */
+
+/* Define to 1 if you have the ANSI C header files. */
+#define STDC_HEADERS 1
+
+/* Write errors to this file */
+/* #undef USE_ERR_REPORTING_FILE */
+
+/* Define to use syslog logging. */
+/* #undef USE_SYSLOG */
+
+/* Define to 1 if your processor stores words with the most significant byte
+ first (like Motorola and SPARC, unlike Intel and VAX). */
+/* #undef WORDS_BIGENDIAN */
+
+/* Define to empty if `const' does not conform to ANSI C. */
+/* #undef const */
+
+/* Define 'inline' to nothing, since the MSVC compiler doesn't support it. */
+#define inline
+
+/* Define to `unsigned' if <sys/types.h> does not define. */
+/* #undef size_t */
+
+#if (_MSC_VER >= 1400) // VC8+
+#ifndef _CRT_SECURE_NO_DEPRECATE
+#define _CRT_SECURE_NO_DEPRECATE
+#endif
+#ifndef _CRT_NONSTDC_NO_DEPRECATE
+#define _CRT_NONSTDC_NO_DEPRECATE
+#endif
+#endif // VC8+
+
+#ifndef uint32_t
+typedef unsigned __int8 uint8_t;
+typedef unsigned __int16 uint16_t;
+typedef unsigned __int32 uint32_t;
+typedef unsigned __int64 uint64_t;
+typedef __int8 int8_t;
+typedef __int16 int16_t;
+typedef __int32 int32_t;
+typedef __int64 int64_t;
+#endif
+
+#ifdef _MSC_VER
+#pragma warning(disable:4311)
+#endif
diff --git a/srtp/config.log b/srtp/config.log
new file mode 100644
index 0000000..22b96c4
--- /dev/null
+++ b/srtp/config.log
@@ -0,0 +1,1118 @@
+This file contains any messages produced by compilers while
+running configure, to aid debugging if configure makes a mistake.
+
+It was created by configure, which was
+generated by GNU Autoconf 2.59. Invocation command line was
+
+ $ ./configure
+
+## --------- ##
+## Platform. ##
+## --------- ##
+
+hostname = hermes
+uname -m = i686
+uname -r = 2.6.18-4-686
+uname -s = Linux
+uname -v = #1 SMP Wed May 9 23:03:12 UTC 2007
+
+/usr/bin/uname -p = unknown
+/bin/uname -X = unknown
+
+/bin/arch = i686
+/usr/bin/arch -k = unknown
+/usr/convex/getsysinfo = unknown
+hostinfo = unknown
+/bin/machine = unknown
+/usr/bin/oslevel = unknown
+/bin/universe = unknown
+
+PATH: /usr/local/bin
+PATH: /usr/bin
+PATH: /bin
+PATH: /usr/bin/X11
+PATH: /usr/games
+
+
+## ----------- ##
+## Core tests. ##
+## ----------- ##
+
+configure:1348: checking for ranlib
+configure:1364: found /usr/bin/ranlib
+configure:1375: result: ranlib
+configure:1433: checking for gcc
+configure:1449: found /usr/bin/gcc
+configure:1459: result: gcc
+configure:1703: checking for C compiler version
+configure:1706: gcc --version </dev/null >&5
+gcc (GCC) 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)
+Copyright (C) 2006 Free Software Foundation, Inc.
+This is free software; see the source for copying conditions. There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+configure:1709: $? = 0
+configure:1711: gcc -v </dev/null >&5
+Using built-in specs.
+Target: i486-linux-gnu
+Configured with: ../src/configure -v --enable-languages=c,c++,fortran,objc,obj-c++,treelang --prefix=/usr --enable-shared --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --enable-nls --program-suffix=-4.1 --enable-__cxa_atexit --enable-clocale=gnu --enable-libstdcxx-debug --enable-mpfr --with-tune=i686 --enable-checking=release i486-linux-gnu
+Thread model: posix
+gcc version 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)
+configure:1714: $? = 0
+configure:1716: gcc -V </dev/null >&5
+gcc: '-V' option must have argument
+configure:1719: $? = 1
+configure:1742: checking for C compiler default output file name
+configure:1745: gcc -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:1748: $? = 0
+configure:1794: result: a.out
+configure:1799: checking whether the C compiler works
+configure:1805: ./a.out
+configure:1808: $? = 0
+configure:1825: result: yes
+configure:1832: checking whether we are cross compiling
+configure:1834: result: no
+configure:1837: checking for suffix of executables
+configure:1839: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:1842: $? = 0
+configure:1867: result:
+configure:1873: checking for suffix of object files
+configure:1894: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:1897: $? = 0
+configure:1919: result: o
+configure:1923: checking whether we are using the GNU C compiler
+configure:1947: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:1953: $? = 0
+configure:1957: test -z
+ || test ! -s conftest.err
+configure:1960: $? = 0
+configure:1963: test -s conftest.o
+configure:1966: $? = 0
+configure:1979: result: yes
+configure:1985: checking whether gcc accepts -g
+configure:2006: gcc -c -g conftest.c >&5
+configure:2012: $? = 0
+configure:2016: test -z
+ || test ! -s conftest.err
+configure:2019: $? = 0
+configure:2022: test -s conftest.o
+configure:2025: $? = 0
+configure:2036: result: yes
+configure:2053: checking for gcc option to accept ANSI C
+configure:2123: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:2129: $? = 0
+configure:2133: test -z
+ || test ! -s conftest.err
+configure:2136: $? = 0
+configure:2139: test -s conftest.o
+configure:2142: $? = 0
+configure:2160: result: none needed
+configure:2178: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+conftest.c:2: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'me'
+configure:2184: $? = 1
+configure: failed program was:
+| #ifndef __cplusplus
+| choke me
+| #endif
+configure:2355: checking for a BSD-compatible install
+configure:2410: result: /usr/bin/install -c
+configure:2430: checking whether to build for Linux kernel context
+configure:2444: result: no
+configure:2448: checking for /dev/urandom
+configure:2463: result: yes
+configure:2493: checking which random device to use
+configure:2507: result: /dev/urandom
+configure:2523: checking how to run the C preprocessor
+configure:2558: gcc -E conftest.c
+configure:2564: $? = 0
+configure:2596: gcc -E conftest.c
+conftest.c:10:28: error: ac_nonexistent.h: No such file or directory
+configure:2602: $? = 1
+configure: failed program was:
+| /* confdefs.h. */
+|
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define DEV_URANDOM "/dev/urandom"
+| /* end confdefs.h. */
+| #include <ac_nonexistent.h>
+configure:2641: result: gcc -E
+configure:2665: gcc -E conftest.c
+configure:2671: $? = 0
+configure:2703: gcc -E conftest.c
+conftest.c:10:28: error: ac_nonexistent.h: No such file or directory
+configure:2709: $? = 1
+configure: failed program was:
+| /* confdefs.h. */
+|
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define DEV_URANDOM "/dev/urandom"
+| /* end confdefs.h. */
+| #include <ac_nonexistent.h>
+configure:2753: checking for egrep
+configure:2763: result: grep -E
+configure:2768: checking for ANSI C header files
+configure:2793: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:2799: $? = 0
+configure:2803: test -z
+ || test ! -s conftest.err
+configure:2806: $? = 0
+configure:2809: test -s conftest.o
+configure:2812: $? = 0
+configure:2901: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+conftest.c: In function 'main':
+conftest.c:27: warning: implicit declaration of function 'exit'
+conftest.c:27: warning: incompatible implicit declaration of built-in function 'exit'
+configure:2904: $? = 0
+configure:2906: ./conftest
+configure:2909: $? = 0
+configure:2924: result: yes
+configure:2948: checking for sys/types.h
+configure:2964: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:2970: $? = 0
+configure:2974: test -z
+ || test ! -s conftest.err
+configure:2977: $? = 0
+configure:2980: test -s conftest.o
+configure:2983: $? = 0
+configure:2994: result: yes
+configure:2948: checking for sys/stat.h
+configure:2964: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:2970: $? = 0
+configure:2974: test -z
+ || test ! -s conftest.err
+configure:2977: $? = 0
+configure:2980: test -s conftest.o
+configure:2983: $? = 0
+configure:2994: result: yes
+configure:2948: checking for stdlib.h
+configure:2964: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:2970: $? = 0
+configure:2974: test -z
+ || test ! -s conftest.err
+configure:2977: $? = 0
+configure:2980: test -s conftest.o
+configure:2983: $? = 0
+configure:2994: result: yes
+configure:2948: checking for string.h
+configure:2964: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:2970: $? = 0
+configure:2974: test -z
+ || test ! -s conftest.err
+configure:2977: $? = 0
+configure:2980: test -s conftest.o
+configure:2983: $? = 0
+configure:2994: result: yes
+configure:2948: checking for memory.h
+configure:2964: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:2970: $? = 0
+configure:2974: test -z
+ || test ! -s conftest.err
+configure:2977: $? = 0
+configure:2980: test -s conftest.o
+configure:2983: $? = 0
+configure:2994: result: yes
+configure:2948: checking for strings.h
+configure:2964: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:2970: $? = 0
+configure:2974: test -z
+ || test ! -s conftest.err
+configure:2977: $? = 0
+configure:2980: test -s conftest.o
+configure:2983: $? = 0
+configure:2994: result: yes
+configure:2948: checking for inttypes.h
+configure:2964: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:2970: $? = 0
+configure:2974: test -z
+ || test ! -s conftest.err
+configure:2977: $? = 0
+configure:2980: test -s conftest.o
+configure:2983: $? = 0
+configure:2994: result: yes
+configure:2948: checking for stdint.h
+configure:2964: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:2970: $? = 0
+configure:2974: test -z
+ || test ! -s conftest.err
+configure:2977: $? = 0
+configure:2980: test -s conftest.o
+configure:2983: $? = 0
+configure:2994: result: yes
+configure:2948: checking for unistd.h
+configure:2964: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:2970: $? = 0
+configure:2974: test -z
+ || test ! -s conftest.err
+configure:2977: $? = 0
+configure:2980: test -s conftest.o
+configure:2983: $? = 0
+configure:2994: result: yes
+configure:3011: checking for stdlib.h
+configure:3016: result: yes
+configure:3161: checking for unistd.h
+configure:3166: result: yes
+configure:3320: checking byteswap.h usability
+configure:3332: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:3338: $? = 0
+configure:3342: test -z
+ || test ! -s conftest.err
+configure:3345: $? = 0
+configure:3348: test -s conftest.o
+configure:3351: $? = 0
+configure:3361: result: yes
+configure:3365: checking byteswap.h presence
+configure:3375: gcc -E conftest.c
+configure:3381: $? = 0
+configure:3401: result: yes
+configure:3436: checking for byteswap.h
+configure:3443: result: yes
+configure:3461: checking for stdint.h
+configure:3466: result: yes
+configure:3620: checking sys/uio.h usability
+configure:3632: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:3638: $? = 0
+configure:3642: test -z
+ || test ! -s conftest.err
+configure:3645: $? = 0
+configure:3648: test -s conftest.o
+configure:3651: $? = 0
+configure:3661: result: yes
+configure:3665: checking sys/uio.h presence
+configure:3675: gcc -E conftest.c
+configure:3681: $? = 0
+configure:3701: result: yes
+configure:3736: checking for sys/uio.h
+configure:3743: result: yes
+configure:3761: checking for inttypes.h
+configure:3766: result: yes
+configure:3911: checking for sys/types.h
+configure:3916: result: yes
+configure:4070: checking machine/types.h usability
+configure:4082: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+conftest.c:61:27: error: machine/types.h: No such file or directory
+configure:4088: $? = 1
+configure: failed program was:
+| /* confdefs.h. */
+|
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define DEV_URANDOM "/dev/urandom"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_BYTESWAP_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_SYS_UIO_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_SYS_TYPES_H 1
+| /* end confdefs.h. */
+| #include <stdio.h>
+| #if HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #if HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #if STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # if HAVE_STDLIB_H
+| # include <stdlib.h>
+| # endif
+| #endif
+| #if HAVE_STRING_H
+| # if !STDC_HEADERS && HAVE_MEMORY_H
+| # include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #if HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #if HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #else
+| # if HAVE_STDINT_H
+| # include <stdint.h>
+| # endif
+| #endif
+| #if HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| #include <machine/types.h>
+configure:4111: result: no
+configure:4115: checking machine/types.h presence
+configure:4125: gcc -E conftest.c
+conftest.c:27:27: error: machine/types.h: No such file or directory
+configure:4131: $? = 1
+configure: failed program was:
+| /* confdefs.h. */
+|
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define DEV_URANDOM "/dev/urandom"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_BYTESWAP_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_SYS_UIO_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_SYS_TYPES_H 1
+| /* end confdefs.h. */
+| #include <machine/types.h>
+configure:4151: result: no
+configure:4186: checking for machine/types.h
+configure:4193: result: no
+configure:4220: checking sys/int_types.h usability
+configure:4232: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+conftest.c:61:27: error: sys/int_types.h: No such file or directory
+configure:4238: $? = 1
+configure: failed program was:
+| /* confdefs.h. */
+|
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define DEV_URANDOM "/dev/urandom"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_BYTESWAP_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_SYS_UIO_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_SYS_TYPES_H 1
+| /* end confdefs.h. */
+| #include <stdio.h>
+| #if HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #if HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #if STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # if HAVE_STDLIB_H
+| # include <stdlib.h>
+| # endif
+| #endif
+| #if HAVE_STRING_H
+| # if !STDC_HEADERS && HAVE_MEMORY_H
+| # include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #if HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #if HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #else
+| # if HAVE_STDINT_H
+| # include <stdint.h>
+| # endif
+| #endif
+| #if HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| #include <sys/int_types.h>
+configure:4261: result: no
+configure:4265: checking sys/int_types.h presence
+configure:4275: gcc -E conftest.c
+conftest.c:27:27: error: sys/int_types.h: No such file or directory
+configure:4281: $? = 1
+configure: failed program was:
+| /* confdefs.h. */
+|
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define DEV_URANDOM "/dev/urandom"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_BYTESWAP_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_SYS_UIO_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_SYS_TYPES_H 1
+| /* end confdefs.h. */
+| #include <sys/int_types.h>
+configure:4301: result: no
+configure:4336: checking for sys/int_types.h
+configure:4343: result: no
+configure:4373: checking sys/socket.h usability
+configure:4385: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:4391: $? = 0
+configure:4395: test -z
+ || test ! -s conftest.err
+configure:4398: $? = 0
+configure:4401: test -s conftest.o
+configure:4404: $? = 0
+configure:4414: result: yes
+configure:4418: checking sys/socket.h presence
+configure:4428: gcc -E conftest.c
+configure:4434: $? = 0
+configure:4454: result: yes
+configure:4489: checking for sys/socket.h
+configure:4496: result: yes
+configure:4373: checking netinet/in.h usability
+configure:4385: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:4391: $? = 0
+configure:4395: test -z
+ || test ! -s conftest.err
+configure:4398: $? = 0
+configure:4401: test -s conftest.o
+configure:4404: $? = 0
+configure:4414: result: yes
+configure:4418: checking netinet/in.h presence
+configure:4428: gcc -E conftest.c
+configure:4434: $? = 0
+configure:4454: result: yes
+configure:4489: checking for netinet/in.h
+configure:4496: result: yes
+configure:4373: checking arpa/inet.h usability
+configure:4385: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:4391: $? = 0
+configure:4395: test -z
+ || test ! -s conftest.err
+configure:4398: $? = 0
+configure:4401: test -s conftest.o
+configure:4404: $? = 0
+configure:4414: result: yes
+configure:4418: checking arpa/inet.h presence
+configure:4428: gcc -E conftest.c
+configure:4434: $? = 0
+configure:4454: result: yes
+configure:4489: checking for arpa/inet.h
+configure:4496: result: yes
+configure:4523: checking windows.h usability
+configure:4535: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+conftest.c:64:21: error: windows.h: No such file or directory
+configure:4541: $? = 1
+configure: failed program was:
+| /* confdefs.h. */
+|
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define DEV_URANDOM "/dev/urandom"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_BYTESWAP_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_SYS_UIO_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_SOCKET_H 1
+| #define HAVE_NETINET_IN_H 1
+| #define HAVE_ARPA_INET_H 1
+| /* end confdefs.h. */
+| #include <stdio.h>
+| #if HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #if HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #if STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # if HAVE_STDLIB_H
+| # include <stdlib.h>
+| # endif
+| #endif
+| #if HAVE_STRING_H
+| # if !STDC_HEADERS && HAVE_MEMORY_H
+| # include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #if HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #if HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #else
+| # if HAVE_STDINT_H
+| # include <stdint.h>
+| # endif
+| #endif
+| #if HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| #include <windows.h>
+configure:4564: result: no
+configure:4568: checking windows.h presence
+configure:4578: gcc -E conftest.c
+conftest.c:30:21: error: windows.h: No such file or directory
+configure:4584: $? = 1
+configure: failed program was:
+| /* confdefs.h. */
+|
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define DEV_URANDOM "/dev/urandom"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_BYTESWAP_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_SYS_UIO_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_SOCKET_H 1
+| #define HAVE_NETINET_IN_H 1
+| #define HAVE_ARPA_INET_H 1
+| /* end confdefs.h. */
+| #include <windows.h>
+configure:4604: result: no
+configure:4639: checking for windows.h
+configure:4646: result: no
+configure:4823: checking syslog.h usability
+configure:4835: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:4841: $? = 0
+configure:4845: test -z
+ || test ! -s conftest.err
+configure:4848: $? = 0
+configure:4851: test -s conftest.o
+configure:4854: $? = 0
+configure:4864: result: yes
+configure:4868: checking syslog.h presence
+configure:4878: gcc -E conftest.c
+configure:4884: $? = 0
+configure:4904: result: yes
+configure:4939: checking for syslog.h
+configure:4946: result: yes
+configure:4960: checking for int8_t
+configure:4984: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:4990: $? = 0
+configure:4994: test -z
+ || test ! -s conftest.err
+configure:4997: $? = 0
+configure:5000: test -s conftest.o
+configure:5003: $? = 0
+configure:5014: result: yes
+configure:5024: checking for uint8_t
+configure:5048: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:5054: $? = 0
+configure:5058: test -z
+ || test ! -s conftest.err
+configure:5061: $? = 0
+configure:5064: test -s conftest.o
+configure:5067: $? = 0
+configure:5078: result: yes
+configure:5088: checking for int16_t
+configure:5112: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:5118: $? = 0
+configure:5122: test -z
+ || test ! -s conftest.err
+configure:5125: $? = 0
+configure:5128: test -s conftest.o
+configure:5131: $? = 0
+configure:5142: result: yes
+configure:5152: checking for uint16_t
+configure:5176: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:5182: $? = 0
+configure:5186: test -z
+ || test ! -s conftest.err
+configure:5189: $? = 0
+configure:5192: test -s conftest.o
+configure:5195: $? = 0
+configure:5206: result: yes
+configure:5216: checking for int32_t
+configure:5240: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:5246: $? = 0
+configure:5250: test -z
+ || test ! -s conftest.err
+configure:5253: $? = 0
+configure:5256: test -s conftest.o
+configure:5259: $? = 0
+configure:5270: result: yes
+configure:5280: checking for uint32_t
+configure:5304: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:5310: $? = 0
+configure:5314: test -z
+ || test ! -s conftest.err
+configure:5317: $? = 0
+configure:5320: test -s conftest.o
+configure:5323: $? = 0
+configure:5334: result: yes
+configure:5344: checking for uint64_t
+configure:5368: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:5374: $? = 0
+configure:5378: test -z
+ || test ! -s conftest.err
+configure:5381: $? = 0
+configure:5384: test -s conftest.o
+configure:5387: $? = 0
+configure:5398: result: yes
+configure:5409: checking for unsigned long
+configure:5433: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:5439: $? = 0
+configure:5443: test -z
+ || test ! -s conftest.err
+configure:5446: $? = 0
+configure:5449: test -s conftest.o
+configure:5452: $? = 0
+configure:5463: result: yes
+configure:5466: checking size of unsigned long
+configure:5785: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:5788: $? = 0
+configure:5790: ./conftest
+configure:5793: $? = 0
+configure:5816: result: 4
+configure:5823: checking for unsigned long long
+configure:5847: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:5853: $? = 0
+configure:5857: test -z
+ || test ! -s conftest.err
+configure:5860: $? = 0
+configure:5863: test -s conftest.o
+configure:5866: $? = 0
+configure:5877: result: yes
+configure:5880: checking size of unsigned long long
+configure:6199: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:6202: $? = 0
+configure:6204: ./conftest
+configure:6207: $? = 0
+configure:6230: result: 8
+configure:6238: checking for an ANSI C-conforming const
+configure:6305: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+conftest.c: In function 'main':
+conftest.c:67: warning: unused variable 's'
+conftest.c:87: warning: unused variable 'foo'
+conftest.c:54: warning: unused variable 'zero'
+conftest.c:48: warning: unused variable 'x'
+conftest.c:69: warning: 't' is used uninitialized in this function
+conftest.c:84: warning: 'b' is used uninitialized in this function
+configure:6311: $? = 0
+configure:6315: test -z
+ || test ! -s conftest.err
+configure:6318: $? = 0
+configure:6321: test -s conftest.o
+configure:6324: $? = 0
+configure:6335: result: yes
+configure:6345: checking for inline
+configure:6366: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:6372: $? = 0
+configure:6376: test -z
+ || test ! -s conftest.err
+configure:6379: $? = 0
+configure:6382: test -s conftest.o
+configure:6385: $? = 0
+configure:6397: result: inline
+configure:6416: checking for size_t
+configure:6440: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:6446: $? = 0
+configure:6450: test -z
+ || test ! -s conftest.err
+configure:6453: $? = 0
+configure:6456: test -s conftest.o
+configure:6459: $? = 0
+configure:6470: result: yes
+configure:6489: checking for socket
+configure:6546: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:6552: $? = 0
+configure:6556: test -z
+ || test ! -s conftest.err
+configure:6559: $? = 0
+configure:6562: test -s conftest
+configure:6565: $? = 0
+configure:6577: result: yes
+configure:6489: checking for inet_aton
+configure:6546: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:6552: $? = 0
+configure:6556: test -z
+ || test ! -s conftest.err
+configure:6559: $? = 0
+configure:6562: test -s conftest
+configure:6565: $? = 0
+configure:6577: result: yes
+configure:6489: checking for usleep
+configure:6546: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:6552: $? = 0
+configure:6556: test -z
+ || test ! -s conftest.err
+configure:6559: $? = 0
+configure:6562: test -s conftest
+configure:6565: $? = 0
+configure:6577: result: yes
+configure:6723: checking whether byte ordering is bigendian
+configure:6750: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+configure:6756: $? = 0
+configure:6760: test -z
+ || test ! -s conftest.err
+configure:6763: $? = 0
+configure:6766: test -s conftest.o
+configure:6769: $? = 0
+configure:6793: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
+conftest.c: In function 'main':
+conftest.c:50: error: 'not' undeclared (first use in this function)
+conftest.c:50: error: (Each undeclared identifier is reported only once
+conftest.c:50: error: for each function it appears in.)
+conftest.c:50: error: expected ';' before 'big'
+configure:6799: $? = 1
+configure: failed program was:
+| /* confdefs.h. */
+|
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define DEV_URANDOM "/dev/urandom"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_BYTESWAP_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_SYS_UIO_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_SOCKET_H 1
+| #define HAVE_NETINET_IN_H 1
+| #define HAVE_ARPA_INET_H 1
+| #define HAVE_SYSLOG_H 1
+| #define HAVE_INT8_T 1
+| #define HAVE_UINT8_T 1
+| #define HAVE_INT16_T 1
+| #define HAVE_UINT16_T 1
+| #define HAVE_INT32_T 1
+| #define HAVE_UINT32_T 1
+| #define HAVE_UINT64_T 1
+| #define SIZEOF_UNSIGNED_LONG 4
+| #define SIZEOF_UNSIGNED_LONG_LONG 8
+| #define HAVE_SOCKET 1
+| #define HAVE_INET_ATON 1
+| #define HAVE_USLEEP 1
+| /* end confdefs.h. */
+| #include <sys/types.h>
+| #include <sys/param.h>
+|
+| int
+| main ()
+| {
+| #if BYTE_ORDER != BIG_ENDIAN
+| not big endian
+| #endif
+|
+| ;
+| return 0;
+| }
+configure:6934: result: no
+configure:6960: checking build system type
+configure:6978: result: i686-pc-linux-gnu
+configure:6986: checking host system type
+configure:7000: result: i686-pc-linux-gnu
+configure:7046: checking whether to compile in debugging
+configure:7062: result: yes
+configure:7065: checking whether to use ISMAcryp code
+configure:7081: result: no
+configure:7084: checking whether to use syslog for error reporting
+configure:7100: result: no
+configure:7103: checking whether to use stdout for error reporting
+configure:7119: result: yes
+configure:7122: checking whether to use /dev/console for error reporting
+configure:7143: result: no
+configure:7146: checking whether to use GDOI key management
+configure:7164: result: no
+configure:7266: creating ./config.status
+
+## ---------------------- ##
+## Running config.status. ##
+## ---------------------- ##
+
+This file was extended by config.status, which was
+generated by GNU Autoconf 2.59. Invocation command line was
+
+ CONFIG_FILES =
+ CONFIG_HEADERS =
+ CONFIG_LINKS =
+ CONFIG_COMMANDS =
+ $ ./config.status
+
+on hermes
+
+config.status:664: creating Makefile
+config.status:664: creating crypto/Makefile
+config.status:664: creating doc/Makefile
+config.status:768: creating crypto/include/config.h
+config.status:944: crypto/include/config.h is unchanged
+
+## ---------------- ##
+## Cache variables. ##
+## ---------------- ##
+
+ac_cv_build=i686-pc-linux-gnu
+ac_cv_build_alias=i686-pc-linux-gnu
+ac_cv_c_bigendian=no
+ac_cv_c_compiler_gnu=yes
+ac_cv_c_const=yes
+ac_cv_c_inline=inline
+ac_cv_env_CC_set=
+ac_cv_env_CC_value=
+ac_cv_env_CFLAGS_set=
+ac_cv_env_CFLAGS_value=
+ac_cv_env_CPPFLAGS_set=
+ac_cv_env_CPPFLAGS_value=
+ac_cv_env_CPP_set=
+ac_cv_env_CPP_value=
+ac_cv_env_LDFLAGS_set=
+ac_cv_env_LDFLAGS_value=
+ac_cv_env_build_alias_set=
+ac_cv_env_build_alias_value=
+ac_cv_env_host_alias_set=
+ac_cv_env_host_alias_value=
+ac_cv_env_target_alias_set=
+ac_cv_env_target_alias_value=
+ac_cv_exeext=
+ac_cv_file__dev_urandom=yes
+ac_cv_func_inet_aton=yes
+ac_cv_func_socket=yes
+ac_cv_func_usleep=yes
+ac_cv_header_arpa_inet_h=yes
+ac_cv_header_byteswap_h=yes
+ac_cv_header_inttypes_h=yes
+ac_cv_header_machine_types_h=no
+ac_cv_header_memory_h=yes
+ac_cv_header_netinet_in_h=yes
+ac_cv_header_stdc=yes
+ac_cv_header_stdint_h=yes
+ac_cv_header_stdlib_h=yes
+ac_cv_header_string_h=yes
+ac_cv_header_strings_h=yes
+ac_cv_header_sys_int_types_h=no
+ac_cv_header_sys_socket_h=yes
+ac_cv_header_sys_stat_h=yes
+ac_cv_header_sys_types_h=yes
+ac_cv_header_sys_uio_h=yes
+ac_cv_header_syslog_h=yes
+ac_cv_header_unistd_h=yes
+ac_cv_header_windows_h=no
+ac_cv_host=i686-pc-linux-gnu
+ac_cv_host_alias=i686-pc-linux-gnu
+ac_cv_objext=o
+ac_cv_path_install='/usr/bin/install -c'
+ac_cv_prog_CPP='gcc -E'
+ac_cv_prog_ac_ct_CC=gcc
+ac_cv_prog_ac_ct_RANLIB=ranlib
+ac_cv_prog_cc_g=yes
+ac_cv_prog_cc_stdc=
+ac_cv_prog_egrep='grep -E'
+ac_cv_sizeof_unsigned_long=4
+ac_cv_sizeof_unsigned_long_long=8
+ac_cv_type_int16_t=yes
+ac_cv_type_int32_t=yes
+ac_cv_type_int8_t=yes
+ac_cv_type_size_t=yes
+ac_cv_type_uint16_t=yes
+ac_cv_type_uint32_t=yes
+ac_cv_type_uint64_t=yes
+ac_cv_type_uint8_t=yes
+ac_cv_type_unsigned_long=yes
+ac_cv_type_unsigned_long_long=yes
+
+## ----------------- ##
+## Output variables. ##
+## ----------------- ##
+
+CC='gcc'
+CFLAGS='-Wall -O4 -fexpensive-optimizations -funroll-loops'
+CPP='gcc -E'
+CPPFLAGS=''
+DEFS='-DHAVE_CONFIG_H'
+ECHO_C=''
+ECHO_N='-n'
+ECHO_T=''
+EGREP='grep -E'
+EXE=''
+EXEEXT=''
+GDOI_OBJS=''
+INSTALL_DATA='${INSTALL} -m 644'
+INSTALL_PROGRAM='${INSTALL}'
+INSTALL_SCRIPT='${INSTALL}'
+LDFLAGS=''
+LIBOBJS=''
+LIBS=''
+LTLIBOBJS=''
+OBJEXT='o'
+PACKAGE_BUGREPORT=''
+PACKAGE_NAME=''
+PACKAGE_STRING=''
+PACKAGE_TARNAME=''
+PACKAGE_VERSION=''
+PATH_SEPARATOR=':'
+RANLIB='ranlib'
+RNG_OBJS='rand_source.o'
+SHELL='/bin/sh'
+ac_ct_CC='gcc'
+ac_ct_RANLIB='ranlib'
+bindir='${exec_prefix}/bin'
+build='i686-pc-linux-gnu'
+build_alias=''
+build_cpu='i686'
+build_os='linux-gnu'
+build_vendor='pc'
+datadir='${prefix}/share'
+exec_prefix='${prefix}'
+host='i686-pc-linux-gnu'
+host_alias=''
+host_cpu='i686'
+host_os='linux-gnu'
+host_vendor='pc'
+includedir='${prefix}/include'
+infodir='${prefix}/info'
+libdir='${exec_prefix}/lib'
+libexecdir='${exec_prefix}/libexec'
+localstatedir='${prefix}/var'
+mandir='${prefix}/man'
+oldincludedir='/usr/include'
+prefix='/usr/local'
+program_transform_name='s,x,x,'
+sbindir='${exec_prefix}/sbin'
+sharedstatedir='${prefix}/com'
+sysconfdir='${prefix}/etc'
+target_alias=''
+
+## ----------- ##
+## confdefs.h. ##
+## ----------- ##
+
+#define CPU_CISC 1
+#define DEV_URANDOM "/dev/urandom"
+#define ENABLE_DEBUGGING 1
+#define ERR_REPORTING_STDOUT 1
+#define HAVE_ARPA_INET_H 1
+#define HAVE_BYTESWAP_H 1
+#define HAVE_INET_ATON 1
+#define HAVE_INT16_T 1
+#define HAVE_INT32_T 1
+#define HAVE_INT8_T 1
+#define HAVE_INTTYPES_H 1
+#define HAVE_INTTYPES_H 1
+#define HAVE_MEMORY_H 1
+#define HAVE_NETINET_IN_H 1
+#define HAVE_SOCKET 1
+#define HAVE_STDINT_H 1
+#define HAVE_STDINT_H 1
+#define HAVE_STDLIB_H 1
+#define HAVE_STDLIB_H 1
+#define HAVE_STRINGS_H 1
+#define HAVE_STRING_H 1
+#define HAVE_SYSLOG_H 1
+#define HAVE_SYS_SOCKET_H 1
+#define HAVE_SYS_STAT_H 1
+#define HAVE_SYS_TYPES_H 1
+#define HAVE_SYS_TYPES_H 1
+#define HAVE_SYS_UIO_H 1
+#define HAVE_UINT16_T 1
+#define HAVE_UINT32_T 1
+#define HAVE_UINT64_T 1
+#define HAVE_UINT8_T 1
+#define HAVE_UNISTD_H 1
+#define HAVE_UNISTD_H 1
+#define HAVE_USLEEP 1
+#define HAVE_X86 1
+#define PACKAGE_BUGREPORT ""
+#define PACKAGE_NAME ""
+#define PACKAGE_STRING ""
+#define PACKAGE_TARNAME ""
+#define PACKAGE_VERSION ""
+#define SIZEOF_UNSIGNED_LONG 4
+#define SIZEOF_UNSIGNED_LONG_LONG 8
+#define STDC_HEADERS 1
+
+configure: exit 0
diff --git a/srtp/config.status b/srtp/config.status
new file mode 100755
index 0000000..cf616d7
--- /dev/null
+++ b/srtp/config.status
@@ -0,0 +1,993 @@
+#! /bin/sh
+# Generated by configure.
+# Run this file to recreate the current configuration.
+# Compiler output produced by configure, useful for debugging
+# configure, is in config.log if it exists.
+
+debug=false
+ac_cs_recheck=false
+ac_cs_silent=false
+SHELL=${CONFIG_SHELL-/bin/sh}
+## --------------------- ##
+## M4sh Initialization. ##
+## --------------------- ##
+
+# Be Bourne compatible
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+ emulate sh
+ NULLCMD=:
+ # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '${1+"$@"}'='"$@"'
+elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then
+ set -o posix
+fi
+DUALCASE=1; export DUALCASE # for MKS sh
+
+# Support unset when possible.
+if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
+ as_unset=unset
+else
+ as_unset=false
+fi
+
+
+# Work around bugs in pre-3.0 UWIN ksh.
+$as_unset ENV MAIL MAILPATH
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# NLS nuisances.
+for as_var in \
+ LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \
+ LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \
+ LC_TELEPHONE LC_TIME
+do
+ if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then
+ eval $as_var=C; export $as_var
+ else
+ $as_unset $as_var
+ fi
+done
+
+# Required to use basename.
+if expr a : '\(a\)' >/dev/null 2>&1; then
+ as_expr=expr
+else
+ as_expr=false
+fi
+
+if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then
+ as_basename=basename
+else
+ as_basename=false
+fi
+
+
+# Name of the executable.
+as_me=`$as_basename "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+ X"$0" : 'X\(//\)$' \| \
+ X"$0" : 'X\(/\)$' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X/"$0" |
+ sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; }
+ /^X\/\(\/\/\)$/{ s//\1/; q; }
+ /^X\/\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+
+
+# PATH needs CR, and LINENO needs CR and PATH.
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ echo "#! /bin/sh" >conf$$.sh
+ echo "exit 0" >>conf$$.sh
+ chmod +x conf$$.sh
+ if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+ PATH_SEPARATOR=';'
+ else
+ PATH_SEPARATOR=:
+ fi
+ rm -f conf$$.sh
+fi
+
+
+ as_lineno_1=$LINENO
+ as_lineno_2=$LINENO
+ as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
+ test "x$as_lineno_1" != "x$as_lineno_2" &&
+ test "x$as_lineno_3" = "x$as_lineno_2" || {
+ # Find who we are. Look in the path if we contain no path at all
+ # relative or not.
+ case $0 in
+ *[\\/]* ) as_myself=$0 ;;
+ *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+done
+
+ ;;
+ esac
+ # We did not find ourselves, most probably we were run as `sh COMMAND'
+ # in which case we are not to be found in the path.
+ if test "x$as_myself" = x; then
+ as_myself=$0
+ fi
+ if test ! -f "$as_myself"; then
+ { { echo "$as_me:$LINENO: error: cannot find myself; rerun with an absolute path" >&5
+echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+ case $CONFIG_SHELL in
+ '')
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for as_base in sh bash ksh sh5; do
+ case $as_dir in
+ /*)
+ if ("$as_dir/$as_base" -c '
+ as_lineno_1=$LINENO
+ as_lineno_2=$LINENO
+ as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
+ test "x$as_lineno_1" != "x$as_lineno_2" &&
+ test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then
+ $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; }
+ $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; }
+ CONFIG_SHELL=$as_dir/$as_base
+ export CONFIG_SHELL
+ exec "$CONFIG_SHELL" "$0" ${1+"$@"}
+ fi;;
+ esac
+ done
+done
+;;
+ esac
+
+ # Create $as_me.lineno as a copy of $as_myself, but with $LINENO
+ # uniformly replaced by the line number. The first 'sed' inserts a
+ # line-number line before each line; the second 'sed' does the real
+ # work. The second script uses 'N' to pair each line-number line
+ # with the numbered line, and appends trailing '-' during
+ # substitution so that $LINENO is not a special case at line end.
+ # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the
+ # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-)
+ sed '=' <$as_myself |
+ sed '
+ N
+ s,$,-,
+ : loop
+ s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3,
+ t loop
+ s,-$,,
+ s,^['$as_cr_digits']*\n,,
+ ' >$as_me.lineno &&
+ chmod +x $as_me.lineno ||
+ { { echo "$as_me:$LINENO: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&5
+echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2;}
+ { (exit 1); exit 1; }; }
+
+ # Don't try to exec as it changes $[0], causing all sort of problems
+ # (the dirname of $[0] is not the place where we might find the
+ # original and so on. Autoconf is especially sensible to this).
+ . ./$as_me.lineno
+ # Exit status is that of the last command.
+ exit
+}
+
+
+case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in
+ *c*,-n*) ECHO_N= ECHO_C='
+' ECHO_T=' ' ;;
+ *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;;
+ *) ECHO_N= ECHO_C='\c' ECHO_T= ;;
+esac
+
+if expr a : '\(a\)' >/dev/null 2>&1; then
+ as_expr=expr
+else
+ as_expr=false
+fi
+
+rm -f conf$$ conf$$.exe conf$$.file
+echo >conf$$.file
+if ln -s conf$$.file conf$$ 2>/dev/null; then
+ # We could just check for DJGPP; but this test a) works b) is more generic
+ # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04).
+ if test -f conf$$.exe; then
+ # Don't use ln at all; we don't have any links
+ as_ln_s='cp -p'
+ else
+ as_ln_s='ln -s'
+ fi
+elif ln conf$$.file conf$$ 2>/dev/null; then
+ as_ln_s=ln
+else
+ as_ln_s='cp -p'
+fi
+rm -f conf$$ conf$$.exe conf$$.file
+
+if mkdir -p . 2>/dev/null; then
+ as_mkdir_p=:
+else
+ test -d ./-p && rmdir ./-p
+ as_mkdir_p=false
+fi
+
+as_executable_p="test -f"
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+
+# IFS
+# We need space, tab and new line, in precisely that order.
+as_nl='
+'
+IFS=" $as_nl"
+
+# CDPATH.
+$as_unset CDPATH
+
+exec 6>&1
+
+# Open the log real soon, to keep \$[0] and so on meaningful, and to
+# report actual input values of CONFIG_FILES etc. instead of their
+# values after options handling. Logging --version etc. is OK.
+exec 5>>config.log
+{
+ echo
+ sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
+## Running $as_me. ##
+_ASBOX
+} >&5
+cat >&5 <<_CSEOF
+
+This file was extended by $as_me, which was
+generated by GNU Autoconf 2.59. Invocation command line was
+
+ CONFIG_FILES = $CONFIG_FILES
+ CONFIG_HEADERS = $CONFIG_HEADERS
+ CONFIG_LINKS = $CONFIG_LINKS
+ CONFIG_COMMANDS = $CONFIG_COMMANDS
+ $ $0 $@
+
+_CSEOF
+echo "on `(hostname || uname -n) 2>/dev/null | sed 1q`" >&5
+echo >&5
+config_files=" Makefile crypto/Makefile doc/Makefile"
+config_headers=" crypto/include/config.h:config_in.h"
+
+ac_cs_usage="\
+\`$as_me' instantiates files from templates according to the
+current configuration.
+
+Usage: $0 [OPTIONS] [FILE]...
+
+ -h, --help print this help, then exit
+ -V, --version print version number, then exit
+ -q, --quiet do not print progress messages
+ -d, --debug don't remove temporary files
+ --recheck update $as_me by reconfiguring in the same conditions
+ --file=FILE[:TEMPLATE]
+ instantiate the configuration file FILE
+ --header=FILE[:TEMPLATE]
+ instantiate the configuration header FILE
+
+Configuration files:
+$config_files
+
+Configuration headers:
+$config_headers
+
+Report bugs to <bug-autoconf@gnu.org>."
+ac_cs_version="\
+config.status
+configured by ./configure, generated by GNU Autoconf 2.59,
+ with options \"\"
+
+Copyright (C) 2003 Free Software Foundation, Inc.
+This config.status script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it."
+srcdir=.
+INSTALL="/usr/bin/install -c"
+# If no file are specified by the user, then we need to provide default
+# value. By we need to know if files were specified by the user.
+ac_need_defaults=:
+while test $# != 0
+do
+ case $1 in
+ --*=*)
+ ac_option=`expr "x$1" : 'x\([^=]*\)='`
+ ac_optarg=`expr "x$1" : 'x[^=]*=\(.*\)'`
+ ac_shift=:
+ ;;
+ -*)
+ ac_option=$1
+ ac_optarg=$2
+ ac_shift=shift
+ ;;
+ *) # This is not an option, so the user has probably given explicit
+ # arguments.
+ ac_option=$1
+ ac_need_defaults=false;;
+ esac
+
+ case $ac_option in
+ # Handling of the options.
+ -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
+ ac_cs_recheck=: ;;
+ --version | --vers* | -V )
+ echo "$ac_cs_version"; exit 0 ;;
+ --he | --h)
+ # Conflict between --help and --header
+ { { echo "$as_me:$LINENO: error: ambiguous option: $1
+Try \`$0 --help' for more information." >&5
+echo "$as_me: error: ambiguous option: $1
+Try \`$0 --help' for more information." >&2;}
+ { (exit 1); exit 1; }; };;
+ --help | --hel | -h )
+ echo "$ac_cs_usage"; exit 0 ;;
+ --debug | --d* | -d )
+ debug=: ;;
+ --file | --fil | --fi | --f )
+ $ac_shift
+ CONFIG_FILES="$CONFIG_FILES $ac_optarg"
+ ac_need_defaults=false;;
+ --header | --heade | --head | --hea )
+ $ac_shift
+ CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg"
+ ac_need_defaults=false;;
+ -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+ | -silent | --silent | --silen | --sile | --sil | --si | --s)
+ ac_cs_silent=: ;;
+
+ # This is an error.
+ -*) { { echo "$as_me:$LINENO: error: unrecognized option: $1
+Try \`$0 --help' for more information." >&5
+echo "$as_me: error: unrecognized option: $1
+Try \`$0 --help' for more information." >&2;}
+ { (exit 1); exit 1; }; } ;;
+
+ *) ac_config_targets="$ac_config_targets $1" ;;
+
+ esac
+ shift
+done
+
+ac_configure_extra_args=
+
+if $ac_cs_silent; then
+ exec 6>/dev/null
+ ac_configure_extra_args="$ac_configure_extra_args --silent"
+fi
+
+if $ac_cs_recheck; then
+ echo "running /bin/sh ./configure " $ac_configure_extra_args " --no-create --no-recursion" >&6
+ exec /bin/sh ./configure $ac_configure_extra_args --no-create --no-recursion
+fi
+
+for ac_config_target in $ac_config_targets
+do
+ case "$ac_config_target" in
+ # Handling of arguments.
+ "Makefile" ) CONFIG_FILES="$CONFIG_FILES Makefile" ;;
+ "crypto/Makefile" ) CONFIG_FILES="$CONFIG_FILES crypto/Makefile" ;;
+ "doc/Makefile" ) CONFIG_FILES="$CONFIG_FILES doc/Makefile" ;;
+ "crypto/include/config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS crypto/include/config.h:config_in.h" ;;
+ *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5
+echo "$as_me: error: invalid argument: $ac_config_target" >&2;}
+ { (exit 1); exit 1; }; };;
+ esac
+done
+
+# If the user did not use the arguments to specify the items to instantiate,
+# then the envvar interface is used. Set only those that are not.
+# We use the long form for the default assignment because of an extremely
+# bizarre bug on SunOS 4.1.3.
+if $ac_need_defaults; then
+ test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
+ test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
+fi
+
+# Have a temporary directory for convenience. Make it in the build tree
+# simply because there is no reason to put it here, and in addition,
+# creating and moving files from /tmp can sometimes cause problems.
+# Create a temporary directory, and hook for its removal unless debugging.
+$debug ||
+{
+ trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0
+ trap '{ (exit 1); exit 1; }' 1 2 13 15
+}
+
+# Create a (secure) tmp directory for tmp files.
+
+{
+ tmp=`(umask 077 && mktemp -d -q "./confstatXXXXXX") 2>/dev/null` &&
+ test -n "$tmp" && test -d "$tmp"
+} ||
+{
+ tmp=./confstat$$-$RANDOM
+ (umask 077 && mkdir $tmp)
+} ||
+{
+ echo "$me: cannot create a temporary directory in ." >&2
+ { (exit 1); exit 1; }
+}
+
+
+#
+# CONFIG_FILES section.
+#
+
+# No need to generate the scripts if there are no CONFIG_FILES.
+# This happens for instance when ./config.status config.h
+if test -n "$CONFIG_FILES"; then
+ # Protect against being on the right side of a sed subst in config.status.
+ sed 's/,@/@@/; s/@,/@@/; s/,;t t$/@;t t/; /@;t t$/s/[\\&,]/\\&/g;
+ s/@@/,@/; s/@@/@,/; s/@;t t$/,;t t/' >$tmp/subs.sed <<\CEOF
+s,@SHELL@,/bin/sh,;t t
+s,@PATH_SEPARATOR@,:,;t t
+s,@PACKAGE_NAME@,,;t t
+s,@PACKAGE_TARNAME@,,;t t
+s,@PACKAGE_VERSION@,,;t t
+s,@PACKAGE_STRING@,,;t t
+s,@PACKAGE_BUGREPORT@,,;t t
+s,@exec_prefix@,${prefix},;t t
+s,@prefix@,/usr/local,;t t
+s,@program_transform_name@,s,x,x,,;t t
+s,@bindir@,${exec_prefix}/bin,;t t
+s,@sbindir@,${exec_prefix}/sbin,;t t
+s,@libexecdir@,${exec_prefix}/libexec,;t t
+s,@datadir@,${prefix}/share,;t t
+s,@sysconfdir@,${prefix}/etc,;t t
+s,@sharedstatedir@,${prefix}/com,;t t
+s,@localstatedir@,${prefix}/var,;t t
+s,@libdir@,${exec_prefix}/lib,;t t
+s,@includedir@,${prefix}/include,;t t
+s,@oldincludedir@,/usr/include,;t t
+s,@infodir@,${prefix}/info,;t t
+s,@mandir@,${prefix}/man,;t t
+s,@build_alias@,,;t t
+s,@host_alias@,,;t t
+s,@target_alias@,,;t t
+s,@DEFS@,-DHAVE_CONFIG_H,;t t
+s,@ECHO_C@,,;t t
+s,@ECHO_N@,-n,;t t
+s,@ECHO_T@,,;t t
+s,@LIBS@,,;t t
+s,@RANLIB@,ranlib,;t t
+s,@ac_ct_RANLIB@,ranlib,;t t
+s,@CC@,gcc,;t t
+s,@CFLAGS@,-Wall -O4 -fexpensive-optimizations -funroll-loops,;t t
+s,@LDFLAGS@,,;t t
+s,@CPPFLAGS@,,;t t
+s,@ac_ct_CC@,gcc,;t t
+s,@EXEEXT@,,;t t
+s,@OBJEXT@,o,;t t
+s,@INSTALL_PROGRAM@,${INSTALL},;t t
+s,@INSTALL_SCRIPT@,${INSTALL},;t t
+s,@INSTALL_DATA@,${INSTALL} -m 644,;t t
+s,@RNG_OBJS@,rand_source.o,;t t
+s,@CPP@,gcc -E,;t t
+s,@EGREP@,grep -E,;t t
+s,@build@,i686-pc-linux-gnu,;t t
+s,@build_cpu@,i686,;t t
+s,@build_vendor@,pc,;t t
+s,@build_os@,linux-gnu,;t t
+s,@host@,i686-pc-linux-gnu,;t t
+s,@host_cpu@,i686,;t t
+s,@host_vendor@,pc,;t t
+s,@host_os@,linux-gnu,;t t
+s,@EXE@,,;t t
+s,@GDOI_OBJS@,,;t t
+s,@LIBOBJS@,,;t t
+s,@LTLIBOBJS@,,;t t
+CEOF
+
+ # Split the substitutions into bite-sized pieces for seds with
+ # small command number limits, like on Digital OSF/1 and HP-UX.
+ ac_max_sed_lines=48
+ ac_sed_frag=1 # Number of current file.
+ ac_beg=1 # First line for current file.
+ ac_end=$ac_max_sed_lines # Line after last line for current file.
+ ac_more_lines=:
+ ac_sed_cmds=
+ while $ac_more_lines; do
+ if test $ac_beg -gt 1; then
+ sed "1,${ac_beg}d; ${ac_end}q" $tmp/subs.sed >$tmp/subs.frag
+ else
+ sed "${ac_end}q" $tmp/subs.sed >$tmp/subs.frag
+ fi
+ if test ! -s $tmp/subs.frag; then
+ ac_more_lines=false
+ else
+ # The purpose of the label and of the branching condition is to
+ # speed up the sed processing (if there are no `@' at all, there
+ # is no need to browse any of the substitutions).
+ # These are the two extra sed commands mentioned above.
+ (echo ':t
+ /@[a-zA-Z_][a-zA-Z_0-9]*@/!b' && cat $tmp/subs.frag) >$tmp/subs-$ac_sed_frag.sed
+ if test -z "$ac_sed_cmds"; then
+ ac_sed_cmds="sed -f $tmp/subs-$ac_sed_frag.sed"
+ else
+ ac_sed_cmds="$ac_sed_cmds | sed -f $tmp/subs-$ac_sed_frag.sed"
+ fi
+ ac_sed_frag=`expr $ac_sed_frag + 1`
+ ac_beg=$ac_end
+ ac_end=`expr $ac_end + $ac_max_sed_lines`
+ fi
+ done
+ if test -z "$ac_sed_cmds"; then
+ ac_sed_cmds=cat
+ fi
+fi # test -n "$CONFIG_FILES"
+
+for ac_file in : $CONFIG_FILES; do test "x$ac_file" = x: && continue
+ # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
+ case $ac_file in
+ - | *:- | *:-:* ) # input from stdin
+ cat >$tmp/stdin
+ ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
+ ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
+ *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
+ ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
+ * ) ac_file_in=$ac_file.in ;;
+ esac
+
+ # Compute @srcdir@, @top_srcdir@, and @INSTALL@ for subdirectories.
+ ac_dir=`(dirname "$ac_file") 2>/dev/null ||
+$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$ac_file" : 'X\(//\)[^/]' \| \
+ X"$ac_file" : 'X\(//\)$' \| \
+ X"$ac_file" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$ac_file" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ { if $as_mkdir_p; then
+ mkdir -p "$ac_dir"
+ else
+ as_dir="$ac_dir"
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5
+echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+ ac_builddir=.
+
+if test "$ac_dir" != .; then
+ ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
+ # A "../" for each directory in $ac_dir_suffix.
+ ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'`
+else
+ ac_dir_suffix= ac_top_builddir=
+fi
+
+case $srcdir in
+ .) # No --srcdir option. We are building in place.
+ ac_srcdir=.
+ if test -z "$ac_top_builddir"; then
+ ac_top_srcdir=.
+ else
+ ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'`
+ fi ;;
+ [\\/]* | ?:[\\/]* ) # Absolute path.
+ ac_srcdir=$srcdir$ac_dir_suffix;
+ ac_top_srcdir=$srcdir ;;
+ *) # Relative path.
+ ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix
+ ac_top_srcdir=$ac_top_builddir$srcdir ;;
+esac
+
+# Do not use `cd foo && pwd` to compute absolute paths, because
+# the directories may not exist.
+case `pwd` in
+.) ac_abs_builddir="$ac_dir";;
+*)
+ case "$ac_dir" in
+ .) ac_abs_builddir=`pwd`;;
+ [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";;
+ *) ac_abs_builddir=`pwd`/"$ac_dir";;
+ esac;;
+esac
+case $ac_abs_builddir in
+.) ac_abs_top_builddir=${ac_top_builddir}.;;
+*)
+ case ${ac_top_builddir}. in
+ .) ac_abs_top_builddir=$ac_abs_builddir;;
+ [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;;
+ *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;;
+ esac;;
+esac
+case $ac_abs_builddir in
+.) ac_abs_srcdir=$ac_srcdir;;
+*)
+ case $ac_srcdir in
+ .) ac_abs_srcdir=$ac_abs_builddir;;
+ [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;;
+ *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;;
+ esac;;
+esac
+case $ac_abs_builddir in
+.) ac_abs_top_srcdir=$ac_top_srcdir;;
+*)
+ case $ac_top_srcdir in
+ .) ac_abs_top_srcdir=$ac_abs_builddir;;
+ [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;;
+ *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;;
+ esac;;
+esac
+
+
+ case $INSTALL in
+ [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;;
+ *) ac_INSTALL=$ac_top_builddir$INSTALL ;;
+ esac
+
+ if test x"$ac_file" != x-; then
+ { echo "$as_me:$LINENO: creating $ac_file" >&5
+echo "$as_me: creating $ac_file" >&6;}
+ rm -f "$ac_file"
+ fi
+ # Let's still pretend it is `configure' which instantiates (i.e., don't
+ # use $as_me), people would be surprised to read:
+ # /* config.h. Generated by config.status. */
+ if test x"$ac_file" = x-; then
+ configure_input=
+ else
+ configure_input="$ac_file. "
+ fi
+ configure_input=$configure_input"Generated from `echo $ac_file_in |
+ sed 's,.*/,,'` by configure."
+
+ # First look for the input files in the build tree, otherwise in the
+ # src tree.
+ ac_file_inputs=`IFS=:
+ for f in $ac_file_in; do
+ case $f in
+ -) echo $tmp/stdin ;;
+ [\\/$]*)
+ # Absolute (can't be DOS-style, as IFS=:)
+ test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
+echo "$as_me: error: cannot find input file: $f" >&2;}
+ { (exit 1); exit 1; }; }
+ echo "$f";;
+ *) # Relative
+ if test -f "$f"; then
+ # Build tree
+ echo "$f"
+ elif test -f "$srcdir/$f"; then
+ # Source tree
+ echo "$srcdir/$f"
+ else
+ # /dev/null tree
+ { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
+echo "$as_me: error: cannot find input file: $f" >&2;}
+ { (exit 1); exit 1; }; }
+ fi;;
+ esac
+ done` || { (exit 1); exit 1; }
+ sed "/^[ ]*VPATH[ ]*=/{
+s/:*\$(srcdir):*/:/;
+s/:*\${srcdir}:*/:/;
+s/:*@srcdir@:*/:/;
+s/^\([^=]*=[ ]*\):*/\1/;
+s/:*$//;
+s/^[^=]*=[ ]*$//;
+}
+
+:t
+/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
+s,@configure_input@,$configure_input,;t t
+s,@srcdir@,$ac_srcdir,;t t
+s,@abs_srcdir@,$ac_abs_srcdir,;t t
+s,@top_srcdir@,$ac_top_srcdir,;t t
+s,@abs_top_srcdir@,$ac_abs_top_srcdir,;t t
+s,@builddir@,$ac_builddir,;t t
+s,@abs_builddir@,$ac_abs_builddir,;t t
+s,@top_builddir@,$ac_top_builddir,;t t
+s,@abs_top_builddir@,$ac_abs_top_builddir,;t t
+s,@INSTALL@,$ac_INSTALL,;t t
+" $ac_file_inputs | (eval "$ac_sed_cmds") >$tmp/out
+ rm -f $tmp/stdin
+ if test x"$ac_file" != x-; then
+ mv $tmp/out $ac_file
+ else
+ cat $tmp/out
+ rm -f $tmp/out
+ fi
+
+done
+
+#
+# CONFIG_HEADER section.
+#
+
+# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where
+# NAME is the cpp macro being defined and VALUE is the value it is being given.
+#
+# ac_d sets the value in "#define NAME VALUE" lines.
+ac_dA='s,^\([ ]*\)#\([ ]*define[ ][ ]*\)'
+ac_dB='[ ].*$,\1#\2'
+ac_dC=' '
+ac_dD=',;t'
+# ac_u turns "#undef NAME" without trailing blanks into "#define NAME VALUE".
+ac_uA='s,^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)'
+ac_uB='$,\1#\2define\3'
+ac_uC=' '
+ac_uD=',;t'
+
+for ac_file in : $CONFIG_HEADERS; do test "x$ac_file" = x: && continue
+ # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
+ case $ac_file in
+ - | *:- | *:-:* ) # input from stdin
+ cat >$tmp/stdin
+ ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
+ ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
+ *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
+ ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
+ * ) ac_file_in=$ac_file.in ;;
+ esac
+
+ test x"$ac_file" != x- && { echo "$as_me:$LINENO: creating $ac_file" >&5
+echo "$as_me: creating $ac_file" >&6;}
+
+ # First look for the input files in the build tree, otherwise in the
+ # src tree.
+ ac_file_inputs=`IFS=:
+ for f in $ac_file_in; do
+ case $f in
+ -) echo $tmp/stdin ;;
+ [\\/$]*)
+ # Absolute (can't be DOS-style, as IFS=:)
+ test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
+echo "$as_me: error: cannot find input file: $f" >&2;}
+ { (exit 1); exit 1; }; }
+ # Do quote $f, to prevent DOS paths from being IFS'd.
+ echo "$f";;
+ *) # Relative
+ if test -f "$f"; then
+ # Build tree
+ echo "$f"
+ elif test -f "$srcdir/$f"; then
+ # Source tree
+ echo "$srcdir/$f"
+ else
+ # /dev/null tree
+ { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
+echo "$as_me: error: cannot find input file: $f" >&2;}
+ { (exit 1); exit 1; }; }
+ fi;;
+ esac
+ done` || { (exit 1); exit 1; }
+ # Remove the trailing spaces.
+ sed 's/[ ]*$//' $ac_file_inputs >$tmp/in
+
+ # Handle all the #define templates only if necessary.
+ if grep "^[ ]*#[ ]*define" $tmp/in >/dev/null; then
+ # If there are no defines, we may have an empty if/fi
+ :
+ cat >$tmp/defines.sed <<CEOF
+/^[ ]*#[ ]*define/!b
+t clr
+: clr
+${ac_dA}PACKAGE_NAME${ac_dB}PACKAGE_NAME${ac_dC}""${ac_dD}
+${ac_dA}PACKAGE_TARNAME${ac_dB}PACKAGE_TARNAME${ac_dC}""${ac_dD}
+${ac_dA}PACKAGE_VERSION${ac_dB}PACKAGE_VERSION${ac_dC}""${ac_dD}
+${ac_dA}PACKAGE_STRING${ac_dB}PACKAGE_STRING${ac_dC}""${ac_dD}
+${ac_dA}PACKAGE_BUGREPORT${ac_dB}PACKAGE_BUGREPORT${ac_dC}""${ac_dD}
+${ac_dA}DEV_URANDOM${ac_dB}DEV_URANDOM${ac_dC}"/dev/urandom"${ac_dD}
+${ac_dA}STDC_HEADERS${ac_dB}STDC_HEADERS${ac_dC}1${ac_dD}
+${ac_dA}HAVE_SYS_TYPES_H${ac_dB}HAVE_SYS_TYPES_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_SYS_STAT_H${ac_dB}HAVE_SYS_STAT_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_STDLIB_H${ac_dB}HAVE_STDLIB_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_STRING_H${ac_dB}HAVE_STRING_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_MEMORY_H${ac_dB}HAVE_MEMORY_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_STRINGS_H${ac_dB}HAVE_STRINGS_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_INTTYPES_H${ac_dB}HAVE_INTTYPES_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_STDINT_H${ac_dB}HAVE_STDINT_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_UNISTD_H${ac_dB}HAVE_UNISTD_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_STDLIB_H${ac_dB}HAVE_STDLIB_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_UNISTD_H${ac_dB}HAVE_UNISTD_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_BYTESWAP_H${ac_dB}HAVE_BYTESWAP_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_STDINT_H${ac_dB}HAVE_STDINT_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_SYS_UIO_H${ac_dB}HAVE_SYS_UIO_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_INTTYPES_H${ac_dB}HAVE_INTTYPES_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_SYS_TYPES_H${ac_dB}HAVE_SYS_TYPES_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_SYS_SOCKET_H${ac_dB}HAVE_SYS_SOCKET_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_NETINET_IN_H${ac_dB}HAVE_NETINET_IN_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_ARPA_INET_H${ac_dB}HAVE_ARPA_INET_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_SYSLOG_H${ac_dB}HAVE_SYSLOG_H${ac_dC}1${ac_dD}
+${ac_dA}HAVE_INT8_T${ac_dB}HAVE_INT8_T${ac_dC}1${ac_dD}
+${ac_dA}HAVE_UINT8_T${ac_dB}HAVE_UINT8_T${ac_dC}1${ac_dD}
+${ac_dA}HAVE_INT16_T${ac_dB}HAVE_INT16_T${ac_dC}1${ac_dD}
+${ac_dA}HAVE_UINT16_T${ac_dB}HAVE_UINT16_T${ac_dC}1${ac_dD}
+${ac_dA}HAVE_INT32_T${ac_dB}HAVE_INT32_T${ac_dC}1${ac_dD}
+${ac_dA}HAVE_UINT32_T${ac_dB}HAVE_UINT32_T${ac_dC}1${ac_dD}
+${ac_dA}HAVE_UINT64_T${ac_dB}HAVE_UINT64_T${ac_dC}1${ac_dD}
+${ac_dA}SIZEOF_UNSIGNED_LONG${ac_dB}SIZEOF_UNSIGNED_LONG${ac_dC}4${ac_dD}
+${ac_dA}SIZEOF_UNSIGNED_LONG_LONG${ac_dB}SIZEOF_UNSIGNED_LONG_LONG${ac_dC}8${ac_dD}
+${ac_dA}HAVE_SOCKET${ac_dB}HAVE_SOCKET${ac_dC}1${ac_dD}
+${ac_dA}HAVE_INET_ATON${ac_dB}HAVE_INET_ATON${ac_dC}1${ac_dD}
+CEOF
+ sed -f $tmp/defines.sed $tmp/in >$tmp/out
+ rm -f $tmp/in
+ mv $tmp/out $tmp/in
+
+ cat >$tmp/defines.sed <<CEOF
+/^[ ]*#[ ]*define/!b
+t clr
+: clr
+${ac_dA}HAVE_USLEEP${ac_dB}HAVE_USLEEP${ac_dC}1${ac_dD}
+${ac_dA}CPU_CISC${ac_dB}CPU_CISC${ac_dC}1${ac_dD}
+${ac_dA}HAVE_X86${ac_dB}HAVE_X86${ac_dC}1${ac_dD}
+${ac_dA}ENABLE_DEBUGGING${ac_dB}ENABLE_DEBUGGING${ac_dC}1${ac_dD}
+${ac_dA}ERR_REPORTING_STDOUT${ac_dB}ERR_REPORTING_STDOUT${ac_dC}1${ac_dD}
+CEOF
+ sed -f $tmp/defines.sed $tmp/in >$tmp/out
+ rm -f $tmp/in
+ mv $tmp/out $tmp/in
+
+ fi # grep
+
+ # Handle all the #undef templates
+ cat >$tmp/undefs.sed <<CEOF
+/^[ ]*#[ ]*undef/!b
+t clr
+: clr
+${ac_uA}PACKAGE_NAME${ac_uB}PACKAGE_NAME${ac_uC}""${ac_uD}
+${ac_uA}PACKAGE_TARNAME${ac_uB}PACKAGE_TARNAME${ac_uC}""${ac_uD}
+${ac_uA}PACKAGE_VERSION${ac_uB}PACKAGE_VERSION${ac_uC}""${ac_uD}
+${ac_uA}PACKAGE_STRING${ac_uB}PACKAGE_STRING${ac_uC}""${ac_uD}
+${ac_uA}PACKAGE_BUGREPORT${ac_uB}PACKAGE_BUGREPORT${ac_uC}""${ac_uD}
+${ac_uA}DEV_URANDOM${ac_uB}DEV_URANDOM${ac_uC}"/dev/urandom"${ac_uD}
+${ac_uA}STDC_HEADERS${ac_uB}STDC_HEADERS${ac_uC}1${ac_uD}
+${ac_uA}HAVE_SYS_TYPES_H${ac_uB}HAVE_SYS_TYPES_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_SYS_STAT_H${ac_uB}HAVE_SYS_STAT_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_STDLIB_H${ac_uB}HAVE_STDLIB_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_STRING_H${ac_uB}HAVE_STRING_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_MEMORY_H${ac_uB}HAVE_MEMORY_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_STRINGS_H${ac_uB}HAVE_STRINGS_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_INTTYPES_H${ac_uB}HAVE_INTTYPES_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_STDINT_H${ac_uB}HAVE_STDINT_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_UNISTD_H${ac_uB}HAVE_UNISTD_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_STDLIB_H${ac_uB}HAVE_STDLIB_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_UNISTD_H${ac_uB}HAVE_UNISTD_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_BYTESWAP_H${ac_uB}HAVE_BYTESWAP_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_STDINT_H${ac_uB}HAVE_STDINT_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_SYS_UIO_H${ac_uB}HAVE_SYS_UIO_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_INTTYPES_H${ac_uB}HAVE_INTTYPES_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_SYS_TYPES_H${ac_uB}HAVE_SYS_TYPES_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_SYS_SOCKET_H${ac_uB}HAVE_SYS_SOCKET_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_NETINET_IN_H${ac_uB}HAVE_NETINET_IN_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_ARPA_INET_H${ac_uB}HAVE_ARPA_INET_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_SYSLOG_H${ac_uB}HAVE_SYSLOG_H${ac_uC}1${ac_uD}
+${ac_uA}HAVE_INT8_T${ac_uB}HAVE_INT8_T${ac_uC}1${ac_uD}
+${ac_uA}HAVE_UINT8_T${ac_uB}HAVE_UINT8_T${ac_uC}1${ac_uD}
+${ac_uA}HAVE_INT16_T${ac_uB}HAVE_INT16_T${ac_uC}1${ac_uD}
+${ac_uA}HAVE_UINT16_T${ac_uB}HAVE_UINT16_T${ac_uC}1${ac_uD}
+${ac_uA}HAVE_INT32_T${ac_uB}HAVE_INT32_T${ac_uC}1${ac_uD}
+${ac_uA}HAVE_UINT32_T${ac_uB}HAVE_UINT32_T${ac_uC}1${ac_uD}
+${ac_uA}HAVE_UINT64_T${ac_uB}HAVE_UINT64_T${ac_uC}1${ac_uD}
+${ac_uA}SIZEOF_UNSIGNED_LONG${ac_uB}SIZEOF_UNSIGNED_LONG${ac_uC}4${ac_uD}
+${ac_uA}SIZEOF_UNSIGNED_LONG_LONG${ac_uB}SIZEOF_UNSIGNED_LONG_LONG${ac_uC}8${ac_uD}
+${ac_uA}HAVE_SOCKET${ac_uB}HAVE_SOCKET${ac_uC}1${ac_uD}
+${ac_uA}HAVE_INET_ATON${ac_uB}HAVE_INET_ATON${ac_uC}1${ac_uD}
+CEOF
+ sed -f $tmp/undefs.sed $tmp/in >$tmp/out
+ rm -f $tmp/in
+ mv $tmp/out $tmp/in
+
+ cat >$tmp/undefs.sed <<CEOF
+/^[ ]*#[ ]*undef/!b
+t clr
+: clr
+${ac_uA}HAVE_USLEEP${ac_uB}HAVE_USLEEP${ac_uC}1${ac_uD}
+${ac_uA}CPU_CISC${ac_uB}CPU_CISC${ac_uC}1${ac_uD}
+${ac_uA}HAVE_X86${ac_uB}HAVE_X86${ac_uC}1${ac_uD}
+${ac_uA}ENABLE_DEBUGGING${ac_uB}ENABLE_DEBUGGING${ac_uC}1${ac_uD}
+${ac_uA}ERR_REPORTING_STDOUT${ac_uB}ERR_REPORTING_STDOUT${ac_uC}1${ac_uD}
+s,^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*,/* & */,
+CEOF
+ sed -f $tmp/undefs.sed $tmp/in >$tmp/out
+ rm -f $tmp/in
+ mv $tmp/out $tmp/in
+
+ # Let's still pretend it is `configure' which instantiates (i.e., don't
+ # use $as_me), people would be surprised to read:
+ # /* config.h. Generated by config.status. */
+ if test x"$ac_file" = x-; then
+ echo "/* Generated by configure. */" >$tmp/config.h
+ else
+ echo "/* $ac_file. Generated by configure. */" >$tmp/config.h
+ fi
+ cat $tmp/in >>$tmp/config.h
+ rm -f $tmp/in
+ if test x"$ac_file" != x-; then
+ if diff $ac_file $tmp/config.h >/dev/null 2>&1; then
+ { echo "$as_me:$LINENO: $ac_file is unchanged" >&5
+echo "$as_me: $ac_file is unchanged" >&6;}
+ else
+ ac_dir=`(dirname "$ac_file") 2>/dev/null ||
+$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$ac_file" : 'X\(//\)[^/]' \| \
+ X"$ac_file" : 'X\(//\)$' \| \
+ X"$ac_file" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$ac_file" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ { if $as_mkdir_p; then
+ mkdir -p "$ac_dir"
+ else
+ as_dir="$ac_dir"
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5
+echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+ rm -f $ac_file
+ mv $tmp/config.h $ac_file
+ fi
+ else
+ cat $tmp/config.h
+ rm -f $tmp/config.h
+ fi
+done
+
+{ (exit 0); exit 0; }
diff --git a/srtp/config.sub b/srtp/config.sub
new file mode 100755
index 0000000..edb6b66
--- /dev/null
+++ b/srtp/config.sub
@@ -0,0 +1,1555 @@
+#! /bin/sh
+# Configuration validation subroutine script.
+# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
+# 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
+
+timestamp='2004-08-29'
+
+# This file is (in principle) common to ALL GNU software.
+# The presence of a machine in this file suggests that SOME GNU software
+# can handle that machine. It does not imply ALL GNU software can.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330,
+# Boston, MA 02111-1307, USA.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Please send patches to <config-patches@gnu.org>. Submit a context
+# diff and a properly formatted ChangeLog entry.
+#
+# Configuration subroutine to validate and canonicalize a configuration type.
+# Supply the specified configuration type as an argument.
+# If it is invalid, we print an error message on stderr and exit with code 1.
+# Otherwise, we print the canonical config type on stdout and succeed.
+
+# This file is supposed to be the same for all GNU packages
+# and recognize all the CPU types, system types and aliases
+# that are meaningful with *any* GNU software.
+# Each package is responsible for reporting which valid configurations
+# it does not support. The user should be able to distinguish
+# a failure to support a valid configuration from a meaningless
+# configuration.
+
+# The goal of this file is to map all the various variations of a given
+# machine specification into a single specification in the form:
+# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
+# or in some cases, the newer four-part form:
+# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
+# It is wrong to echo any other type of specification.
+
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION] CPU-MFR-OPSYS
+ $0 [OPTION] ALIAS
+
+Canonicalize a configuration name.
+
+Operation modes:
+ -h, --help print this help, then exit
+ -t, --time-stamp print date of last modification, then exit
+ -v, --version print version number, then exit
+
+Report bugs and patches to <config-patches@gnu.org>."
+
+version="\
+GNU config.sub ($timestamp)
+
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004
+Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions. There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+ case $1 in
+ --time-stamp | --time* | -t )
+ echo "$timestamp" ; exit 0 ;;
+ --version | -v )
+ echo "$version" ; exit 0 ;;
+ --help | --h* | -h )
+ echo "$usage"; exit 0 ;;
+ -- ) # Stop option processing
+ shift; break ;;
+ - ) # Use stdin as input.
+ break ;;
+ -* )
+ echo "$me: invalid option $1$help"
+ exit 1 ;;
+
+ *local*)
+ # First pass through any local machine types.
+ echo $1
+ exit 0;;
+
+ * )
+ break ;;
+ esac
+done
+
+case $# in
+ 0) echo "$me: missing argument$help" >&2
+ exit 1;;
+ 1) ;;
+ *) echo "$me: too many arguments$help" >&2
+ exit 1;;
+esac
+
+# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any).
+# Here we must recognize all the valid KERNEL-OS combinations.
+maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
+case $maybe_os in
+ nto-qnx* | linux-gnu* | linux-dietlibc | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | \
+ kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*)
+ os=-$maybe_os
+ basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
+ ;;
+ *)
+ basic_machine=`echo $1 | sed 's/-[^-]*$//'`
+ if [ $basic_machine != $1 ]
+ then os=`echo $1 | sed 's/.*-/-/'`
+ else os=; fi
+ ;;
+esac
+
+### Let's recognize common machines as not being operating systems so
+### that things like config.sub decstation-3100 work. We also
+### recognize some manufacturers as not being operating systems, so we
+### can provide default operating systems below.
+case $os in
+ -sun*os*)
+ # Prevent following clause from handling this invalid input.
+ ;;
+ -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \
+ -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \
+ -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \
+ -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
+ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
+ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
+ -apple | -axis | -knuth | -cray)
+ os=
+ basic_machine=$1
+ ;;
+ -sim | -cisco | -oki | -wec | -winbond)
+ os=
+ basic_machine=$1
+ ;;
+ -scout)
+ ;;
+ -wrs)
+ os=-vxworks
+ basic_machine=$1
+ ;;
+ -chorusos*)
+ os=-chorusos
+ basic_machine=$1
+ ;;
+ -chorusrdb)
+ os=-chorusrdb
+ basic_machine=$1
+ ;;
+ -hiux*)
+ os=-hiuxwe2
+ ;;
+ -sco5)
+ os=-sco3.2v5
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco4)
+ os=-sco3.2v4
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco3.2.[4-9]*)
+ os=`echo $os | sed -e 's/sco3.2./sco3.2v/'`
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco3.2v[4-9]*)
+ # Don't forget version if it is 3.2v4 or newer.
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco*)
+ os=-sco3.2v2
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -udk*)
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -isc)
+ os=-isc2.2
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -clix*)
+ basic_machine=clipper-intergraph
+ ;;
+ -isc*)
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -lynx*)
+ os=-lynxos
+ ;;
+ -ptx*)
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'`
+ ;;
+ -windowsnt*)
+ os=`echo $os | sed -e 's/windowsnt/winnt/'`
+ ;;
+ -psos*)
+ os=-psos
+ ;;
+ -mint | -mint[0-9]*)
+ basic_machine=m68k-atari
+ os=-mint
+ ;;
+esac
+
+# Decode aliases for certain CPU-COMPANY combinations.
+case $basic_machine in
+ # Recognize the basic CPU types without company name.
+ # Some are omitted here because they have special meanings below.
+ 1750a | 580 \
+ | a29k \
+ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
+ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
+ | am33_2.0 \
+ | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \
+ | c4x | clipper \
+ | d10v | d30v | dlx | dsp16xx \
+ | fr30 | frv \
+ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
+ | i370 | i860 | i960 | ia64 \
+ | ip2k | iq2000 \
+ | m32r | m32rle | m68000 | m68k | m88k | mcore \
+ | mips | mipsbe | mipseb | mipsel | mipsle \
+ | mips16 \
+ | mips64 | mips64el \
+ | mips64vr | mips64vrel \
+ | mips64orion | mips64orionel \
+ | mips64vr4100 | mips64vr4100el \
+ | mips64vr4300 | mips64vr4300el \
+ | mips64vr5000 | mips64vr5000el \
+ | mipsisa32 | mipsisa32el \
+ | mipsisa32r2 | mipsisa32r2el \
+ | mipsisa64 | mipsisa64el \
+ | mipsisa64r2 | mipsisa64r2el \
+ | mipsisa64sb1 | mipsisa64sb1el \
+ | mipsisa64sr71k | mipsisa64sr71kel \
+ | mipstx39 | mipstx39el \
+ | mn10200 | mn10300 \
+ | msp430 \
+ | ns16k | ns32k \
+ | openrisc | or32 \
+ | pdp10 | pdp11 | pj | pjl \
+ | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
+ | pyramid \
+ | sh | sh[1234] | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
+ | sh64 | sh64le \
+ | sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv8 | sparcv9 | sparcv9b \
+ | strongarm \
+ | tahoe | thumb | tic4x | tic80 | tron \
+ | v850 | v850e \
+ | we32k \
+ | x86 | xscale | xstormy16 | xtensa \
+ | z8k)
+ basic_machine=$basic_machine-unknown
+ ;;
+ m6811 | m68hc11 | m6812 | m68hc12)
+ # Motorola 68HC11/12.
+ basic_machine=$basic_machine-unknown
+ os=-none
+ ;;
+ m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
+ ;;
+
+ # We use `pc' rather than `unknown'
+ # because (1) that's what they normally are, and
+ # (2) the word "unknown" tends to confuse beginning users.
+ i*86 | x86_64)
+ basic_machine=$basic_machine-pc
+ ;;
+ # Object if more than one company name word.
+ *-*-*)
+ echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+ exit 1
+ ;;
+ # Recognize the basic CPU types with company name.
+ 580-* \
+ | a29k-* \
+ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
+ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
+ | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
+ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \
+ | avr-* \
+ | bs2000-* \
+ | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
+ | clipper-* | craynv-* | cydra-* \
+ | d10v-* | d30v-* | dlx-* \
+ | elxsi-* \
+ | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \
+ | h8300-* | h8500-* \
+ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
+ | i*86-* | i860-* | i960-* | ia64-* \
+ | ip2k-* | iq2000-* \
+ | m32r-* | m32rle-* \
+ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
+ | m88110-* | m88k-* | mcore-* \
+ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
+ | mips16-* \
+ | mips64-* | mips64el-* \
+ | mips64vr-* | mips64vrel-* \
+ | mips64orion-* | mips64orionel-* \
+ | mips64vr4100-* | mips64vr4100el-* \
+ | mips64vr4300-* | mips64vr4300el-* \
+ | mips64vr5000-* | mips64vr5000el-* \
+ | mipsisa32-* | mipsisa32el-* \
+ | mipsisa32r2-* | mipsisa32r2el-* \
+ | mipsisa64-* | mipsisa64el-* \
+ | mipsisa64r2-* | mipsisa64r2el-* \
+ | mipsisa64sb1-* | mipsisa64sb1el-* \
+ | mipsisa64sr71k-* | mipsisa64sr71kel-* \
+ | mipstx39-* | mipstx39el-* \
+ | mmix-* \
+ | msp430-* \
+ | none-* | np1-* | ns16k-* | ns32k-* \
+ | orion-* \
+ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
+ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
+ | pyramid-* \
+ | romp-* | rs6000-* \
+ | sh-* | sh[1234]-* | sh[23]e-* | sh[34]eb-* | shbe-* \
+ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
+ | sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \
+ | sparcv8-* | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
+ | tahoe-* | thumb-* \
+ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
+ | tron-* \
+ | v850-* | v850e-* | vax-* \
+ | we32k-* \
+ | x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \
+ | xtensa-* \
+ | ymp-* \
+ | z8k-*)
+ ;;
+ # Recognize the various machine names and aliases which stand
+ # for a CPU type and a company and sometimes even an OS.
+ 386bsd)
+ basic_machine=i386-unknown
+ os=-bsd
+ ;;
+ 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc)
+ basic_machine=m68000-att
+ ;;
+ 3b*)
+ basic_machine=we32k-att
+ ;;
+ a29khif)
+ basic_machine=a29k-amd
+ os=-udi
+ ;;
+ abacus)
+ basic_machine=abacus-unknown
+ ;;
+ adobe68k)
+ basic_machine=m68010-adobe
+ os=-scout
+ ;;
+ alliant | fx80)
+ basic_machine=fx80-alliant
+ ;;
+ altos | altos3068)
+ basic_machine=m68k-altos
+ ;;
+ am29k)
+ basic_machine=a29k-none
+ os=-bsd
+ ;;
+ amd64)
+ basic_machine=x86_64-pc
+ ;;
+ amd64-*)
+ basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ amdahl)
+ basic_machine=580-amdahl
+ os=-sysv
+ ;;
+ amiga | amiga-*)
+ basic_machine=m68k-unknown
+ ;;
+ amigaos | amigados)
+ basic_machine=m68k-unknown
+ os=-amigaos
+ ;;
+ amigaunix | amix)
+ basic_machine=m68k-unknown
+ os=-sysv4
+ ;;
+ apollo68)
+ basic_machine=m68k-apollo
+ os=-sysv
+ ;;
+ apollo68bsd)
+ basic_machine=m68k-apollo
+ os=-bsd
+ ;;
+ aux)
+ basic_machine=m68k-apple
+ os=-aux
+ ;;
+ balance)
+ basic_machine=ns32k-sequent
+ os=-dynix
+ ;;
+ c90)
+ basic_machine=c90-cray
+ os=-unicos
+ ;;
+ convex-c1)
+ basic_machine=c1-convex
+ os=-bsd
+ ;;
+ convex-c2)
+ basic_machine=c2-convex
+ os=-bsd
+ ;;
+ convex-c32)
+ basic_machine=c32-convex
+ os=-bsd
+ ;;
+ convex-c34)
+ basic_machine=c34-convex
+ os=-bsd
+ ;;
+ convex-c38)
+ basic_machine=c38-convex
+ os=-bsd
+ ;;
+ cray | j90)
+ basic_machine=j90-cray
+ os=-unicos
+ ;;
+ craynv)
+ basic_machine=craynv-cray
+ os=-unicosmp
+ ;;
+ cr16c)
+ basic_machine=cr16c-unknown
+ os=-elf
+ ;;
+ crds | unos)
+ basic_machine=m68k-crds
+ ;;
+ crisv32 | crisv32-* | etraxfs*)
+ basic_machine=crisv32-axis
+ ;;
+ cris | cris-* | etrax*)
+ basic_machine=cris-axis
+ ;;
+ crx)
+ basic_machine=crx-unknown
+ os=-elf
+ ;;
+ da30 | da30-*)
+ basic_machine=m68k-da30
+ ;;
+ decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn)
+ basic_machine=mips-dec
+ ;;
+ decsystem10* | dec10*)
+ basic_machine=pdp10-dec
+ os=-tops10
+ ;;
+ decsystem20* | dec20*)
+ basic_machine=pdp10-dec
+ os=-tops20
+ ;;
+ delta | 3300 | motorola-3300 | motorola-delta \
+ | 3300-motorola | delta-motorola)
+ basic_machine=m68k-motorola
+ ;;
+ delta88)
+ basic_machine=m88k-motorola
+ os=-sysv3
+ ;;
+ dpx20 | dpx20-*)
+ basic_machine=rs6000-bull
+ os=-bosx
+ ;;
+ dpx2* | dpx2*-bull)
+ basic_machine=m68k-bull
+ os=-sysv3
+ ;;
+ ebmon29k)
+ basic_machine=a29k-amd
+ os=-ebmon
+ ;;
+ elxsi)
+ basic_machine=elxsi-elxsi
+ os=-bsd
+ ;;
+ encore | umax | mmax)
+ basic_machine=ns32k-encore
+ ;;
+ es1800 | OSE68k | ose68k | ose | OSE)
+ basic_machine=m68k-ericsson
+ os=-ose
+ ;;
+ fx2800)
+ basic_machine=i860-alliant
+ ;;
+ genix)
+ basic_machine=ns32k-ns
+ ;;
+ gmicro)
+ basic_machine=tron-gmicro
+ os=-sysv
+ ;;
+ go32)
+ basic_machine=i386-pc
+ os=-go32
+ ;;
+ h3050r* | hiux*)
+ basic_machine=hppa1.1-hitachi
+ os=-hiuxwe2
+ ;;
+ h8300hms)
+ basic_machine=h8300-hitachi
+ os=-hms
+ ;;
+ h8300xray)
+ basic_machine=h8300-hitachi
+ os=-xray
+ ;;
+ h8500hms)
+ basic_machine=h8500-hitachi
+ os=-hms
+ ;;
+ harris)
+ basic_machine=m88k-harris
+ os=-sysv3
+ ;;
+ hp300-*)
+ basic_machine=m68k-hp
+ ;;
+ hp300bsd)
+ basic_machine=m68k-hp
+ os=-bsd
+ ;;
+ hp300hpux)
+ basic_machine=m68k-hp
+ os=-hpux
+ ;;
+ hp3k9[0-9][0-9] | hp9[0-9][0-9])
+ basic_machine=hppa1.0-hp
+ ;;
+ hp9k2[0-9][0-9] | hp9k31[0-9])
+ basic_machine=m68000-hp
+ ;;
+ hp9k3[2-9][0-9])
+ basic_machine=m68k-hp
+ ;;
+ hp9k6[0-9][0-9] | hp6[0-9][0-9])
+ basic_machine=hppa1.0-hp
+ ;;
+ hp9k7[0-79][0-9] | hp7[0-79][0-9])
+ basic_machine=hppa1.1-hp
+ ;;
+ hp9k78[0-9] | hp78[0-9])
+ # FIXME: really hppa2.0-hp
+ basic_machine=hppa1.1-hp
+ ;;
+ hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893)
+ # FIXME: really hppa2.0-hp
+ basic_machine=hppa1.1-hp
+ ;;
+ hp9k8[0-9][13679] | hp8[0-9][13679])
+ basic_machine=hppa1.1-hp
+ ;;
+ hp9k8[0-9][0-9] | hp8[0-9][0-9])
+ basic_machine=hppa1.0-hp
+ ;;
+ hppa-next)
+ os=-nextstep3
+ ;;
+ hppaosf)
+ basic_machine=hppa1.1-hp
+ os=-osf
+ ;;
+ hppro)
+ basic_machine=hppa1.1-hp
+ os=-proelf
+ ;;
+ i370-ibm* | ibm*)
+ basic_machine=i370-ibm
+ ;;
+# I'm not sure what "Sysv32" means. Should this be sysv3.2?
+ i*86v32)
+ basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+ os=-sysv32
+ ;;
+ i*86v4*)
+ basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+ os=-sysv4
+ ;;
+ i*86v)
+ basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+ os=-sysv
+ ;;
+ i*86sol2)
+ basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+ os=-solaris2
+ ;;
+ i386mach)
+ basic_machine=i386-mach
+ os=-mach
+ ;;
+ i386-vsta | vsta)
+ basic_machine=i386-unknown
+ os=-vsta
+ ;;
+ iris | iris4d)
+ basic_machine=mips-sgi
+ case $os in
+ -irix*)
+ ;;
+ *)
+ os=-irix4
+ ;;
+ esac
+ ;;
+ isi68 | isi)
+ basic_machine=m68k-isi
+ os=-sysv
+ ;;
+ m88k-omron*)
+ basic_machine=m88k-omron
+ ;;
+ magnum | m3230)
+ basic_machine=mips-mips
+ os=-sysv
+ ;;
+ merlin)
+ basic_machine=ns32k-utek
+ os=-sysv
+ ;;
+ mingw32)
+ basic_machine=i386-pc
+ os=-mingw32
+ ;;
+ miniframe)
+ basic_machine=m68000-convergent
+ ;;
+ *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*)
+ basic_machine=m68k-atari
+ os=-mint
+ ;;
+ mips3*-*)
+ basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
+ ;;
+ mips3*)
+ basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
+ ;;
+ monitor)
+ basic_machine=m68k-rom68k
+ os=-coff
+ ;;
+ morphos)
+ basic_machine=powerpc-unknown
+ os=-morphos
+ ;;
+ msdos)
+ basic_machine=i386-pc
+ os=-msdos
+ ;;
+ mvs)
+ basic_machine=i370-ibm
+ os=-mvs
+ ;;
+ ncr3000)
+ basic_machine=i486-ncr
+ os=-sysv4
+ ;;
+ netbsd386)
+ basic_machine=i386-unknown
+ os=-netbsd
+ ;;
+ netwinder)
+ basic_machine=armv4l-rebel
+ os=-linux
+ ;;
+ news | news700 | news800 | news900)
+ basic_machine=m68k-sony
+ os=-newsos
+ ;;
+ news1000)
+ basic_machine=m68030-sony
+ os=-newsos
+ ;;
+ news-3600 | risc-news)
+ basic_machine=mips-sony
+ os=-newsos
+ ;;
+ necv70)
+ basic_machine=v70-nec
+ os=-sysv
+ ;;
+ next | m*-next )
+ basic_machine=m68k-next
+ case $os in
+ -nextstep* )
+ ;;
+ -ns2*)
+ os=-nextstep2
+ ;;
+ *)
+ os=-nextstep3
+ ;;
+ esac
+ ;;
+ nh3000)
+ basic_machine=m68k-harris
+ os=-cxux
+ ;;
+ nh[45]000)
+ basic_machine=m88k-harris
+ os=-cxux
+ ;;
+ nindy960)
+ basic_machine=i960-intel
+ os=-nindy
+ ;;
+ mon960)
+ basic_machine=i960-intel
+ os=-mon960
+ ;;
+ nonstopux)
+ basic_machine=mips-compaq
+ os=-nonstopux
+ ;;
+ np1)
+ basic_machine=np1-gould
+ ;;
+ nsr-tandem)
+ basic_machine=nsr-tandem
+ ;;
+ op50n-* | op60c-*)
+ basic_machine=hppa1.1-oki
+ os=-proelf
+ ;;
+ or32 | or32-*)
+ basic_machine=or32-unknown
+ os=-coff
+ ;;
+ os400)
+ basic_machine=powerpc-ibm
+ os=-os400
+ ;;
+ OSE68000 | ose68000)
+ basic_machine=m68000-ericsson
+ os=-ose
+ ;;
+ os68k)
+ basic_machine=m68k-none
+ os=-os68k
+ ;;
+ pa-hitachi)
+ basic_machine=hppa1.1-hitachi
+ os=-hiuxwe2
+ ;;
+ paragon)
+ basic_machine=i860-intel
+ os=-osf
+ ;;
+ pbd)
+ basic_machine=sparc-tti
+ ;;
+ pbb)
+ basic_machine=m68k-tti
+ ;;
+ pc532 | pc532-*)
+ basic_machine=ns32k-pc532
+ ;;
+ pentium | p5 | k5 | k6 | nexgen | viac3)
+ basic_machine=i586-pc
+ ;;
+ pentiumpro | p6 | 6x86 | athlon | athlon_*)
+ basic_machine=i686-pc
+ ;;
+ pentiumii | pentium2 | pentiumiii | pentium3)
+ basic_machine=i686-pc
+ ;;
+ pentium4)
+ basic_machine=i786-pc
+ ;;
+ pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*)
+ basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pentiumpro-* | p6-* | 6x86-* | athlon-*)
+ basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*)
+ basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pentium4-*)
+ basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pn)
+ basic_machine=pn-gould
+ ;;
+ power) basic_machine=power-ibm
+ ;;
+ ppc) basic_machine=powerpc-unknown
+ ;;
+ ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ ppcle | powerpclittle | ppc-le | powerpc-little)
+ basic_machine=powerpcle-unknown
+ ;;
+ ppcle-* | powerpclittle-*)
+ basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ ppc64) basic_machine=powerpc64-unknown
+ ;;
+ ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ ppc64le | powerpc64little | ppc64-le | powerpc64-little)
+ basic_machine=powerpc64le-unknown
+ ;;
+ ppc64le-* | powerpc64little-*)
+ basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ ps2)
+ basic_machine=i386-ibm
+ ;;
+ pw32)
+ basic_machine=i586-unknown
+ os=-pw32
+ ;;
+ rom68k)
+ basic_machine=m68k-rom68k
+ os=-coff
+ ;;
+ rm[46]00)
+ basic_machine=mips-siemens
+ ;;
+ rtpc | rtpc-*)
+ basic_machine=romp-ibm
+ ;;
+ s390 | s390-*)
+ basic_machine=s390-ibm
+ ;;
+ s390x | s390x-*)
+ basic_machine=s390x-ibm
+ ;;
+ sa29200)
+ basic_machine=a29k-amd
+ os=-udi
+ ;;
+ sb1)
+ basic_machine=mipsisa64sb1-unknown
+ ;;
+ sb1el)
+ basic_machine=mipsisa64sb1el-unknown
+ ;;
+ sei)
+ basic_machine=mips-sei
+ os=-seiux
+ ;;
+ sequent)
+ basic_machine=i386-sequent
+ ;;
+ sh)
+ basic_machine=sh-hitachi
+ os=-hms
+ ;;
+ sh64)
+ basic_machine=sh64-unknown
+ ;;
+ sparclite-wrs | simso-wrs)
+ basic_machine=sparclite-wrs
+ os=-vxworks
+ ;;
+ sps7)
+ basic_machine=m68k-bull
+ os=-sysv2
+ ;;
+ spur)
+ basic_machine=spur-unknown
+ ;;
+ st2000)
+ basic_machine=m68k-tandem
+ ;;
+ stratus)
+ basic_machine=i860-stratus
+ os=-sysv4
+ ;;
+ sun2)
+ basic_machine=m68000-sun
+ ;;
+ sun2os3)
+ basic_machine=m68000-sun
+ os=-sunos3
+ ;;
+ sun2os4)
+ basic_machine=m68000-sun
+ os=-sunos4
+ ;;
+ sun3os3)
+ basic_machine=m68k-sun
+ os=-sunos3
+ ;;
+ sun3os4)
+ basic_machine=m68k-sun
+ os=-sunos4
+ ;;
+ sun4os3)
+ basic_machine=sparc-sun
+ os=-sunos3
+ ;;
+ sun4os4)
+ basic_machine=sparc-sun
+ os=-sunos4
+ ;;
+ sun4sol2)
+ basic_machine=sparc-sun
+ os=-solaris2
+ ;;
+ sun3 | sun3-*)
+ basic_machine=m68k-sun
+ ;;
+ sun4)
+ basic_machine=sparc-sun
+ ;;
+ sun386 | sun386i | roadrunner)
+ basic_machine=i386-sun
+ ;;
+ sv1)
+ basic_machine=sv1-cray
+ os=-unicos
+ ;;
+ symmetry)
+ basic_machine=i386-sequent
+ os=-dynix
+ ;;
+ t3e)
+ basic_machine=alphaev5-cray
+ os=-unicos
+ ;;
+ t90)
+ basic_machine=t90-cray
+ os=-unicos
+ ;;
+ tic54x | c54x*)
+ basic_machine=tic54x-unknown
+ os=-coff
+ ;;
+ tic55x | c55x*)
+ basic_machine=tic55x-unknown
+ os=-coff
+ ;;
+ tic6x | c6x*)
+ basic_machine=tic6x-unknown
+ os=-coff
+ ;;
+ tx39)
+ basic_machine=mipstx39-unknown
+ ;;
+ tx39el)
+ basic_machine=mipstx39el-unknown
+ ;;
+ toad1)
+ basic_machine=pdp10-xkl
+ os=-tops20
+ ;;
+ tower | tower-32)
+ basic_machine=m68k-ncr
+ ;;
+ tpf)
+ basic_machine=s390x-ibm
+ os=-tpf
+ ;;
+ udi29k)
+ basic_machine=a29k-amd
+ os=-udi
+ ;;
+ ultra3)
+ basic_machine=a29k-nyu
+ os=-sym1
+ ;;
+ v810 | necv810)
+ basic_machine=v810-nec
+ os=-none
+ ;;
+ vaxv)
+ basic_machine=vax-dec
+ os=-sysv
+ ;;
+ vms)
+ basic_machine=vax-dec
+ os=-vms
+ ;;
+ vpp*|vx|vx-*)
+ basic_machine=f301-fujitsu
+ ;;
+ vxworks960)
+ basic_machine=i960-wrs
+ os=-vxworks
+ ;;
+ vxworks68)
+ basic_machine=m68k-wrs
+ os=-vxworks
+ ;;
+ vxworks29k)
+ basic_machine=a29k-wrs
+ os=-vxworks
+ ;;
+ w65*)
+ basic_machine=w65-wdc
+ os=-none
+ ;;
+ w89k-*)
+ basic_machine=hppa1.1-winbond
+ os=-proelf
+ ;;
+ xps | xps100)
+ basic_machine=xps100-honeywell
+ ;;
+ ymp)
+ basic_machine=ymp-cray
+ os=-unicos
+ ;;
+ z8k-*-coff)
+ basic_machine=z8k-unknown
+ os=-sim
+ ;;
+ none)
+ basic_machine=none-none
+ os=-none
+ ;;
+
+# Here we handle the default manufacturer of certain CPU types. It is in
+# some cases the only manufacturer, in others, it is the most popular.
+ w89k)
+ basic_machine=hppa1.1-winbond
+ ;;
+ op50n)
+ basic_machine=hppa1.1-oki
+ ;;
+ op60c)
+ basic_machine=hppa1.1-oki
+ ;;
+ romp)
+ basic_machine=romp-ibm
+ ;;
+ mmix)
+ basic_machine=mmix-knuth
+ ;;
+ rs6000)
+ basic_machine=rs6000-ibm
+ ;;
+ vax)
+ basic_machine=vax-dec
+ ;;
+ pdp10)
+ # there are many clones, so DEC is not a safe bet
+ basic_machine=pdp10-unknown
+ ;;
+ pdp11)
+ basic_machine=pdp11-dec
+ ;;
+ we32k)
+ basic_machine=we32k-att
+ ;;
+ sh3 | sh4 | sh[34]eb | sh[1234]le | sh[23]ele)
+ basic_machine=sh-unknown
+ ;;
+ sh64)
+ basic_machine=sh64-unknown
+ ;;
+ sparc | sparcv8 | sparcv9 | sparcv9b)
+ basic_machine=sparc-sun
+ ;;
+ cydra)
+ basic_machine=cydra-cydrome
+ ;;
+ orion)
+ basic_machine=orion-highlevel
+ ;;
+ orion105)
+ basic_machine=clipper-highlevel
+ ;;
+ mac | mpw | mac-mpw)
+ basic_machine=m68k-apple
+ ;;
+ pmac | pmac-mpw)
+ basic_machine=powerpc-apple
+ ;;
+ *-unknown)
+ # Make sure to match an already-canonicalized machine name.
+ ;;
+ *)
+ echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+ exit 1
+ ;;
+esac
+
+# Here we canonicalize certain aliases for manufacturers.
+case $basic_machine in
+ *-digital*)
+ basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'`
+ ;;
+ *-commodore*)
+ basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'`
+ ;;
+ *)
+ ;;
+esac
+
+# Decode manufacturer-specific aliases for certain operating systems.
+
+if [ x"$os" != x"" ]
+then
+case $os in
+ # First match some system type aliases
+ # that might get confused with valid system types.
+ # -solaris* is a basic system type, with this one exception.
+ -solaris1 | -solaris1.*)
+ os=`echo $os | sed -e 's|solaris1|sunos4|'`
+ ;;
+ -solaris)
+ os=-solaris2
+ ;;
+ -svr4*)
+ os=-sysv4
+ ;;
+ -unixware*)
+ os=-sysv4.2uw
+ ;;
+ -gnu/linux*)
+ os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'`
+ ;;
+ # First accept the basic system types.
+ # The portable systems comes first.
+ # Each alternative MUST END IN A *, to match a version number.
+ # -sysv* is not here because it comes later, after sysvr4.
+ -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
+ | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
+ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
+ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
+ | -aos* \
+ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
+ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
+ | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* | -openbsd* \
+ | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
+ | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
+ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
+ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
+ | -chorusos* | -chorusrdb* \
+ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
+ | -mingw32* | -linux-gnu* | -linux-uclibc* | -uxpv* | -beos* | -mpeix* | -udk* \
+ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
+ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
+ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
+ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
+ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
+ | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly*)
+ # Remember, each alternative MUST END IN *, to match a version number.
+ ;;
+ -qnx*)
+ case $basic_machine in
+ x86-* | i*86-*)
+ ;;
+ *)
+ os=-nto$os
+ ;;
+ esac
+ ;;
+ -nto-qnx*)
+ ;;
+ -nto*)
+ os=`echo $os | sed -e 's|nto|nto-qnx|'`
+ ;;
+ -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
+ | -windows* | -osx | -abug | -netware* | -os9* | -beos* \
+ | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*)
+ ;;
+ -mac*)
+ os=`echo $os | sed -e 's|mac|macos|'`
+ ;;
+ -linux-dietlibc)
+ os=-linux-dietlibc
+ ;;
+ -linux*)
+ os=`echo $os | sed -e 's|linux|linux-gnu|'`
+ ;;
+ -sunos5*)
+ os=`echo $os | sed -e 's|sunos5|solaris2|'`
+ ;;
+ -sunos6*)
+ os=`echo $os | sed -e 's|sunos6|solaris3|'`
+ ;;
+ -opened*)
+ os=-openedition
+ ;;
+ -os400*)
+ os=-os400
+ ;;
+ -wince*)
+ os=-wince
+ ;;
+ -osfrose*)
+ os=-osfrose
+ ;;
+ -osf*)
+ os=-osf
+ ;;
+ -utek*)
+ os=-bsd
+ ;;
+ -dynix*)
+ os=-bsd
+ ;;
+ -acis*)
+ os=-aos
+ ;;
+ -atheos*)
+ os=-atheos
+ ;;
+ -syllable*)
+ os=-syllable
+ ;;
+ -386bsd)
+ os=-bsd
+ ;;
+ -ctix* | -uts*)
+ os=-sysv
+ ;;
+ -nova*)
+ os=-rtmk-nova
+ ;;
+ -ns2 )
+ os=-nextstep2
+ ;;
+ -nsk*)
+ os=-nsk
+ ;;
+ # Preserve the version number of sinix5.
+ -sinix5.*)
+ os=`echo $os | sed -e 's|sinix|sysv|'`
+ ;;
+ -sinix*)
+ os=-sysv4
+ ;;
+ -tpf*)
+ os=-tpf
+ ;;
+ -triton*)
+ os=-sysv3
+ ;;
+ -oss*)
+ os=-sysv3
+ ;;
+ -svr4)
+ os=-sysv4
+ ;;
+ -svr3)
+ os=-sysv3
+ ;;
+ -sysvr4)
+ os=-sysv4
+ ;;
+ # This must come after -sysvr4.
+ -sysv*)
+ ;;
+ -ose*)
+ os=-ose
+ ;;
+ -es1800*)
+ os=-ose
+ ;;
+ -xenix)
+ os=-xenix
+ ;;
+ -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
+ os=-mint
+ ;;
+ -aros*)
+ os=-aros
+ ;;
+ -kaos*)
+ os=-kaos
+ ;;
+ -none)
+ ;;
+ *)
+ # Get rid of the `-' at the beginning of $os.
+ os=`echo $os | sed 's/[^-]*-//'`
+ echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2
+ exit 1
+ ;;
+esac
+else
+
+# Here we handle the default operating systems that come with various machines.
+# The value should be what the vendor currently ships out the door with their
+# machine or put another way, the most popular os provided with the machine.
+
+# Note that if you're going to try to match "-MANUFACTURER" here (say,
+# "-sun"), then you have to tell the case statement up towards the top
+# that MANUFACTURER isn't an operating system. Otherwise, code above
+# will signal an error saying that MANUFACTURER isn't an operating
+# system, and we'll never get to this point.
+
+case $basic_machine in
+ *-acorn)
+ os=-riscix1.2
+ ;;
+ arm*-rebel)
+ os=-linux
+ ;;
+ arm*-semi)
+ os=-aout
+ ;;
+ c4x-* | tic4x-*)
+ os=-coff
+ ;;
+ # This must come before the *-dec entry.
+ pdp10-*)
+ os=-tops20
+ ;;
+ pdp11-*)
+ os=-none
+ ;;
+ *-dec | vax-*)
+ os=-ultrix4.2
+ ;;
+ m68*-apollo)
+ os=-domain
+ ;;
+ i386-sun)
+ os=-sunos4.0.2
+ ;;
+ m68000-sun)
+ os=-sunos3
+ # This also exists in the configure program, but was not the
+ # default.
+ # os=-sunos4
+ ;;
+ m68*-cisco)
+ os=-aout
+ ;;
+ mips*-cisco)
+ os=-elf
+ ;;
+ mips*-*)
+ os=-elf
+ ;;
+ or32-*)
+ os=-coff
+ ;;
+ *-tti) # must be before sparc entry or we get the wrong os.
+ os=-sysv3
+ ;;
+ sparc-* | *-sun)
+ os=-sunos4.1.1
+ ;;
+ *-be)
+ os=-beos
+ ;;
+ *-ibm)
+ os=-aix
+ ;;
+ *-knuth)
+ os=-mmixware
+ ;;
+ *-wec)
+ os=-proelf
+ ;;
+ *-winbond)
+ os=-proelf
+ ;;
+ *-oki)
+ os=-proelf
+ ;;
+ *-hp)
+ os=-hpux
+ ;;
+ *-hitachi)
+ os=-hiux
+ ;;
+ i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent)
+ os=-sysv
+ ;;
+ *-cbm)
+ os=-amigaos
+ ;;
+ *-dg)
+ os=-dgux
+ ;;
+ *-dolphin)
+ os=-sysv3
+ ;;
+ m68k-ccur)
+ os=-rtu
+ ;;
+ m88k-omron*)
+ os=-luna
+ ;;
+ *-next )
+ os=-nextstep
+ ;;
+ *-sequent)
+ os=-ptx
+ ;;
+ *-crds)
+ os=-unos
+ ;;
+ *-ns)
+ os=-genix
+ ;;
+ i370-*)
+ os=-mvs
+ ;;
+ *-next)
+ os=-nextstep3
+ ;;
+ *-gould)
+ os=-sysv
+ ;;
+ *-highlevel)
+ os=-bsd
+ ;;
+ *-encore)
+ os=-bsd
+ ;;
+ *-sgi)
+ os=-irix
+ ;;
+ *-siemens)
+ os=-sysv4
+ ;;
+ *-masscomp)
+ os=-rtu
+ ;;
+ f30[01]-fujitsu | f700-fujitsu)
+ os=-uxpv
+ ;;
+ *-rom68k)
+ os=-coff
+ ;;
+ *-*bug)
+ os=-coff
+ ;;
+ *-apple)
+ os=-macos
+ ;;
+ *-atari*)
+ os=-mint
+ ;;
+ *)
+ os=-none
+ ;;
+esac
+fi
+
+# Here we handle the case where we know the os, and the CPU type, but not the
+# manufacturer. We pick the logical manufacturer.
+vendor=unknown
+case $basic_machine in
+ *-unknown)
+ case $os in
+ -riscix*)
+ vendor=acorn
+ ;;
+ -sunos*)
+ vendor=sun
+ ;;
+ -aix*)
+ vendor=ibm
+ ;;
+ -beos*)
+ vendor=be
+ ;;
+ -hpux*)
+ vendor=hp
+ ;;
+ -mpeix*)
+ vendor=hp
+ ;;
+ -hiux*)
+ vendor=hitachi
+ ;;
+ -unos*)
+ vendor=crds
+ ;;
+ -dgux*)
+ vendor=dg
+ ;;
+ -luna*)
+ vendor=omron
+ ;;
+ -genix*)
+ vendor=ns
+ ;;
+ -mvs* | -opened*)
+ vendor=ibm
+ ;;
+ -os400*)
+ vendor=ibm
+ ;;
+ -ptx*)
+ vendor=sequent
+ ;;
+ -tpf*)
+ vendor=ibm
+ ;;
+ -vxsim* | -vxworks* | -windiss*)
+ vendor=wrs
+ ;;
+ -aux*)
+ vendor=apple
+ ;;
+ -hms*)
+ vendor=hitachi
+ ;;
+ -mpw* | -macos*)
+ vendor=apple
+ ;;
+ -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
+ vendor=atari
+ ;;
+ -vos*)
+ vendor=stratus
+ ;;
+ esac
+ basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
+ ;;
+esac
+
+echo $basic_machine$os
+exit 0
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
diff --git a/srtp/config_in.h b/srtp/config_in.h
new file mode 100644
index 0000000..5951861
--- /dev/null
+++ b/srtp/config_in.h
@@ -0,0 +1,170 @@
+/* config_in.h. Generated from configure.in by autoheader. */
+
+/* Define if building for a CISC machine (e.g. Intel). */
+#undef CPU_CISC
+
+/* Define if building for a RISC machine (assume slow byte access). */
+#undef CPU_RISC
+
+/* Path to random device */
+#undef DEV_URANDOM
+
+/* Define to compile in dynamic debugging system. */
+#undef ENABLE_DEBUGGING
+
+/* Report errors to this file. */
+#undef ERR_REPORTING_FILE
+
+/* Define to use logging to stdout. */
+#undef ERR_REPORTING_STDOUT
+
+/* Define this to use ISMAcryp code. */
+#undef GENERIC_AESICM
+
+/* Define to 1 if you have the <arpa/inet.h> header file. */
+#undef HAVE_ARPA_INET_H
+
+/* Define to 1 if you have the <byteswap.h> header file. */
+#undef HAVE_BYTESWAP_H
+
+/* Define to 1 if you have the `inet_aton' function. */
+#undef HAVE_INET_ATON
+
+/* Define to 1 if the system has the type `int16_t'. */
+#undef HAVE_INT16_T
+
+/* Define to 1 if the system has the type `int32_t'. */
+#undef HAVE_INT32_T
+
+/* Define to 1 if the system has the type `int8_t'. */
+#undef HAVE_INT8_T
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#undef HAVE_INTTYPES_H
+
+/* Define to 1 if you have the `socket' library (-lsocket). */
+#undef HAVE_LIBSOCKET
+
+/* Define to 1 if you have the <machine/types.h> header file. */
+#undef HAVE_MACHINE_TYPES_H
+
+/* Define to 1 if you have the <memory.h> header file. */
+#undef HAVE_MEMORY_H
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+#undef HAVE_NETINET_IN_H
+
+/* Define to 1 if you have the `socket' function. */
+#undef HAVE_SOCKET
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#undef HAVE_STDINT_H
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#undef HAVE_STDLIB_H
+
+/* Define to 1 if you have the <strings.h> header file. */
+#undef HAVE_STRINGS_H
+
+/* Define to 1 if you have the <string.h> header file. */
+#undef HAVE_STRING_H
+
+/* Define to 1 if you have the <syslog.h> header file. */
+#undef HAVE_SYSLOG_H
+
+/* Define to 1 if you have the <sys/int_types.h> header file. */
+#undef HAVE_SYS_INT_TYPES_H
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+#undef HAVE_SYS_SOCKET_H
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#undef HAVE_SYS_STAT_H
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#undef HAVE_SYS_TYPES_H
+
+/* Define to 1 if you have the <sys/uio.h> header file. */
+#undef HAVE_SYS_UIO_H
+
+/* Define to 1 if the system has the type `uint16_t'. */
+#undef HAVE_UINT16_T
+
+/* Define to 1 if the system has the type `uint32_t'. */
+#undef HAVE_UINT32_T
+
+/* Define to 1 if the system has the type `uint64_t'. */
+#undef HAVE_UINT64_T
+
+/* Define to 1 if the system has the type `uint8_t'. */
+#undef HAVE_UINT8_T
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#undef HAVE_UNISTD_H
+
+/* Define to 1 if you have the `usleep' function. */
+#undef HAVE_USLEEP
+
+/* Define to 1 if you have the <windows.h> header file. */
+#undef HAVE_WINDOWS_H
+
+/* Define to 1 if you have the <winsock2.h> header file. */
+#undef HAVE_WINSOCK2_H
+
+/* Define to use X86 inlined assembly code */
+#undef HAVE_X86
+
+/* Define to the address where bug reports for this package should be sent. */
+#undef PACKAGE_BUGREPORT
+
+/* Define to the full name of this package. */
+#undef PACKAGE_NAME
+
+/* Define to the full name and version of this package. */
+#undef PACKAGE_STRING
+
+/* Define to the one symbol short name of this package. */
+#undef PACKAGE_TARNAME
+
+/* Define to the version of this package. */
+#undef PACKAGE_VERSION
+
+/* The size of a `unsigned long', as computed by sizeof. */
+#undef SIZEOF_UNSIGNED_LONG
+
+/* The size of a `unsigned long long', as computed by sizeof. */
+#undef SIZEOF_UNSIGNED_LONG_LONG
+
+/* Define to use GDOI. */
+#undef SRTP_GDOI
+
+/* Define to compile for kernel contexts. */
+#undef SRTP_KERNEL
+
+/* Define to compile for Linux kernel context. */
+#undef SRTP_KERNEL_LINUX
+
+/* Define to 1 if you have the ANSI C header files. */
+#undef STDC_HEADERS
+
+/* Write errors to this file */
+#undef USE_ERR_REPORTING_FILE
+
+/* Define to use syslog logging. */
+#undef USE_SYSLOG
+
+/* Define to 1 if your processor stores words with the most significant byte
+ first (like Motorola and SPARC, unlike Intel and VAX). */
+#undef WORDS_BIGENDIAN
+
+/* Define to empty if `const' does not conform to ANSI C. */
+#undef const
+
+/* Define to `__inline__' or `__inline' if that's what the C compiler
+ calls it, or to nothing if 'inline' is not supported under any name. */
+#ifndef __cplusplus
+#undef inline
+#endif
+
+/* Define to `unsigned' if <sys/types.h> does not define. */
+#undef size_t
diff --git a/srtp/configure b/srtp/configure
new file mode 100755
index 0000000..b959b11
--- /dev/null
+++ b/srtp/configure
@@ -0,0 +1,8603 @@
+#! /bin/sh
+# Guess values for system-dependent variables and create Makefiles.
+# Generated by GNU Autoconf 2.59.
+#
+# Copyright (C) 2003 Free Software Foundation, Inc.
+# This configure script is free software; the Free Software Foundation
+# gives unlimited permission to copy, distribute and modify it.
+## --------------------- ##
+## M4sh Initialization. ##
+## --------------------- ##
+
+# Be Bourne compatible
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+ emulate sh
+ NULLCMD=:
+ # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '${1+"$@"}'='"$@"'
+elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then
+ set -o posix
+fi
+DUALCASE=1; export DUALCASE # for MKS sh
+
+# Support unset when possible.
+if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
+ as_unset=unset
+else
+ as_unset=false
+fi
+
+
+# Work around bugs in pre-3.0 UWIN ksh.
+$as_unset ENV MAIL MAILPATH
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# NLS nuisances.
+for as_var in \
+ LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \
+ LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \
+ LC_TELEPHONE LC_TIME
+do
+ if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then
+ eval $as_var=C; export $as_var
+ else
+ $as_unset $as_var
+ fi
+done
+
+# Required to use basename.
+if expr a : '\(a\)' >/dev/null 2>&1; then
+ as_expr=expr
+else
+ as_expr=false
+fi
+
+if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then
+ as_basename=basename
+else
+ as_basename=false
+fi
+
+
+# Name of the executable.
+as_me=`$as_basename "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+ X"$0" : 'X\(//\)$' \| \
+ X"$0" : 'X\(/\)$' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X/"$0" |
+ sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; }
+ /^X\/\(\/\/\)$/{ s//\1/; q; }
+ /^X\/\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+
+
+# PATH needs CR, and LINENO needs CR and PATH.
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ echo "#! /bin/sh" >conf$$.sh
+ echo "exit 0" >>conf$$.sh
+ chmod +x conf$$.sh
+ if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+ PATH_SEPARATOR=';'
+ else
+ PATH_SEPARATOR=:
+ fi
+ rm -f conf$$.sh
+fi
+
+
+ as_lineno_1=$LINENO
+ as_lineno_2=$LINENO
+ as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
+ test "x$as_lineno_1" != "x$as_lineno_2" &&
+ test "x$as_lineno_3" = "x$as_lineno_2" || {
+ # Find who we are. Look in the path if we contain no path at all
+ # relative or not.
+ case $0 in
+ *[\\/]* ) as_myself=$0 ;;
+ *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+done
+
+ ;;
+ esac
+ # We did not find ourselves, most probably we were run as `sh COMMAND'
+ # in which case we are not to be found in the path.
+ if test "x$as_myself" = x; then
+ as_myself=$0
+ fi
+ if test ! -f "$as_myself"; then
+ { echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2
+ { (exit 1); exit 1; }; }
+ fi
+ case $CONFIG_SHELL in
+ '')
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for as_base in sh bash ksh sh5; do
+ case $as_dir in
+ /*)
+ if ("$as_dir/$as_base" -c '
+ as_lineno_1=$LINENO
+ as_lineno_2=$LINENO
+ as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
+ test "x$as_lineno_1" != "x$as_lineno_2" &&
+ test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then
+ $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; }
+ $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; }
+ CONFIG_SHELL=$as_dir/$as_base
+ export CONFIG_SHELL
+ exec "$CONFIG_SHELL" "$0" ${1+"$@"}
+ fi;;
+ esac
+ done
+done
+;;
+ esac
+
+ # Create $as_me.lineno as a copy of $as_myself, but with $LINENO
+ # uniformly replaced by the line number. The first 'sed' inserts a
+ # line-number line before each line; the second 'sed' does the real
+ # work. The second script uses 'N' to pair each line-number line
+ # with the numbered line, and appends trailing '-' during
+ # substitution so that $LINENO is not a special case at line end.
+ # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the
+ # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-)
+ sed '=' <$as_myself |
+ sed '
+ N
+ s,$,-,
+ : loop
+ s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3,
+ t loop
+ s,-$,,
+ s,^['$as_cr_digits']*\n,,
+ ' >$as_me.lineno &&
+ chmod +x $as_me.lineno ||
+ { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2
+ { (exit 1); exit 1; }; }
+
+ # Don't try to exec as it changes $[0], causing all sort of problems
+ # (the dirname of $[0] is not the place where we might find the
+ # original and so on. Autoconf is especially sensible to this).
+ . ./$as_me.lineno
+ # Exit status is that of the last command.
+ exit
+}
+
+
+case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in
+ *c*,-n*) ECHO_N= ECHO_C='
+' ECHO_T=' ' ;;
+ *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;;
+ *) ECHO_N= ECHO_C='\c' ECHO_T= ;;
+esac
+
+if expr a : '\(a\)' >/dev/null 2>&1; then
+ as_expr=expr
+else
+ as_expr=false
+fi
+
+rm -f conf$$ conf$$.exe conf$$.file
+echo >conf$$.file
+if ln -s conf$$.file conf$$ 2>/dev/null; then
+ # We could just check for DJGPP; but this test a) works b) is more generic
+ # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04).
+ if test -f conf$$.exe; then
+ # Don't use ln at all; we don't have any links
+ as_ln_s='cp -p'
+ else
+ as_ln_s='ln -s'
+ fi
+elif ln conf$$.file conf$$ 2>/dev/null; then
+ as_ln_s=ln
+else
+ as_ln_s='cp -p'
+fi
+rm -f conf$$ conf$$.exe conf$$.file
+
+if mkdir -p . 2>/dev/null; then
+ as_mkdir_p=:
+else
+ test -d ./-p && rmdir ./-p
+ as_mkdir_p=false
+fi
+
+as_executable_p="test -f"
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+
+# IFS
+# We need space, tab and new line, in precisely that order.
+as_nl='
+'
+IFS=" $as_nl"
+
+# CDPATH.
+$as_unset CDPATH
+
+
+# Name of the host.
+# hostname on some systems (SVR3.2, Linux) returns a bogus exit status,
+# so uname gets run too.
+ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q`
+
+exec 6>&1
+
+#
+# Initializations.
+#
+ac_default_prefix=/usr/local
+ac_config_libobj_dir=.
+cross_compiling=no
+subdirs=
+MFLAGS=
+MAKEFLAGS=
+SHELL=${CONFIG_SHELL-/bin/sh}
+
+# Maximum number of lines to put in a shell here document.
+# This variable seems obsolete. It should probably be removed, and
+# only ac_max_sed_lines should be used.
+: ${ac_max_here_lines=38}
+
+# Identity of this package.
+PACKAGE_NAME=
+PACKAGE_TARNAME=
+PACKAGE_VERSION=
+PACKAGE_STRING=
+PACKAGE_BUGREPORT=
+
+ac_unique_file="srtp"
+# Factoring default headers for most tests.
+ac_includes_default="\
+#include <stdio.h>
+#if HAVE_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#if HAVE_SYS_STAT_H
+# include <sys/stat.h>
+#endif
+#if STDC_HEADERS
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# if HAVE_STDLIB_H
+# include <stdlib.h>
+# endif
+#endif
+#if HAVE_STRING_H
+# if !STDC_HEADERS && HAVE_MEMORY_H
+# include <memory.h>
+# endif
+# include <string.h>
+#endif
+#if HAVE_STRINGS_H
+# include <strings.h>
+#endif
+#if HAVE_INTTYPES_H
+# include <inttypes.h>
+#else
+# if HAVE_STDINT_H
+# include <stdint.h>
+# endif
+#endif
+#if HAVE_UNISTD_H
+# include <unistd.h>
+#endif"
+
+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS RANLIB ac_ct_RANLIB CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA RNG_OBJS CPP EGREP build build_cpu build_vendor build_os host host_cpu host_vendor host_os EXE GDOI_OBJS LIBOBJS LTLIBOBJS'
+ac_subst_files=''
+
+# Initialize some variables set by options.
+ac_init_help=
+ac_init_version=false
+# The variables have the same names as the options, with
+# dashes changed to underlines.
+cache_file=/dev/null
+exec_prefix=NONE
+no_create=
+no_recursion=
+prefix=NONE
+program_prefix=NONE
+program_suffix=NONE
+program_transform_name=s,x,x,
+silent=
+site=
+srcdir=
+verbose=
+x_includes=NONE
+x_libraries=NONE
+
+# Installation directory options.
+# These are left unexpanded so users can "make install exec_prefix=/foo"
+# and all the variables that are supposed to be based on exec_prefix
+# by default will actually change.
+# Use braces instead of parens because sh, perl, etc. also accept them.
+bindir='${exec_prefix}/bin'
+sbindir='${exec_prefix}/sbin'
+libexecdir='${exec_prefix}/libexec'
+datadir='${prefix}/share'
+sysconfdir='${prefix}/etc'
+sharedstatedir='${prefix}/com'
+localstatedir='${prefix}/var'
+libdir='${exec_prefix}/lib'
+includedir='${prefix}/include'
+oldincludedir='/usr/include'
+infodir='${prefix}/info'
+mandir='${prefix}/man'
+
+ac_prev=
+for ac_option
+do
+ # If the previous option needs an argument, assign it.
+ if test -n "$ac_prev"; then
+ eval "$ac_prev=\$ac_option"
+ ac_prev=
+ continue
+ fi
+
+ ac_optarg=`expr "x$ac_option" : 'x[^=]*=\(.*\)'`
+
+ # Accept the important Cygnus configure options, so we can diagnose typos.
+
+ case $ac_option in
+
+ -bindir | --bindir | --bindi | --bind | --bin | --bi)
+ ac_prev=bindir ;;
+ -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
+ bindir=$ac_optarg ;;
+
+ -build | --build | --buil | --bui | --bu)
+ ac_prev=build_alias ;;
+ -build=* | --build=* | --buil=* | --bui=* | --bu=*)
+ build_alias=$ac_optarg ;;
+
+ -cache-file | --cache-file | --cache-fil | --cache-fi \
+ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
+ ac_prev=cache_file ;;
+ -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
+ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
+ cache_file=$ac_optarg ;;
+
+ --config-cache | -C)
+ cache_file=config.cache ;;
+
+ -datadir | --datadir | --datadi | --datad | --data | --dat | --da)
+ ac_prev=datadir ;;
+ -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \
+ | --da=*)
+ datadir=$ac_optarg ;;
+
+ -disable-* | --disable-*)
+ ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null &&
+ { echo "$as_me: error: invalid feature name: $ac_feature" >&2
+ { (exit 1); exit 1; }; }
+ ac_feature=`echo $ac_feature | sed 's/-/_/g'`
+ eval "enable_$ac_feature=no" ;;
+
+ -enable-* | --enable-*)
+ ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null &&
+ { echo "$as_me: error: invalid feature name: $ac_feature" >&2
+ { (exit 1); exit 1; }; }
+ ac_feature=`echo $ac_feature | sed 's/-/_/g'`
+ case $ac_option in
+ *=*) ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`;;
+ *) ac_optarg=yes ;;
+ esac
+ eval "enable_$ac_feature='$ac_optarg'" ;;
+
+ -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
+ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
+ | --exec | --exe | --ex)
+ ac_prev=exec_prefix ;;
+ -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
+ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
+ | --exec=* | --exe=* | --ex=*)
+ exec_prefix=$ac_optarg ;;
+
+ -gas | --gas | --ga | --g)
+ # Obsolete; use --with-gas.
+ with_gas=yes ;;
+
+ -help | --help | --hel | --he | -h)
+ ac_init_help=long ;;
+ -help=r* | --help=r* | --hel=r* | --he=r* | -hr*)
+ ac_init_help=recursive ;;
+ -help=s* | --help=s* | --hel=s* | --he=s* | -hs*)
+ ac_init_help=short ;;
+
+ -host | --host | --hos | --ho)
+ ac_prev=host_alias ;;
+ -host=* | --host=* | --hos=* | --ho=*)
+ host_alias=$ac_optarg ;;
+
+ -includedir | --includedir | --includedi | --included | --include \
+ | --includ | --inclu | --incl | --inc)
+ ac_prev=includedir ;;
+ -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
+ | --includ=* | --inclu=* | --incl=* | --inc=*)
+ includedir=$ac_optarg ;;
+
+ -infodir | --infodir | --infodi | --infod | --info | --inf)
+ ac_prev=infodir ;;
+ -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
+ infodir=$ac_optarg ;;
+
+ -libdir | --libdir | --libdi | --libd)
+ ac_prev=libdir ;;
+ -libdir=* | --libdir=* | --libdi=* | --libd=*)
+ libdir=$ac_optarg ;;
+
+ -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
+ | --libexe | --libex | --libe)
+ ac_prev=libexecdir ;;
+ -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
+ | --libexe=* | --libex=* | --libe=*)
+ libexecdir=$ac_optarg ;;
+
+ -localstatedir | --localstatedir | --localstatedi | --localstated \
+ | --localstate | --localstat | --localsta | --localst \
+ | --locals | --local | --loca | --loc | --lo)
+ ac_prev=localstatedir ;;
+ -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
+ | --localstate=* | --localstat=* | --localsta=* | --localst=* \
+ | --locals=* | --local=* | --loca=* | --loc=* | --lo=*)
+ localstatedir=$ac_optarg ;;
+
+ -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
+ ac_prev=mandir ;;
+ -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
+ mandir=$ac_optarg ;;
+
+ -nfp | --nfp | --nf)
+ # Obsolete; use --without-fp.
+ with_fp=no ;;
+
+ -no-create | --no-create | --no-creat | --no-crea | --no-cre \
+ | --no-cr | --no-c | -n)
+ no_create=yes ;;
+
+ -no-recursion | --no-recursion | --no-recursio | --no-recursi \
+ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
+ no_recursion=yes ;;
+
+ -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
+ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
+ | --oldin | --oldi | --old | --ol | --o)
+ ac_prev=oldincludedir ;;
+ -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
+ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
+ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
+ oldincludedir=$ac_optarg ;;
+
+ -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
+ ac_prev=prefix ;;
+ -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
+ prefix=$ac_optarg ;;
+
+ -program-prefix | --program-prefix | --program-prefi | --program-pref \
+ | --program-pre | --program-pr | --program-p)
+ ac_prev=program_prefix ;;
+ -program-prefix=* | --program-prefix=* | --program-prefi=* \
+ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
+ program_prefix=$ac_optarg ;;
+
+ -program-suffix | --program-suffix | --program-suffi | --program-suff \
+ | --program-suf | --program-su | --program-s)
+ ac_prev=program_suffix ;;
+ -program-suffix=* | --program-suffix=* | --program-suffi=* \
+ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
+ program_suffix=$ac_optarg ;;
+
+ -program-transform-name | --program-transform-name \
+ | --program-transform-nam | --program-transform-na \
+ | --program-transform-n | --program-transform- \
+ | --program-transform | --program-transfor \
+ | --program-transfo | --program-transf \
+ | --program-trans | --program-tran \
+ | --progr-tra | --program-tr | --program-t)
+ ac_prev=program_transform_name ;;
+ -program-transform-name=* | --program-transform-name=* \
+ | --program-transform-nam=* | --program-transform-na=* \
+ | --program-transform-n=* | --program-transform-=* \
+ | --program-transform=* | --program-transfor=* \
+ | --program-transfo=* | --program-transf=* \
+ | --program-trans=* | --program-tran=* \
+ | --progr-tra=* | --program-tr=* | --program-t=*)
+ program_transform_name=$ac_optarg ;;
+
+ -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+ | -silent | --silent | --silen | --sile | --sil)
+ silent=yes ;;
+
+ -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
+ ac_prev=sbindir ;;
+ -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
+ | --sbi=* | --sb=*)
+ sbindir=$ac_optarg ;;
+
+ -sharedstatedir | --sharedstatedir | --sharedstatedi \
+ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
+ | --sharedst | --shareds | --shared | --share | --shar \
+ | --sha | --sh)
+ ac_prev=sharedstatedir ;;
+ -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
+ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
+ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
+ | --sha=* | --sh=*)
+ sharedstatedir=$ac_optarg ;;
+
+ -site | --site | --sit)
+ ac_prev=site ;;
+ -site=* | --site=* | --sit=*)
+ site=$ac_optarg ;;
+
+ -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
+ ac_prev=srcdir ;;
+ -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
+ srcdir=$ac_optarg ;;
+
+ -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
+ | --syscon | --sysco | --sysc | --sys | --sy)
+ ac_prev=sysconfdir ;;
+ -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
+ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
+ sysconfdir=$ac_optarg ;;
+
+ -target | --target | --targe | --targ | --tar | --ta | --t)
+ ac_prev=target_alias ;;
+ -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
+ target_alias=$ac_optarg ;;
+
+ -v | -verbose | --verbose | --verbos | --verbo | --verb)
+ verbose=yes ;;
+
+ -version | --version | --versio | --versi | --vers | -V)
+ ac_init_version=: ;;
+
+ -with-* | --with-*)
+ ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null &&
+ { echo "$as_me: error: invalid package name: $ac_package" >&2
+ { (exit 1); exit 1; }; }
+ ac_package=`echo $ac_package| sed 's/-/_/g'`
+ case $ac_option in
+ *=*) ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`;;
+ *) ac_optarg=yes ;;
+ esac
+ eval "with_$ac_package='$ac_optarg'" ;;
+
+ -without-* | --without-*)
+ ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null &&
+ { echo "$as_me: error: invalid package name: $ac_package" >&2
+ { (exit 1); exit 1; }; }
+ ac_package=`echo $ac_package | sed 's/-/_/g'`
+ eval "with_$ac_package=no" ;;
+
+ --x)
+ # Obsolete; use --with-x.
+ with_x=yes ;;
+
+ -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
+ | --x-incl | --x-inc | --x-in | --x-i)
+ ac_prev=x_includes ;;
+ -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
+ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
+ x_includes=$ac_optarg ;;
+
+ -x-libraries | --x-libraries | --x-librarie | --x-librari \
+ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
+ ac_prev=x_libraries ;;
+ -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
+ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
+ x_libraries=$ac_optarg ;;
+
+ -*) { echo "$as_me: error: unrecognized option: $ac_option
+Try \`$0 --help' for more information." >&2
+ { (exit 1); exit 1; }; }
+ ;;
+
+ *=*)
+ ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_envvar" : ".*[^_$as_cr_alnum]" >/dev/null &&
+ { echo "$as_me: error: invalid variable name: $ac_envvar" >&2
+ { (exit 1); exit 1; }; }
+ ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`
+ eval "$ac_envvar='$ac_optarg'"
+ export $ac_envvar ;;
+
+ *)
+ # FIXME: should be removed in autoconf 3.0.
+ echo "$as_me: WARNING: you should use --build, --host, --target" >&2
+ expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+ echo "$as_me: WARNING: invalid host type: $ac_option" >&2
+ : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}
+ ;;
+
+ esac
+done
+
+if test -n "$ac_prev"; then
+ ac_option=--`echo $ac_prev | sed 's/_/-/g'`
+ { echo "$as_me: error: missing argument to $ac_option" >&2
+ { (exit 1); exit 1; }; }
+fi
+
+# Be sure to have absolute paths.
+for ac_var in exec_prefix prefix
+do
+ eval ac_val=$`echo $ac_var`
+ case $ac_val in
+ [\\/$]* | ?:[\\/]* | NONE | '' ) ;;
+ *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2
+ { (exit 1); exit 1; }; };;
+ esac
+done
+
+# Be sure to have absolute paths.
+for ac_var in bindir sbindir libexecdir datadir sysconfdir sharedstatedir \
+ localstatedir libdir includedir oldincludedir infodir mandir
+do
+ eval ac_val=$`echo $ac_var`
+ case $ac_val in
+ [\\/$]* | ?:[\\/]* ) ;;
+ *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2
+ { (exit 1); exit 1; }; };;
+ esac
+done
+
+# There might be people who depend on the old broken behavior: `$host'
+# used to hold the argument of --host etc.
+# FIXME: To remove some day.
+build=$build_alias
+host=$host_alias
+target=$target_alias
+
+# FIXME: To remove some day.
+if test "x$host_alias" != x; then
+ if test "x$build_alias" = x; then
+ cross_compiling=maybe
+ echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host.
+ If a cross compiler is detected then cross compile mode will be used." >&2
+ elif test "x$build_alias" != "x$host_alias"; then
+ cross_compiling=yes
+ fi
+fi
+
+ac_tool_prefix=
+test -n "$host_alias" && ac_tool_prefix=$host_alias-
+
+test "$silent" = yes && exec 6>/dev/null
+
+
+# Find the source files, if location was not specified.
+if test -z "$srcdir"; then
+ ac_srcdir_defaulted=yes
+ # Try the directory containing this script, then its parent.
+ ac_confdir=`(dirname "$0") 2>/dev/null ||
+$as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$0" : 'X\(//\)[^/]' \| \
+ X"$0" : 'X\(//\)$' \| \
+ X"$0" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$0" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ srcdir=$ac_confdir
+ if test ! -r $srcdir/$ac_unique_file; then
+ srcdir=..
+ fi
+else
+ ac_srcdir_defaulted=no
+fi
+if test ! -r $srcdir/$ac_unique_file; then
+ if test "$ac_srcdir_defaulted" = yes; then
+ { echo "$as_me: error: cannot find sources ($ac_unique_file) in $ac_confdir or .." >&2
+ { (exit 1); exit 1; }; }
+ else
+ { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2
+ { (exit 1); exit 1; }; }
+ fi
+fi
+(cd $srcdir && test -r ./$ac_unique_file) 2>/dev/null ||
+ { echo "$as_me: error: sources are in $srcdir, but \`cd $srcdir' does not work" >&2
+ { (exit 1); exit 1; }; }
+srcdir=`echo "$srcdir" | sed 's%\([^\\/]\)[\\/]*$%\1%'`
+ac_env_build_alias_set=${build_alias+set}
+ac_env_build_alias_value=$build_alias
+ac_cv_env_build_alias_set=${build_alias+set}
+ac_cv_env_build_alias_value=$build_alias
+ac_env_host_alias_set=${host_alias+set}
+ac_env_host_alias_value=$host_alias
+ac_cv_env_host_alias_set=${host_alias+set}
+ac_cv_env_host_alias_value=$host_alias
+ac_env_target_alias_set=${target_alias+set}
+ac_env_target_alias_value=$target_alias
+ac_cv_env_target_alias_set=${target_alias+set}
+ac_cv_env_target_alias_value=$target_alias
+ac_env_CC_set=${CC+set}
+ac_env_CC_value=$CC
+ac_cv_env_CC_set=${CC+set}
+ac_cv_env_CC_value=$CC
+ac_env_CFLAGS_set=${CFLAGS+set}
+ac_env_CFLAGS_value=$CFLAGS
+ac_cv_env_CFLAGS_set=${CFLAGS+set}
+ac_cv_env_CFLAGS_value=$CFLAGS
+ac_env_LDFLAGS_set=${LDFLAGS+set}
+ac_env_LDFLAGS_value=$LDFLAGS
+ac_cv_env_LDFLAGS_set=${LDFLAGS+set}
+ac_cv_env_LDFLAGS_value=$LDFLAGS
+ac_env_CPPFLAGS_set=${CPPFLAGS+set}
+ac_env_CPPFLAGS_value=$CPPFLAGS
+ac_cv_env_CPPFLAGS_set=${CPPFLAGS+set}
+ac_cv_env_CPPFLAGS_value=$CPPFLAGS
+ac_env_CPP_set=${CPP+set}
+ac_env_CPP_value=$CPP
+ac_cv_env_CPP_set=${CPP+set}
+ac_cv_env_CPP_value=$CPP
+
+#
+# Report the --help message.
+#
+if test "$ac_init_help" = "long"; then
+ # Omit some internal or obsolete options to make the list less imposing.
+ # This message is too long to be a string in the A/UX 3.1 sh.
+ cat <<_ACEOF
+\`configure' configures this package to adapt to many kinds of systems.
+
+Usage: $0 [OPTION]... [VAR=VALUE]...
+
+To assign environment variables (e.g., CC, CFLAGS...), specify them as
+VAR=VALUE. See below for descriptions of some of the useful variables.
+
+Defaults for the options are specified in brackets.
+
+Configuration:
+ -h, --help display this help and exit
+ --help=short display options specific to this package
+ --help=recursive display the short help of all the included packages
+ -V, --version display version information and exit
+ -q, --quiet, --silent do not print \`checking...' messages
+ --cache-file=FILE cache test results in FILE [disabled]
+ -C, --config-cache alias for \`--cache-file=config.cache'
+ -n, --no-create do not create output files
+ --srcdir=DIR find the sources in DIR [configure dir or \`..']
+
+_ACEOF
+
+ cat <<_ACEOF
+Installation directories:
+ --prefix=PREFIX install architecture-independent files in PREFIX
+ [$ac_default_prefix]
+ --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
+ [PREFIX]
+
+By default, \`make install' will install all the files in
+\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify
+an installation prefix other than \`$ac_default_prefix' using \`--prefix',
+for instance \`--prefix=\$HOME'.
+
+For better control, use the options below.
+
+Fine tuning of the installation directories:
+ --bindir=DIR user executables [EPREFIX/bin]
+ --sbindir=DIR system admin executables [EPREFIX/sbin]
+ --libexecdir=DIR program executables [EPREFIX/libexec]
+ --datadir=DIR read-only architecture-independent data [PREFIX/share]
+ --sysconfdir=DIR read-only single-machine data [PREFIX/etc]
+ --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
+ --localstatedir=DIR modifiable single-machine data [PREFIX/var]
+ --libdir=DIR object code libraries [EPREFIX/lib]
+ --includedir=DIR C header files [PREFIX/include]
+ --oldincludedir=DIR C header files for non-gcc [/usr/include]
+ --infodir=DIR info documentation [PREFIX/info]
+ --mandir=DIR man documentation [PREFIX/man]
+_ACEOF
+
+ cat <<\_ACEOF
+
+System types:
+ --build=BUILD configure for building on BUILD [guessed]
+ --host=HOST cross-compile to build programs to run on HOST [BUILD]
+_ACEOF
+fi
+
+if test -n "$ac_init_help"; then
+
+ cat <<\_ACEOF
+
+Optional Features:
+ --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
+ --enable-FEATURE[=ARG] include FEATURE [ARG=yes]
+ --enable-kernel-linux build library to run in Linux kernel context
+ --disable-debug do not compile in dynamic debugging system
+ --enable-generic-aesicm compile in changes for ISMAcryp
+ --enable-syslog use syslog for error reporting
+ --disable-stdout don't use stdout for error reporting
+ --enable-console use /dev/console for error reporting
+ --enable-gdoi enable GDOI key management
+
+Some influential environment variables:
+ CC C compiler command
+ CFLAGS C compiler flags
+ LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
+ nonstandard directory <lib dir>
+ CPPFLAGS C/C++ preprocessor flags, e.g. -I<include dir> if you have
+ headers in a nonstandard directory <include dir>
+ CPP C preprocessor
+
+Use these variables to override the choices made by `configure' or to help
+it to find libraries and programs with nonstandard names/locations.
+
+_ACEOF
+fi
+
+if test "$ac_init_help" = "recursive"; then
+ # If there are subdirs, report their specific --help.
+ ac_popdir=`pwd`
+ for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
+ test -d $ac_dir || continue
+ ac_builddir=.
+
+if test "$ac_dir" != .; then
+ ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
+ # A "../" for each directory in $ac_dir_suffix.
+ ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'`
+else
+ ac_dir_suffix= ac_top_builddir=
+fi
+
+case $srcdir in
+ .) # No --srcdir option. We are building in place.
+ ac_srcdir=.
+ if test -z "$ac_top_builddir"; then
+ ac_top_srcdir=.
+ else
+ ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'`
+ fi ;;
+ [\\/]* | ?:[\\/]* ) # Absolute path.
+ ac_srcdir=$srcdir$ac_dir_suffix;
+ ac_top_srcdir=$srcdir ;;
+ *) # Relative path.
+ ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix
+ ac_top_srcdir=$ac_top_builddir$srcdir ;;
+esac
+
+# Do not use `cd foo && pwd` to compute absolute paths, because
+# the directories may not exist.
+case `pwd` in
+.) ac_abs_builddir="$ac_dir";;
+*)
+ case "$ac_dir" in
+ .) ac_abs_builddir=`pwd`;;
+ [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";;
+ *) ac_abs_builddir=`pwd`/"$ac_dir";;
+ esac;;
+esac
+case $ac_abs_builddir in
+.) ac_abs_top_builddir=${ac_top_builddir}.;;
+*)
+ case ${ac_top_builddir}. in
+ .) ac_abs_top_builddir=$ac_abs_builddir;;
+ [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;;
+ *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;;
+ esac;;
+esac
+case $ac_abs_builddir in
+.) ac_abs_srcdir=$ac_srcdir;;
+*)
+ case $ac_srcdir in
+ .) ac_abs_srcdir=$ac_abs_builddir;;
+ [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;;
+ *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;;
+ esac;;
+esac
+case $ac_abs_builddir in
+.) ac_abs_top_srcdir=$ac_top_srcdir;;
+*)
+ case $ac_top_srcdir in
+ .) ac_abs_top_srcdir=$ac_abs_builddir;;
+ [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;;
+ *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;;
+ esac;;
+esac
+
+ cd $ac_dir
+ # Check for guested configure; otherwise get Cygnus style configure.
+ if test -f $ac_srcdir/configure.gnu; then
+ echo
+ $SHELL $ac_srcdir/configure.gnu --help=recursive
+ elif test -f $ac_srcdir/configure; then
+ echo
+ $SHELL $ac_srcdir/configure --help=recursive
+ elif test -f $ac_srcdir/configure.ac ||
+ test -f $ac_srcdir/configure.in; then
+ echo
+ $ac_configure --help
+ else
+ echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
+ fi
+ cd $ac_popdir
+ done
+fi
+
+test -n "$ac_init_help" && exit 0
+if $ac_init_version; then
+ cat <<\_ACEOF
+
+Copyright (C) 2003 Free Software Foundation, Inc.
+This configure script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it.
+_ACEOF
+ exit 0
+fi
+exec 5>config.log
+cat >&5 <<_ACEOF
+This file contains any messages produced by compilers while
+running configure, to aid debugging if configure makes a mistake.
+
+It was created by $as_me, which was
+generated by GNU Autoconf 2.59. Invocation command line was
+
+ $ $0 $@
+
+_ACEOF
+{
+cat <<_ASUNAME
+## --------- ##
+## Platform. ##
+## --------- ##
+
+hostname = `(hostname || uname -n) 2>/dev/null | sed 1q`
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown`
+/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown`
+
+/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown`
+/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown`
+hostinfo = `(hostinfo) 2>/dev/null || echo unknown`
+/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown`
+/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown`
+/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown`
+
+_ASUNAME
+
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ echo "PATH: $as_dir"
+done
+
+} >&5
+
+cat >&5 <<_ACEOF
+
+
+## ----------- ##
+## Core tests. ##
+## ----------- ##
+
+_ACEOF
+
+
+# Keep a trace of the command line.
+# Strip out --no-create and --no-recursion so they do not pile up.
+# Strip out --silent because we don't want to record it for future runs.
+# Also quote any args containing shell meta-characters.
+# Make two passes to allow for proper duplicate-argument suppression.
+ac_configure_args=
+ac_configure_args0=
+ac_configure_args1=
+ac_sep=
+ac_must_keep_next=false
+for ac_pass in 1 2
+do
+ for ac_arg
+ do
+ case $ac_arg in
+ -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;;
+ -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+ | -silent | --silent | --silen | --sile | --sil)
+ continue ;;
+ *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*)
+ ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
+ esac
+ case $ac_pass in
+ 1) ac_configure_args0="$ac_configure_args0 '$ac_arg'" ;;
+ 2)
+ ac_configure_args1="$ac_configure_args1 '$ac_arg'"
+ if test $ac_must_keep_next = true; then
+ ac_must_keep_next=false # Got value, back to normal.
+ else
+ case $ac_arg in
+ *=* | --config-cache | -C | -disable-* | --disable-* \
+ | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \
+ | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \
+ | -with-* | --with-* | -without-* | --without-* | --x)
+ case "$ac_configure_args0 " in
+ "$ac_configure_args1"*" '$ac_arg' "* ) continue ;;
+ esac
+ ;;
+ -* ) ac_must_keep_next=true ;;
+ esac
+ fi
+ ac_configure_args="$ac_configure_args$ac_sep'$ac_arg'"
+ # Get rid of the leading space.
+ ac_sep=" "
+ ;;
+ esac
+ done
+done
+$as_unset ac_configure_args0 || test "${ac_configure_args0+set}" != set || { ac_configure_args0=; export ac_configure_args0; }
+$as_unset ac_configure_args1 || test "${ac_configure_args1+set}" != set || { ac_configure_args1=; export ac_configure_args1; }
+
+# When interrupted or exit'd, cleanup temporary files, and complete
+# config.log. We remove comments because anyway the quotes in there
+# would cause problems or look ugly.
+# WARNING: Be sure not to use single quotes in there, as some shells,
+# such as our DU 5.0 friend, will then `close' the trap.
+trap 'exit_status=$?
+ # Save into config.log some information that might help in debugging.
+ {
+ echo
+
+ cat <<\_ASBOX
+## ---------------- ##
+## Cache variables. ##
+## ---------------- ##
+_ASBOX
+ echo
+ # The following way of writing the cache mishandles newlines in values,
+{
+ (set) 2>&1 |
+ case `(ac_space='"'"' '"'"'; set | grep ac_space) 2>&1` in
+ *ac_space=\ *)
+ sed -n \
+ "s/'"'"'/'"'"'\\\\'"'"''"'"'/g;
+ s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='"'"'\\2'"'"'/p"
+ ;;
+ *)
+ sed -n \
+ "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p"
+ ;;
+ esac;
+}
+ echo
+
+ cat <<\_ASBOX
+## ----------------- ##
+## Output variables. ##
+## ----------------- ##
+_ASBOX
+ echo
+ for ac_var in $ac_subst_vars
+ do
+ eval ac_val=$`echo $ac_var`
+ echo "$ac_var='"'"'$ac_val'"'"'"
+ done | sort
+ echo
+
+ if test -n "$ac_subst_files"; then
+ cat <<\_ASBOX
+## ------------- ##
+## Output files. ##
+## ------------- ##
+_ASBOX
+ echo
+ for ac_var in $ac_subst_files
+ do
+ eval ac_val=$`echo $ac_var`
+ echo "$ac_var='"'"'$ac_val'"'"'"
+ done | sort
+ echo
+ fi
+
+ if test -s confdefs.h; then
+ cat <<\_ASBOX
+## ----------- ##
+## confdefs.h. ##
+## ----------- ##
+_ASBOX
+ echo
+ sed "/^$/d" confdefs.h | sort
+ echo
+ fi
+ test "$ac_signal" != 0 &&
+ echo "$as_me: caught signal $ac_signal"
+ echo "$as_me: exit $exit_status"
+ } >&5
+ rm -f core *.core &&
+ rm -rf conftest* confdefs* conf$$* $ac_clean_files &&
+ exit $exit_status
+ ' 0
+for ac_signal in 1 2 13 15; do
+ trap 'ac_signal='$ac_signal'; { (exit 1); exit 1; }' $ac_signal
+done
+ac_signal=0
+
+# confdefs.h avoids OS command line length limits that DEFS can exceed.
+rm -rf conftest* confdefs.h
+# AIX cpp loses on an empty file, so make sure it contains at least a newline.
+echo >confdefs.h
+
+# Predefined preprocessor variables.
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_NAME "$PACKAGE_NAME"
+_ACEOF
+
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_TARNAME "$PACKAGE_TARNAME"
+_ACEOF
+
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_VERSION "$PACKAGE_VERSION"
+_ACEOF
+
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_STRING "$PACKAGE_STRING"
+_ACEOF
+
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT"
+_ACEOF
+
+
+# Let the site file select an alternate cache file if it wants to.
+# Prefer explicitly selected file to automatically selected ones.
+if test -z "$CONFIG_SITE"; then
+ if test "x$prefix" != xNONE; then
+ CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site"
+ else
+ CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site"
+ fi
+fi
+for ac_site_file in $CONFIG_SITE; do
+ if test -r "$ac_site_file"; then
+ { echo "$as_me:$LINENO: loading site script $ac_site_file" >&5
+echo "$as_me: loading site script $ac_site_file" >&6;}
+ sed 's/^/| /' "$ac_site_file" >&5
+ . "$ac_site_file"
+ fi
+done
+
+if test -r "$cache_file"; then
+ # Some versions of bash will fail to source /dev/null (special
+ # files actually), so we avoid doing that.
+ if test -f "$cache_file"; then
+ { echo "$as_me:$LINENO: loading cache $cache_file" >&5
+echo "$as_me: loading cache $cache_file" >&6;}
+ case $cache_file in
+ [\\/]* | ?:[\\/]* ) . $cache_file;;
+ *) . ./$cache_file;;
+ esac
+ fi
+else
+ { echo "$as_me:$LINENO: creating cache $cache_file" >&5
+echo "$as_me: creating cache $cache_file" >&6;}
+ >$cache_file
+fi
+
+# Check that the precious variables saved in the cache have kept the same
+# value.
+ac_cache_corrupted=false
+for ac_var in `(set) 2>&1 |
+ sed -n 's/^ac_env_\([a-zA-Z_0-9]*\)_set=.*/\1/p'`; do
+ eval ac_old_set=\$ac_cv_env_${ac_var}_set
+ eval ac_new_set=\$ac_env_${ac_var}_set
+ eval ac_old_val="\$ac_cv_env_${ac_var}_value"
+ eval ac_new_val="\$ac_env_${ac_var}_value"
+ case $ac_old_set,$ac_new_set in
+ set,)
+ { echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
+echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
+ ac_cache_corrupted=: ;;
+ ,set)
+ { echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5
+echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
+ ac_cache_corrupted=: ;;
+ ,);;
+ *)
+ if test "x$ac_old_val" != "x$ac_new_val"; then
+ { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5
+echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
+ { echo "$as_me:$LINENO: former value: $ac_old_val" >&5
+echo "$as_me: former value: $ac_old_val" >&2;}
+ { echo "$as_me:$LINENO: current value: $ac_new_val" >&5
+echo "$as_me: current value: $ac_new_val" >&2;}
+ ac_cache_corrupted=:
+ fi;;
+ esac
+ # Pass precious variables to config.status.
+ if test "$ac_new_set" = set; then
+ case $ac_new_val in
+ *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*)
+ ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
+ *) ac_arg=$ac_var=$ac_new_val ;;
+ esac
+ case " $ac_configure_args " in
+ *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy.
+ *) ac_configure_args="$ac_configure_args '$ac_arg'" ;;
+ esac
+ fi
+done
+if $ac_cache_corrupted; then
+ { echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5
+echo "$as_me: error: changes in the environment can compromise the build" >&2;}
+ { { echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5
+echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+if test -z "$CFLAGS"; then
+ CFLAGS="-Wall -O4 -fexpensive-optimizations -funroll-loops"
+fi
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args.
+set dummy ${ac_tool_prefix}ranlib; ac_word=$2
+echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+if test "${ac_cv_prog_RANLIB+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$RANLIB"; then
+ ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+
+fi
+fi
+RANLIB=$ac_cv_prog_RANLIB
+if test -n "$RANLIB"; then
+ echo "$as_me:$LINENO: result: $RANLIB" >&5
+echo "${ECHO_T}$RANLIB" >&6
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+fi
+if test -z "$ac_cv_prog_RANLIB"; then
+ ac_ct_RANLIB=$RANLIB
+ # Extract the first word of "ranlib", so it can be a program name with args.
+set dummy ranlib; ac_word=$2
+echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$ac_ct_RANLIB"; then
+ ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_RANLIB="ranlib"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+
+ test -z "$ac_cv_prog_ac_ct_RANLIB" && ac_cv_prog_ac_ct_RANLIB=":"
+fi
+fi
+ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB
+if test -n "$ac_ct_RANLIB"; then
+ echo "$as_me:$LINENO: result: $ac_ct_RANLIB" >&5
+echo "${ECHO_T}$ac_ct_RANLIB" >&6
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+ RANLIB=$ac_ct_RANLIB
+else
+ RANLIB="$ac_cv_prog_RANLIB"
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}gcc; ac_word=$2
+echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+if test "${ac_cv_prog_CC+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ ac_cv_prog_CC="${ac_tool_prefix}gcc"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ echo "$as_me:$LINENO: result: $CC" >&5
+echo "${ECHO_T}$CC" >&6
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+fi
+if test -z "$ac_cv_prog_CC"; then
+ ac_ct_CC=$CC
+ # Extract the first word of "gcc", so it can be a program name with args.
+set dummy gcc; ac_word=$2
+echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$ac_ct_CC"; then
+ ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_CC="gcc"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+ echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
+echo "${ECHO_T}$ac_ct_CC" >&6
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+ CC=$ac_ct_CC
+else
+ CC="$ac_cv_prog_CC"
+fi
+
+if test -z "$CC"; then
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}cc; ac_word=$2
+echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+if test "${ac_cv_prog_CC+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ ac_cv_prog_CC="${ac_tool_prefix}cc"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ echo "$as_me:$LINENO: result: $CC" >&5
+echo "${ECHO_T}$CC" >&6
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+fi
+if test -z "$ac_cv_prog_CC"; then
+ ac_ct_CC=$CC
+ # Extract the first word of "cc", so it can be a program name with args.
+set dummy cc; ac_word=$2
+echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$ac_ct_CC"; then
+ ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_CC="cc"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+ echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
+echo "${ECHO_T}$ac_ct_CC" >&6
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+ CC=$ac_ct_CC
+else
+ CC="$ac_cv_prog_CC"
+fi
+
+fi
+if test -z "$CC"; then
+ # Extract the first word of "cc", so it can be a program name with args.
+set dummy cc; ac_word=$2
+echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+if test "${ac_cv_prog_CC+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+ ac_prog_rejected=no
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
+ ac_prog_rejected=yes
+ continue
+ fi
+ ac_cv_prog_CC="cc"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+
+if test $ac_prog_rejected = yes; then
+ # We found a bogon in the path, so make sure we never use it.
+ set dummy $ac_cv_prog_CC
+ shift
+ if test $# != 0; then
+ # We chose a different compiler from the bogus one.
+ # However, it has the same basename, so the bogon will be chosen
+ # first if we set CC to just the basename; use the full file name.
+ shift
+ ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
+ fi
+fi
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ echo "$as_me:$LINENO: result: $CC" >&5
+echo "${ECHO_T}$CC" >&6
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+fi
+if test -z "$CC"; then
+ if test -n "$ac_tool_prefix"; then
+ for ac_prog in cl
+ do
+ # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+if test "${ac_cv_prog_CC+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ echo "$as_me:$LINENO: result: $CC" >&5
+echo "${ECHO_T}$CC" >&6
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+ test -n "$CC" && break
+ done
+fi
+if test -z "$CC"; then
+ ac_ct_CC=$CC
+ for ac_prog in cl
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$ac_ct_CC"; then
+ ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_CC="$ac_prog"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+ echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
+echo "${ECHO_T}$ac_ct_CC" >&6
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+ test -n "$ac_ct_CC" && break
+done
+
+ CC=$ac_ct_CC
+fi
+
+fi
+
+
+test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH
+See \`config.log' for more details." >&5
+echo "$as_me: error: no acceptable C compiler found in \$PATH
+See \`config.log' for more details." >&2;}
+ { (exit 1); exit 1; }; }
+
+# Provide some information about the compiler.
+echo "$as_me:$LINENO:" \
+ "checking for C compiler version" >&5
+ac_compiler=`set X $ac_compile; echo $2`
+{ (eval echo "$as_me:$LINENO: \"$ac_compiler --version </dev/null >&5\"") >&5
+ (eval $ac_compiler --version </dev/null >&5) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+{ (eval echo "$as_me:$LINENO: \"$ac_compiler -v </dev/null >&5\"") >&5
+ (eval $ac_compiler -v </dev/null >&5) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+{ (eval echo "$as_me:$LINENO: \"$ac_compiler -V </dev/null >&5\"") >&5
+ (eval $ac_compiler -V </dev/null >&5) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+ac_clean_files_save=$ac_clean_files
+ac_clean_files="$ac_clean_files a.out a.exe b.out"
+# Try to create an executable without -o first, disregard a.out.
+# It will help us diagnose broken compilers, and finding out an intuition
+# of exeext.
+echo "$as_me:$LINENO: checking for C compiler default output file name" >&5
+echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6
+ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
+if { (eval echo "$as_me:$LINENO: \"$ac_link_default\"") >&5
+ (eval $ac_link_default) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ # Find the output, starting from the most likely. This scheme is
+# not robust to junk in `.', hence go to wildcards (a.*) only as a last
+# resort.
+
+# Be careful to initialize this variable, since it used to be cached.
+# Otherwise an old cache value of `no' led to `EXEEXT = no' in a Makefile.
+ac_cv_exeext=
+# b.out is created by i960 compilers.
+for ac_file in a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out
+do
+ test -f "$ac_file" || continue
+ case $ac_file in
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj )
+ ;;
+ conftest.$ac_ext )
+ # This is the source file.
+ ;;
+ [ab].out )
+ # We found the default executable, but exeext='' is most
+ # certainly right.
+ break;;
+ *.* )
+ ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+ # FIXME: I believe we export ac_cv_exeext for Libtool,
+ # but it would be cool to find out if it's true. Does anybody
+ # maintain Libtool? --akim.
+ export ac_cv_exeext
+ break;;
+ * )
+ break;;
+ esac
+done
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+{ { echo "$as_me:$LINENO: error: C compiler cannot create executables
+See \`config.log' for more details." >&5
+echo "$as_me: error: C compiler cannot create executables
+See \`config.log' for more details." >&2;}
+ { (exit 77); exit 77; }; }
+fi
+
+ac_exeext=$ac_cv_exeext
+echo "$as_me:$LINENO: result: $ac_file" >&5
+echo "${ECHO_T}$ac_file" >&6
+
+# Check the compiler produces executables we can run. If not, either
+# the compiler is broken, or we cross compile.
+echo "$as_me:$LINENO: checking whether the C compiler works" >&5
+echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6
+# FIXME: These cross compiler hacks should be removed for Autoconf 3.0
+# If not cross compiling, check that we can run a simple program.
+if test "$cross_compiling" != yes; then
+ if { ac_try='./$ac_file'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ cross_compiling=no
+ else
+ if test "$cross_compiling" = maybe; then
+ cross_compiling=yes
+ else
+ { { echo "$as_me:$LINENO: error: cannot run C compiled programs.
+If you meant to cross compile, use \`--host'.
+See \`config.log' for more details." >&5
+echo "$as_me: error: cannot run C compiled programs.
+If you meant to cross compile, use \`--host'.
+See \`config.log' for more details." >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+ fi
+fi
+echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6
+
+rm -f a.out a.exe conftest$ac_cv_exeext b.out
+ac_clean_files=$ac_clean_files_save
+# Check the compiler produces executables we can run. If not, either
+# the compiler is broken, or we cross compile.
+echo "$as_me:$LINENO: checking whether we are cross compiling" >&5
+echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6
+echo "$as_me:$LINENO: result: $cross_compiling" >&5
+echo "${ECHO_T}$cross_compiling" >&6
+
+echo "$as_me:$LINENO: checking for suffix of executables" >&5
+echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ # If both `conftest.exe' and `conftest' are `present' (well, observable)
+# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will
+# work properly (i.e., refer to `conftest.exe'), while it won't with
+# `rm'.
+for ac_file in conftest.exe conftest conftest.*; do
+ test -f "$ac_file" || continue
+ case $ac_file in
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj ) ;;
+ *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+ export ac_cv_exeext
+ break;;
+ * ) break;;
+ esac
+done
+else
+ { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link
+See \`config.log' for more details." >&5
+echo "$as_me: error: cannot compute suffix of executables: cannot compile and link
+See \`config.log' for more details." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+rm -f conftest$ac_cv_exeext
+echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5
+echo "${ECHO_T}$ac_cv_exeext" >&6
+
+rm -f conftest.$ac_ext
+EXEEXT=$ac_cv_exeext
+ac_exeext=$EXEEXT
+echo "$as_me:$LINENO: checking for suffix of object files" >&5
+echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6
+if test "${ac_cv_objext+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.o conftest.obj
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ for ac_file in `(ls conftest.o conftest.obj; ls conftest.*) 2>/dev/null`; do
+ case $ac_file in
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg ) ;;
+ *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
+ break;;
+ esac
+done
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+{ { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile
+See \`config.log' for more details." >&5
+echo "$as_me: error: cannot compute suffix of object files: cannot compile
+See \`config.log' for more details." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+rm -f conftest.$ac_cv_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_objext" >&5
+echo "${ECHO_T}$ac_cv_objext" >&6
+OBJEXT=$ac_cv_objext
+ac_objext=$OBJEXT
+echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5
+echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6
+if test "${ac_cv_c_compiler_gnu+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+int
+main ()
+{
+#ifndef __GNUC__
+ choke me
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_compiler_gnu=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_compiler_gnu=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+ac_cv_c_compiler_gnu=$ac_compiler_gnu
+
+fi
+echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5
+echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6
+GCC=`test $ac_compiler_gnu = yes && echo yes`
+ac_test_CFLAGS=${CFLAGS+set}
+ac_save_CFLAGS=$CFLAGS
+CFLAGS="-g"
+echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5
+echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6
+if test "${ac_cv_prog_cc_g+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_prog_cc_g=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_prog_cc_g=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5
+echo "${ECHO_T}$ac_cv_prog_cc_g" >&6
+if test "$ac_test_CFLAGS" = set; then
+ CFLAGS=$ac_save_CFLAGS
+elif test $ac_cv_prog_cc_g = yes; then
+ if test "$GCC" = yes; then
+ CFLAGS="-g -O2"
+ else
+ CFLAGS="-g"
+ fi
+else
+ if test "$GCC" = yes; then
+ CFLAGS="-O2"
+ else
+ CFLAGS=
+ fi
+fi
+echo "$as_me:$LINENO: checking for $CC option to accept ANSI C" >&5
+echo $ECHO_N "checking for $CC option to accept ANSI C... $ECHO_C" >&6
+if test "${ac_cv_prog_cc_stdc+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_cv_prog_cc_stdc=no
+ac_save_CC=$CC
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <stdarg.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */
+struct buf { int x; };
+FILE * (*rcsopen) (struct buf *, struct stat *, int);
+static char *e (p, i)
+ char **p;
+ int i;
+{
+ return p[i];
+}
+static char *f (char * (*g) (char **, int), char **p, ...)
+{
+ char *s;
+ va_list v;
+ va_start (v,p);
+ s = g (p, va_arg (v,int));
+ va_end (v);
+ return s;
+}
+
+/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has
+ function prototypes and stuff, but not '\xHH' hex character constants.
+ These don't provoke an error unfortunately, instead are silently treated
+ as 'x'. The following induces an error, until -std1 is added to get
+ proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an
+ array size at least. It's necessary to write '\x00'==0 to get something
+ that's true only with -std1. */
+int osf4_cc_array ['\x00' == 0 ? 1 : -1];
+
+int test (int i, double x);
+struct s1 {int (*f) (int a);};
+struct s2 {int (*f) (double a);};
+int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
+int argc;
+char **argv;
+int
+main ()
+{
+return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1];
+ ;
+ return 0;
+}
+_ACEOF
+# Don't try gcc -ansi; that turns off useful extensions and
+# breaks some systems' header files.
+# AIX -qlanglvl=ansi
+# Ultrix and OSF/1 -std1
+# HP-UX 10.20 and later -Ae
+# HP-UX older versions -Aa -D_HPUX_SOURCE
+# SVR4 -Xc -D__EXTENSIONS__
+for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
+do
+ CC="$ac_save_CC $ac_arg"
+ rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_prog_cc_stdc=$ac_arg
+break
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+fi
+rm -f conftest.err conftest.$ac_objext
+done
+rm -f conftest.$ac_ext conftest.$ac_objext
+CC=$ac_save_CC
+
+fi
+
+case "x$ac_cv_prog_cc_stdc" in
+ x|xno)
+ echo "$as_me:$LINENO: result: none needed" >&5
+echo "${ECHO_T}none needed" >&6 ;;
+ *)
+ echo "$as_me:$LINENO: result: $ac_cv_prog_cc_stdc" >&5
+echo "${ECHO_T}$ac_cv_prog_cc_stdc" >&6
+ CC="$CC $ac_cv_prog_cc_stdc" ;;
+esac
+
+# Some people use a C++ compiler to compile C. Since we use `exit',
+# in C++ we need to declare it. In case someone uses the same compiler
+# for both compiling C and C++ we need to have the C++ compiler decide
+# the declaration of exit, since it's the most demanding environment.
+cat >conftest.$ac_ext <<_ACEOF
+#ifndef __cplusplus
+ choke me
+#endif
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ for ac_declaration in \
+ '' \
+ 'extern "C" void std::exit (int) throw (); using std::exit;' \
+ 'extern "C" void std::exit (int); using std::exit;' \
+ 'extern "C" void exit (int) throw ();' \
+ 'extern "C" void exit (int);' \
+ 'void exit (int);'
+do
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_declaration
+#include <stdlib.h>
+int
+main ()
+{
+exit (42);
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ :
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+continue
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_declaration
+int
+main ()
+{
+exit (42);
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ break
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+done
+rm -f conftest*
+if test -n "$ac_declaration"; then
+ echo '#ifdef __cplusplus' >>confdefs.h
+ echo $ac_declaration >>confdefs.h
+ echo '#endif' >>confdefs.h
+fi
+
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+ac_aux_dir=
+for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do
+ if test -f $ac_dir/install-sh; then
+ ac_aux_dir=$ac_dir
+ ac_install_sh="$ac_aux_dir/install-sh -c"
+ break
+ elif test -f $ac_dir/install.sh; then
+ ac_aux_dir=$ac_dir
+ ac_install_sh="$ac_aux_dir/install.sh -c"
+ break
+ elif test -f $ac_dir/shtool; then
+ ac_aux_dir=$ac_dir
+ ac_install_sh="$ac_aux_dir/shtool install -c"
+ break
+ fi
+done
+if test -z "$ac_aux_dir"; then
+ { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&5
+echo "$as_me: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+ac_config_guess="$SHELL $ac_aux_dir/config.guess"
+ac_config_sub="$SHELL $ac_aux_dir/config.sub"
+ac_configure="$SHELL $ac_aux_dir/configure" # This should be Cygnus configure.
+
+# Find a good install program. We prefer a C program (faster),
+# so one script is as good as another. But avoid the broken or
+# incompatible versions:
+# SysV /etc/install, /usr/sbin/install
+# SunOS /usr/etc/install
+# IRIX /sbin/install
+# AIX /bin/install
+# AmigaOS /C/install, which installs bootblocks on floppy discs
+# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag
+# AFS /usr/afsws/bin/install, which mishandles nonexistent args
+# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
+# OS/2's system install, which has a completely different semantic
+# ./install, which can be erroneously created by make from ./install.sh.
+echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5
+echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6
+if test -z "$INSTALL"; then
+if test "${ac_cv_path_install+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ # Account for people who put trailing slashes in PATH elements.
+case $as_dir/ in
+ ./ | .// | /cC/* | \
+ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \
+ ?:\\/os2\\/install\\/* | ?:\\/OS2\\/INSTALL\\/* | \
+ /usr/ucb/* ) ;;
+ *)
+ # OSF1 and SCO ODT 3.0 have their own names for install.
+ # Don't use installbsd from OSF since it installs stuff as root
+ # by default.
+ for ac_prog in ginstall scoinst install; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then
+ if test $ac_prog = install &&
+ grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+ # AIX install. It has an incompatible calling convention.
+ :
+ elif test $ac_prog = install &&
+ grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+ # program-specific install script used by HP pwplus--don't use.
+ :
+ else
+ ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c"
+ break 3
+ fi
+ fi
+ done
+ done
+ ;;
+esac
+done
+
+
+fi
+ if test "${ac_cv_path_install+set}" = set; then
+ INSTALL=$ac_cv_path_install
+ else
+ # As a last resort, use the slow shell script. We don't cache a
+ # path for INSTALL within a source directory, because that will
+ # break other packages using the cache if that directory is
+ # removed, or if the path is relative.
+ INSTALL=$ac_install_sh
+ fi
+fi
+echo "$as_me:$LINENO: result: $INSTALL" >&5
+echo "${ECHO_T}$INSTALL" >&6
+
+# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
+# It thinks the first close brace ends the variable substitution.
+test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
+
+test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}'
+
+test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
+
+
+
+# Check whether --enable-kernel-linux or --disable-kernel-linux was given.
+if test "${enable_kernel_linux+set}" = set; then
+ enableval="$enable_kernel_linux"
+
+else
+ enable_kernel_linux=no
+fi;
+echo "$as_me:$LINENO: checking whether to build for Linux kernel context" >&5
+echo $ECHO_N "checking whether to build for Linux kernel context... $ECHO_C" >&6
+if test "$enable_kernel_linux" = "yes"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define SRTP_KERNEL 1
+_ACEOF
+
+
+cat >>confdefs.h <<\_ACEOF
+#define SRTP_KERNEL_LINUX 1
+_ACEOF
+
+fi
+echo "$as_me:$LINENO: result: $enable_kernel_linux" >&5
+echo "${ECHO_T}$enable_kernel_linux" >&6
+
+if test "$cross_compiling" != yes; then
+ echo "$as_me:$LINENO: checking for /dev/urandom" >&5
+echo $ECHO_N "checking for /dev/urandom... $ECHO_C" >&6
+if test "${ac_cv_file__dev_urandom+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ test "$cross_compiling" = yes &&
+ { { echo "$as_me:$LINENO: error: cannot check for file existence when cross compiling" >&5
+echo "$as_me: error: cannot check for file existence when cross compiling" >&2;}
+ { (exit 1); exit 1; }; }
+if test -r "/dev/urandom"; then
+ ac_cv_file__dev_urandom=yes
+else
+ ac_cv_file__dev_urandom=no
+fi
+fi
+echo "$as_me:$LINENO: result: $ac_cv_file__dev_urandom" >&5
+echo "${ECHO_T}$ac_cv_file__dev_urandom" >&6
+if test $ac_cv_file__dev_urandom = yes; then
+ DEV_URANDOM=/dev/urandom
+else
+ echo "$as_me:$LINENO: checking for /dev/random" >&5
+echo $ECHO_N "checking for /dev/random... $ECHO_C" >&6
+if test "${ac_cv_file__dev_random+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ test "$cross_compiling" = yes &&
+ { { echo "$as_me:$LINENO: error: cannot check for file existence when cross compiling" >&5
+echo "$as_me: error: cannot check for file existence when cross compiling" >&2;}
+ { (exit 1); exit 1; }; }
+if test -r "/dev/random"; then
+ ac_cv_file__dev_random=yes
+else
+ ac_cv_file__dev_random=no
+fi
+fi
+echo "$as_me:$LINENO: result: $ac_cv_file__dev_random" >&5
+echo "${ECHO_T}$ac_cv_file__dev_random" >&6
+if test $ac_cv_file__dev_random = yes; then
+ DEV_URANDOM=/dev/random
+fi
+
+fi
+
+fi
+
+echo "$as_me:$LINENO: checking which random device to use" >&5
+echo $ECHO_N "checking which random device to use... $ECHO_C" >&6
+if test "$enable_kernel_linux" = "yes"; then
+ RNG_OBJS=rand_linux_kernel.o
+ echo "$as_me:$LINENO: result: Linux kernel builtin" >&5
+echo "${ECHO_T}Linux kernel builtin" >&6
+else
+ RNG_OBJS=rand_source.o
+ if test -n "$DEV_URANDOM"; then
+
+cat >>confdefs.h <<_ACEOF
+#define DEV_URANDOM "$DEV_URANDOM"
+_ACEOF
+
+ echo "$as_me:$LINENO: result: $DEV_URANDOM" >&5
+echo "${ECHO_T}$DEV_URANDOM" >&6
+ else
+ echo "$as_me:$LINENO: result: standard rand() function..." >&5
+echo "${ECHO_T}standard rand() function..." >&6
+ fi
+fi
+
+
+
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+echo "$as_me:$LINENO: checking how to run the C preprocessor" >&5
+echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6
+# On Suns, sometimes $CPP names a directory.
+if test -n "$CPP" && test -d "$CPP"; then
+ CPP=
+fi
+if test -z "$CPP"; then
+ if test "${ac_cv_prog_CPP+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ # Double quotes because CPP needs to be expanded
+ for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp"
+ do
+ ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+ # Use a header file that comes with gcc, so configuring glibc
+ # with a fresh cross-compiler works.
+ # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ # <limits.h> exists even on freestanding compilers.
+ # On the NeXT, cc -E runs the code through the compiler's parser,
+ # not just through cpp. "Syntax error" is here to catch this case.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+ Syntax error
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ :
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.$ac_ext
+
+ # OK, works on sane cases. Now check whether non-existent headers
+ # can be detected and how.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <ac_nonexistent.h>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ # Broken: success on invalid input.
+continue
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then
+ break
+fi
+
+ done
+ ac_cv_prog_CPP=$CPP
+
+fi
+ CPP=$ac_cv_prog_CPP
+else
+ ac_cv_prog_CPP=$CPP
+fi
+echo "$as_me:$LINENO: result: $CPP" >&5
+echo "${ECHO_T}$CPP" >&6
+ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+ # Use a header file that comes with gcc, so configuring glibc
+ # with a fresh cross-compiler works.
+ # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ # <limits.h> exists even on freestanding compilers.
+ # On the NeXT, cc -E runs the code through the compiler's parser,
+ # not just through cpp. "Syntax error" is here to catch this case.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+ Syntax error
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ :
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.$ac_ext
+
+ # OK, works on sane cases. Now check whether non-existent headers
+ # can be detected and how.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <ac_nonexistent.h>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ # Broken: success on invalid input.
+continue
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then
+ :
+else
+ { { echo "$as_me:$LINENO: error: C preprocessor \"$CPP\" fails sanity check
+See \`config.log' for more details." >&5
+echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check
+See \`config.log' for more details." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+echo "$as_me:$LINENO: checking for egrep" >&5
+echo $ECHO_N "checking for egrep... $ECHO_C" >&6
+if test "${ac_cv_prog_egrep+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if echo a | (grep -E '(a|b)') >/dev/null 2>&1
+ then ac_cv_prog_egrep='grep -E'
+ else ac_cv_prog_egrep='egrep'
+ fi
+fi
+echo "$as_me:$LINENO: result: $ac_cv_prog_egrep" >&5
+echo "${ECHO_T}$ac_cv_prog_egrep" >&6
+ EGREP=$ac_cv_prog_egrep
+
+
+echo "$as_me:$LINENO: checking for ANSI C header files" >&5
+echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6
+if test "${ac_cv_header_stdc+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <float.h>
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_header_stdc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_header_stdc=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+if test $ac_cv_header_stdc = yes; then
+ # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <string.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "memchr" >/dev/null 2>&1; then
+ :
+else
+ ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+ # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <stdlib.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "free" >/dev/null 2>&1; then
+ :
+else
+ ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+ # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
+ if test "$cross_compiling" = yes; then
+ :
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <ctype.h>
+#if ((' ' & 0x0FF) == 0x020)
+# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
+# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
+#else
+# define ISLOWER(c) \
+ (('a' <= (c) && (c) <= 'i') \
+ || ('j' <= (c) && (c) <= 'r') \
+ || ('s' <= (c) && (c) <= 'z'))
+# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
+#endif
+
+#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
+int
+main ()
+{
+ int i;
+ for (i = 0; i < 256; i++)
+ if (XOR (islower (i), ISLOWER (i))
+ || toupper (i) != TOUPPER (i))
+ exit(2);
+ exit (0);
+}
+_ACEOF
+rm -f conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ :
+else
+ echo "$as_me: program exited with status $ac_status" >&5
+echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+( exit $ac_status )
+ac_cv_header_stdc=no
+fi
+rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+fi
+fi
+fi
+echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5
+echo "${ECHO_T}$ac_cv_header_stdc" >&6
+if test $ac_cv_header_stdc = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define STDC_HEADERS 1
+_ACEOF
+
+fi
+
+# On IRIX 5.3, sys/types and inttypes.h are conflicting.
+
+
+
+
+
+
+
+
+
+for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
+ inttypes.h stdint.h unistd.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_Header=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+eval "$as_ac_Header=no"
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+
+for ac_header in stdlib.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_header in unistd.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_header in byteswap.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_header in stdint.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_header in sys/uio.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_header in inttypes.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_header in sys/types.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_header in machine/types.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_header in sys/int_types.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+
+
+
+for ac_header in sys/socket.h netinet/in.h arpa/inet.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_header in windows.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+for ac_header in winsock2.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+fi
+
+done
+
+
+
+for ac_header in syslog.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+echo "$as_me:$LINENO: checking for int8_t" >&5
+echo $ECHO_N "checking for int8_t... $ECHO_C" >&6
+if test "${ac_cv_type_int8_t+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+if ((int8_t *) 0)
+ return 0;
+if (sizeof (int8_t))
+ return 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_type_int8_t=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_type_int8_t=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_type_int8_t" >&5
+echo "${ECHO_T}$ac_cv_type_int8_t" >&6
+if test $ac_cv_type_int8_t = yes; then
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_INT8_T 1
+_ACEOF
+
+
+fi
+echo "$as_me:$LINENO: checking for uint8_t" >&5
+echo $ECHO_N "checking for uint8_t... $ECHO_C" >&6
+if test "${ac_cv_type_uint8_t+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+if ((uint8_t *) 0)
+ return 0;
+if (sizeof (uint8_t))
+ return 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_type_uint8_t=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_type_uint8_t=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_type_uint8_t" >&5
+echo "${ECHO_T}$ac_cv_type_uint8_t" >&6
+if test $ac_cv_type_uint8_t = yes; then
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_UINT8_T 1
+_ACEOF
+
+
+fi
+echo "$as_me:$LINENO: checking for int16_t" >&5
+echo $ECHO_N "checking for int16_t... $ECHO_C" >&6
+if test "${ac_cv_type_int16_t+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+if ((int16_t *) 0)
+ return 0;
+if (sizeof (int16_t))
+ return 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_type_int16_t=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_type_int16_t=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_type_int16_t" >&5
+echo "${ECHO_T}$ac_cv_type_int16_t" >&6
+if test $ac_cv_type_int16_t = yes; then
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_INT16_T 1
+_ACEOF
+
+
+fi
+echo "$as_me:$LINENO: checking for uint16_t" >&5
+echo $ECHO_N "checking for uint16_t... $ECHO_C" >&6
+if test "${ac_cv_type_uint16_t+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+if ((uint16_t *) 0)
+ return 0;
+if (sizeof (uint16_t))
+ return 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_type_uint16_t=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_type_uint16_t=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_type_uint16_t" >&5
+echo "${ECHO_T}$ac_cv_type_uint16_t" >&6
+if test $ac_cv_type_uint16_t = yes; then
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_UINT16_T 1
+_ACEOF
+
+
+fi
+echo "$as_me:$LINENO: checking for int32_t" >&5
+echo $ECHO_N "checking for int32_t... $ECHO_C" >&6
+if test "${ac_cv_type_int32_t+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+if ((int32_t *) 0)
+ return 0;
+if (sizeof (int32_t))
+ return 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_type_int32_t=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_type_int32_t=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_type_int32_t" >&5
+echo "${ECHO_T}$ac_cv_type_int32_t" >&6
+if test $ac_cv_type_int32_t = yes; then
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_INT32_T 1
+_ACEOF
+
+
+fi
+echo "$as_me:$LINENO: checking for uint32_t" >&5
+echo $ECHO_N "checking for uint32_t... $ECHO_C" >&6
+if test "${ac_cv_type_uint32_t+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+if ((uint32_t *) 0)
+ return 0;
+if (sizeof (uint32_t))
+ return 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_type_uint32_t=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_type_uint32_t=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_type_uint32_t" >&5
+echo "${ECHO_T}$ac_cv_type_uint32_t" >&6
+if test $ac_cv_type_uint32_t = yes; then
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_UINT32_T 1
+_ACEOF
+
+
+fi
+echo "$as_me:$LINENO: checking for uint64_t" >&5
+echo $ECHO_N "checking for uint64_t... $ECHO_C" >&6
+if test "${ac_cv_type_uint64_t+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+if ((uint64_t *) 0)
+ return 0;
+if (sizeof (uint64_t))
+ return 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_type_uint64_t=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_type_uint64_t=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_type_uint64_t" >&5
+echo "${ECHO_T}$ac_cv_type_uint64_t" >&6
+if test $ac_cv_type_uint64_t = yes; then
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_UINT64_T 1
+_ACEOF
+
+
+fi
+
+echo "$as_me:$LINENO: checking for unsigned long" >&5
+echo $ECHO_N "checking for unsigned long... $ECHO_C" >&6
+if test "${ac_cv_type_unsigned_long+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+if ((unsigned long *) 0)
+ return 0;
+if (sizeof (unsigned long))
+ return 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_type_unsigned_long=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_type_unsigned_long=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_type_unsigned_long" >&5
+echo "${ECHO_T}$ac_cv_type_unsigned_long" >&6
+
+echo "$as_me:$LINENO: checking size of unsigned long" >&5
+echo $ECHO_N "checking size of unsigned long... $ECHO_C" >&6
+if test "${ac_cv_sizeof_unsigned_long+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test "$ac_cv_type_unsigned_long" = yes; then
+ # The cast to unsigned long works around a bug in the HP C Compiler
+ # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+ # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+ # This bug is HP SR number 8606223364.
+ if test "$cross_compiling" = yes; then
+ # Depending upon the size, compute the lo and hi bounds.
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+static int test_array [1 - 2 * !(((long) (sizeof (unsigned long))) >= 0)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_lo=0 ac_mid=0
+ while :; do
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+static int test_array [1 - 2 * !(((long) (sizeof (unsigned long))) <= $ac_mid)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_hi=$ac_mid; break
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_lo=`expr $ac_mid + 1`
+ if test $ac_lo -le $ac_mid; then
+ ac_lo= ac_hi=
+ break
+ fi
+ ac_mid=`expr 2 '*' $ac_mid + 1`
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+ done
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+static int test_array [1 - 2 * !(((long) (sizeof (unsigned long))) < 0)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_hi=-1 ac_mid=-1
+ while :; do
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+static int test_array [1 - 2 * !(((long) (sizeof (unsigned long))) >= $ac_mid)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_lo=$ac_mid; break
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_hi=`expr '(' $ac_mid ')' - 1`
+ if test $ac_mid -le $ac_hi; then
+ ac_lo= ac_hi=
+ break
+ fi
+ ac_mid=`expr 2 '*' $ac_mid`
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+ done
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_lo= ac_hi=
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+# Binary search between lo and hi bounds.
+while test "x$ac_lo" != "x$ac_hi"; do
+ ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo`
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+static int test_array [1 - 2 * !(((long) (sizeof (unsigned long))) <= $ac_mid)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_hi=$ac_mid
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_lo=`expr '(' $ac_mid ')' + 1`
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+done
+case $ac_lo in
+?*) ac_cv_sizeof_unsigned_long=$ac_lo;;
+'') { { echo "$as_me:$LINENO: error: cannot compute sizeof (unsigned long), 77
+See \`config.log' for more details." >&5
+echo "$as_me: error: cannot compute sizeof (unsigned long), 77
+See \`config.log' for more details." >&2;}
+ { (exit 1); exit 1; }; } ;;
+esac
+else
+ if test "$cross_compiling" = yes; then
+ { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling
+See \`config.log' for more details." >&5
+echo "$as_me: error: cannot run test program while cross compiling
+See \`config.log' for more details." >&2;}
+ { (exit 1); exit 1; }; }
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+long longval () { return (long) (sizeof (unsigned long)); }
+unsigned long ulongval () { return (long) (sizeof (unsigned long)); }
+#include <stdio.h>
+#include <stdlib.h>
+int
+main ()
+{
+
+ FILE *f = fopen ("conftest.val", "w");
+ if (! f)
+ exit (1);
+ if (((long) (sizeof (unsigned long))) < 0)
+ {
+ long i = longval ();
+ if (i != ((long) (sizeof (unsigned long))))
+ exit (1);
+ fprintf (f, "%ld\n", i);
+ }
+ else
+ {
+ unsigned long i = ulongval ();
+ if (i != ((long) (sizeof (unsigned long))))
+ exit (1);
+ fprintf (f, "%lu\n", i);
+ }
+ exit (ferror (f) || fclose (f) != 0);
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_sizeof_unsigned_long=`cat conftest.val`
+else
+ echo "$as_me: program exited with status $ac_status" >&5
+echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+( exit $ac_status )
+{ { echo "$as_me:$LINENO: error: cannot compute sizeof (unsigned long), 77
+See \`config.log' for more details." >&5
+echo "$as_me: error: cannot compute sizeof (unsigned long), 77
+See \`config.log' for more details." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+fi
+fi
+rm -f conftest.val
+else
+ ac_cv_sizeof_unsigned_long=0
+fi
+fi
+echo "$as_me:$LINENO: result: $ac_cv_sizeof_unsigned_long" >&5
+echo "${ECHO_T}$ac_cv_sizeof_unsigned_long" >&6
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_UNSIGNED_LONG $ac_cv_sizeof_unsigned_long
+_ACEOF
+
+
+echo "$as_me:$LINENO: checking for unsigned long long" >&5
+echo $ECHO_N "checking for unsigned long long... $ECHO_C" >&6
+if test "${ac_cv_type_unsigned_long_long+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+if ((unsigned long long *) 0)
+ return 0;
+if (sizeof (unsigned long long))
+ return 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_type_unsigned_long_long=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_type_unsigned_long_long=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_type_unsigned_long_long" >&5
+echo "${ECHO_T}$ac_cv_type_unsigned_long_long" >&6
+
+echo "$as_me:$LINENO: checking size of unsigned long long" >&5
+echo $ECHO_N "checking size of unsigned long long... $ECHO_C" >&6
+if test "${ac_cv_sizeof_unsigned_long_long+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test "$ac_cv_type_unsigned_long_long" = yes; then
+ # The cast to unsigned long works around a bug in the HP C Compiler
+ # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+ # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+ # This bug is HP SR number 8606223364.
+ if test "$cross_compiling" = yes; then
+ # Depending upon the size, compute the lo and hi bounds.
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+static int test_array [1 - 2 * !(((long) (sizeof (unsigned long long))) >= 0)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_lo=0 ac_mid=0
+ while :; do
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+static int test_array [1 - 2 * !(((long) (sizeof (unsigned long long))) <= $ac_mid)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_hi=$ac_mid; break
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_lo=`expr $ac_mid + 1`
+ if test $ac_lo -le $ac_mid; then
+ ac_lo= ac_hi=
+ break
+ fi
+ ac_mid=`expr 2 '*' $ac_mid + 1`
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+ done
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+static int test_array [1 - 2 * !(((long) (sizeof (unsigned long long))) < 0)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_hi=-1 ac_mid=-1
+ while :; do
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+static int test_array [1 - 2 * !(((long) (sizeof (unsigned long long))) >= $ac_mid)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_lo=$ac_mid; break
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_hi=`expr '(' $ac_mid ')' - 1`
+ if test $ac_mid -le $ac_hi; then
+ ac_lo= ac_hi=
+ break
+ fi
+ ac_mid=`expr 2 '*' $ac_mid`
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+ done
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_lo= ac_hi=
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+# Binary search between lo and hi bounds.
+while test "x$ac_lo" != "x$ac_hi"; do
+ ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo`
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+static int test_array [1 - 2 * !(((long) (sizeof (unsigned long long))) <= $ac_mid)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_hi=$ac_mid
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_lo=`expr '(' $ac_mid ')' + 1`
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+done
+case $ac_lo in
+?*) ac_cv_sizeof_unsigned_long_long=$ac_lo;;
+'') { { echo "$as_me:$LINENO: error: cannot compute sizeof (unsigned long long), 77
+See \`config.log' for more details." >&5
+echo "$as_me: error: cannot compute sizeof (unsigned long long), 77
+See \`config.log' for more details." >&2;}
+ { (exit 1); exit 1; }; } ;;
+esac
+else
+ if test "$cross_compiling" = yes; then
+ { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling
+See \`config.log' for more details." >&5
+echo "$as_me: error: cannot run test program while cross compiling
+See \`config.log' for more details." >&2;}
+ { (exit 1); exit 1; }; }
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+long longval () { return (long) (sizeof (unsigned long long)); }
+unsigned long ulongval () { return (long) (sizeof (unsigned long long)); }
+#include <stdio.h>
+#include <stdlib.h>
+int
+main ()
+{
+
+ FILE *f = fopen ("conftest.val", "w");
+ if (! f)
+ exit (1);
+ if (((long) (sizeof (unsigned long long))) < 0)
+ {
+ long i = longval ();
+ if (i != ((long) (sizeof (unsigned long long))))
+ exit (1);
+ fprintf (f, "%ld\n", i);
+ }
+ else
+ {
+ unsigned long i = ulongval ();
+ if (i != ((long) (sizeof (unsigned long long))))
+ exit (1);
+ fprintf (f, "%lu\n", i);
+ }
+ exit (ferror (f) || fclose (f) != 0);
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_sizeof_unsigned_long_long=`cat conftest.val`
+else
+ echo "$as_me: program exited with status $ac_status" >&5
+echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+( exit $ac_status )
+{ { echo "$as_me:$LINENO: error: cannot compute sizeof (unsigned long long), 77
+See \`config.log' for more details." >&5
+echo "$as_me: error: cannot compute sizeof (unsigned long long), 77
+See \`config.log' for more details." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+fi
+fi
+rm -f conftest.val
+else
+ ac_cv_sizeof_unsigned_long_long=0
+fi
+fi
+echo "$as_me:$LINENO: result: $ac_cv_sizeof_unsigned_long_long" >&5
+echo "${ECHO_T}$ac_cv_sizeof_unsigned_long_long" >&6
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_UNSIGNED_LONG_LONG $ac_cv_sizeof_unsigned_long_long
+_ACEOF
+
+
+
+echo "$as_me:$LINENO: checking for an ANSI C-conforming const" >&5
+echo $ECHO_N "checking for an ANSI C-conforming const... $ECHO_C" >&6
+if test "${ac_cv_c_const+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+int
+main ()
+{
+/* FIXME: Include the comments suggested by Paul. */
+#ifndef __cplusplus
+ /* Ultrix mips cc rejects this. */
+ typedef int charset[2];
+ const charset x;
+ /* SunOS 4.1.1 cc rejects this. */
+ char const *const *ccp;
+ char **p;
+ /* NEC SVR4.0.2 mips cc rejects this. */
+ struct point {int x, y;};
+ static struct point const zero = {0,0};
+ /* AIX XL C 1.02.0.0 rejects this.
+ It does not let you subtract one const X* pointer from another in
+ an arm of an if-expression whose if-part is not a constant
+ expression */
+ const char *g = "string";
+ ccp = &g + (g ? g-g : 0);
+ /* HPUX 7.0 cc rejects these. */
+ ++ccp;
+ p = (char**) ccp;
+ ccp = (char const *const *) p;
+ { /* SCO 3.2v4 cc rejects this. */
+ char *t;
+ char const *s = 0 ? (char *) 0 : (char const *) 0;
+
+ *t++ = 0;
+ }
+ { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */
+ int x[] = {25, 17};
+ const int *foo = &x[0];
+ ++foo;
+ }
+ { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */
+ typedef const int *iptr;
+ iptr p = 0;
+ ++p;
+ }
+ { /* AIX XL C 1.02.0.0 rejects this saying
+ "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */
+ struct s { int j; const int *ap[3]; };
+ struct s *b; b->j = 5;
+ }
+ { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */
+ const int foo = 10;
+ }
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_c_const=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_c_const=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_c_const" >&5
+echo "${ECHO_T}$ac_cv_c_const" >&6
+if test $ac_cv_c_const = no; then
+
+cat >>confdefs.h <<\_ACEOF
+#define const
+_ACEOF
+
+fi
+
+echo "$as_me:$LINENO: checking for inline" >&5
+echo $ECHO_N "checking for inline... $ECHO_C" >&6
+if test "${ac_cv_c_inline+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_cv_c_inline=no
+for ac_kw in inline __inline__ __inline; do
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#ifndef __cplusplus
+typedef int foo_t;
+static $ac_kw foo_t static_foo () {return 0; }
+$ac_kw foo_t foo () {return 0; }
+#endif
+
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_c_inline=$ac_kw; break
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+done
+
+fi
+echo "$as_me:$LINENO: result: $ac_cv_c_inline" >&5
+echo "${ECHO_T}$ac_cv_c_inline" >&6
+
+
+case $ac_cv_c_inline in
+ inline | yes) ;;
+ *)
+ case $ac_cv_c_inline in
+ no) ac_val=;;
+ *) ac_val=$ac_cv_c_inline;;
+ esac
+ cat >>confdefs.h <<_ACEOF
+#ifndef __cplusplus
+#define inline $ac_val
+#endif
+_ACEOF
+ ;;
+esac
+
+echo "$as_me:$LINENO: checking for size_t" >&5
+echo $ECHO_N "checking for size_t... $ECHO_C" >&6
+if test "${ac_cv_type_size_t+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+if ((size_t *) 0)
+ return 0;
+if (sizeof (size_t))
+ return 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_type_size_t=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_type_size_t=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_type_size_t" >&5
+echo "${ECHO_T}$ac_cv_type_size_t" >&6
+if test $ac_cv_type_size_t = yes; then
+ :
+else
+
+cat >>confdefs.h <<_ACEOF
+#define size_t unsigned
+_ACEOF
+
+fi
+
+
+
+
+
+for ac_func in socket inet_aton usleep
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
+if eval "test \"\${$as_ac_var+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define $ac_func innocuous_$ac_func
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef $ac_func
+
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+char (*f) () = $ac_func;
+#endif
+#ifdef __cplusplus
+}
+#endif
+
+int
+main ()
+{
+return f != $ac_func;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+eval "$as_ac_var=no"
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+
+if test "x$ac_cv_func_socket" = "xno"; then
+
+echo "$as_me:$LINENO: checking for socket in -lsocket" >&5
+echo $ECHO_N "checking for socket in -lsocket... $ECHO_C" >&6
+if test "${ac_cv_lib_socket_socket+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lsocket $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char socket ();
+int
+main ()
+{
+socket ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_lib_socket_socket=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_lib_socket_socket=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+echo "$as_me:$LINENO: result: $ac_cv_lib_socket_socket" >&5
+echo "${ECHO_T}$ac_cv_lib_socket_socket" >&6
+if test $ac_cv_lib_socket_socket = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_LIBSOCKET 1
+_ACEOF
+
+ LIBS="-lsocket $LIBS"
+
+fi
+
+ echo "$as_me:$LINENO: checking for socket in -lwsock32" >&5
+echo $ECHO_N "checking for socket in -lwsock32... $ECHO_C" >&6
+ SAVELIBS="$LIBS"
+ LIBS="$LIBS -lwsock32"
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <winsock2.h>
+
+int
+main ()
+{
+
+socket(0, 0, 0);
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_func_socket=yes
+ echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+LIBS="$SAVELIBS"
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+
+echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5
+echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6
+if test "${ac_cv_c_bigendian+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ # See if sys/param.h defines the BYTE_ORDER macro.
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <sys/types.h>
+#include <sys/param.h>
+
+int
+main ()
+{
+#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN
+ bogus endian macros
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ # It does; now see whether it defined to BIG_ENDIAN or not.
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <sys/types.h>
+#include <sys/param.h>
+
+int
+main ()
+{
+#if BYTE_ORDER != BIG_ENDIAN
+ not big endian
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_c_bigendian=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_c_bigendian=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+# It does not; compile a test program.
+if test "$cross_compiling" = yes; then
+ # try to guess the endianness by grepping values into an object file
+ ac_cv_c_bigendian=unknown
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+short ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 };
+short ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 };
+void _ascii () { char *s = (char *) ascii_mm; s = (char *) ascii_ii; }
+short ebcdic_ii[] = { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 };
+short ebcdic_mm[] = { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 };
+void _ebcdic () { char *s = (char *) ebcdic_mm; s = (char *) ebcdic_ii; }
+int
+main ()
+{
+ _ascii (); _ebcdic ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ if grep BIGenDianSyS conftest.$ac_objext >/dev/null ; then
+ ac_cv_c_bigendian=yes
+fi
+if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then
+ if test "$ac_cv_c_bigendian" = unknown; then
+ ac_cv_c_bigendian=no
+ else
+ # finding both strings is unlikely to happen, but who knows?
+ ac_cv_c_bigendian=unknown
+ fi
+fi
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+int
+main ()
+{
+ /* Are we little or big endian? From Harbison&Steele. */
+ union
+ {
+ long l;
+ char c[sizeof (long)];
+ } u;
+ u.l = 1;
+ exit (u.c[sizeof (long) - 1] == 1);
+}
+_ACEOF
+rm -f conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_c_bigendian=no
+else
+ echo "$as_me: program exited with status $ac_status" >&5
+echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+( exit $ac_status )
+ac_cv_c_bigendian=yes
+fi
+rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+fi
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5
+echo "${ECHO_T}$ac_cv_c_bigendian" >&6
+case $ac_cv_c_bigendian in
+ yes)
+
+cat >>confdefs.h <<\_ACEOF
+#define WORDS_BIGENDIAN 1
+_ACEOF
+ ;;
+ no)
+ ;;
+ *)
+ { { echo "$as_me:$LINENO: error: unknown endianness
+presetting ac_cv_c_bigendian=no (or yes) will help" >&5
+echo "$as_me: error: unknown endianness
+presetting ac_cv_c_bigendian=no (or yes) will help" >&2;}
+ { (exit 1); exit 1; }; } ;;
+esac
+
+
+# Make sure we can run config.sub.
+$ac_config_sub sun4 >/dev/null 2>&1 ||
+ { { echo "$as_me:$LINENO: error: cannot run $ac_config_sub" >&5
+echo "$as_me: error: cannot run $ac_config_sub" >&2;}
+ { (exit 1); exit 1; }; }
+
+echo "$as_me:$LINENO: checking build system type" >&5
+echo $ECHO_N "checking build system type... $ECHO_C" >&6
+if test "${ac_cv_build+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_cv_build_alias=$build_alias
+test -z "$ac_cv_build_alias" &&
+ ac_cv_build_alias=`$ac_config_guess`
+test -z "$ac_cv_build_alias" &&
+ { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5
+echo "$as_me: error: cannot guess build type; you must specify one" >&2;}
+ { (exit 1); exit 1; }; }
+ac_cv_build=`$ac_config_sub $ac_cv_build_alias` ||
+ { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_build_alias failed" >&5
+echo "$as_me: error: $ac_config_sub $ac_cv_build_alias failed" >&2;}
+ { (exit 1); exit 1; }; }
+
+fi
+echo "$as_me:$LINENO: result: $ac_cv_build" >&5
+echo "${ECHO_T}$ac_cv_build" >&6
+build=$ac_cv_build
+build_cpu=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
+build_vendor=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
+build_os=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
+
+
+echo "$as_me:$LINENO: checking host system type" >&5
+echo $ECHO_N "checking host system type... $ECHO_C" >&6
+if test "${ac_cv_host+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_cv_host_alias=$host_alias
+test -z "$ac_cv_host_alias" &&
+ ac_cv_host_alias=$ac_cv_build_alias
+ac_cv_host=`$ac_config_sub $ac_cv_host_alias` ||
+ { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_host_alias failed" >&5
+echo "$as_me: error: $ac_config_sub $ac_cv_host_alias failed" >&2;}
+ { (exit 1); exit 1; }; }
+
+fi
+echo "$as_me:$LINENO: result: $ac_cv_host" >&5
+echo "${ECHO_T}$ac_cv_host" >&6
+host=$ac_cv_host
+host_cpu=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
+host_vendor=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
+host_os=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
+
+
+
+case $host_cpu in
+ i*86 )
+
+cat >>confdefs.h <<\_ACEOF
+#define CPU_CISC 1
+_ACEOF
+
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_X86 1
+_ACEOF
+;;
+ * )
+ # CPU_RISC is only supported for big endian machines.
+ if test "$ac_cv_c_bigendian" = "yes"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define CPU_RISC 1
+_ACEOF
+
+ else
+ cat >>confdefs.h <<\_ACEOF
+#define CPU_CISC 1
+_ACEOF
+
+ fi
+ ;;
+esac
+
+case $host_os in
+ *cygwin*|*mingw* )
+ EXE=.exe;;
+ * ) EXE="";;
+esac
+
+ # define executable suffix; this is needed for `make clean'
+
+echo "$as_me:$LINENO: checking whether to compile in debugging" >&5
+echo $ECHO_N "checking whether to compile in debugging... $ECHO_C" >&6
+# Check whether --enable-debug or --disable-debug was given.
+if test "${enable_debug+set}" = set; then
+ enableval="$enable_debug"
+
+else
+ enable_debug=yes
+fi;
+if test "$enable_debug" = "yes"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define ENABLE_DEBUGGING 1
+_ACEOF
+
+fi
+echo "$as_me:$LINENO: result: $enable_debug" >&5
+echo "${ECHO_T}$enable_debug" >&6
+
+echo "$as_me:$LINENO: checking whether to use ISMAcryp code" >&5
+echo $ECHO_N "checking whether to use ISMAcryp code... $ECHO_C" >&6
+# Check whether --enable-generic-aesicm or --disable-generic-aesicm was given.
+if test "${enable_generic_aesicm+set}" = set; then
+ enableval="$enable_generic_aesicm"
+
+else
+ enable_generic_aesicm=no
+fi;
+if test "$enable_generic_aesicm" = "yes"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define GENERIC_AESICM 1
+_ACEOF
+
+fi
+echo "$as_me:$LINENO: result: $enable_generic_aesicm" >&5
+echo "${ECHO_T}$enable_generic_aesicm" >&6
+
+echo "$as_me:$LINENO: checking whether to use syslog for error reporting" >&5
+echo $ECHO_N "checking whether to use syslog for error reporting... $ECHO_C" >&6
+# Check whether --enable-syslog or --disable-syslog was given.
+if test "${enable_syslog+set}" = set; then
+ enableval="$enable_syslog"
+
+else
+ enable_syslog=no
+fi;
+if test "$enable_syslog" = "yes"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define USE_SYSLOG 1
+_ACEOF
+
+fi
+echo "$as_me:$LINENO: result: $enable_syslog" >&5
+echo "${ECHO_T}$enable_syslog" >&6
+
+echo "$as_me:$LINENO: checking whether to use stdout for error reporting" >&5
+echo $ECHO_N "checking whether to use stdout for error reporting... $ECHO_C" >&6
+# Check whether --enable-stdout or --disable-stdout was given.
+if test "${enable_stdout+set}" = set; then
+ enableval="$enable_stdout"
+
+else
+ enable_stdout=yes
+fi;
+if test "$enable_stdout" = "yes"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define ERR_REPORTING_STDOUT 1
+_ACEOF
+
+fi
+echo "$as_me:$LINENO: result: $enable_stdout" >&5
+echo "${ECHO_T}$enable_stdout" >&6
+
+echo "$as_me:$LINENO: checking whether to use /dev/console for error reporting" >&5
+echo $ECHO_N "checking whether to use /dev/console for error reporting... $ECHO_C" >&6
+# Check whether --enable-console or --disable-console was given.
+if test "${enable_console+set}" = set; then
+ enableval="$enable_console"
+
+else
+ enable_console=no
+fi;
+if test "$enable_console" = "yes"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define USE_ERR_REPORTING_FILE 1
+_ACEOF
+
+
+cat >>confdefs.h <<\_ACEOF
+#define ERR_REPORTING_FILE "/dev/console"
+_ACEOF
+
+fi
+echo "$as_me:$LINENO: result: $enable_console" >&5
+echo "${ECHO_T}$enable_console" >&6
+
+echo "$as_me:$LINENO: checking whether to use GDOI key management" >&5
+echo $ECHO_N "checking whether to use GDOI key management... $ECHO_C" >&6
+# Check whether --enable-gdoi or --disable-gdoi was given.
+if test "${enable_gdoi+set}" = set; then
+ enableval="$enable_gdoi"
+
+else
+ enable_gdoi=no
+fi;
+if test "$enable_gdoi" = "yes"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define SRTP_GDOI 1
+_ACEOF
+
+ GDOI_OBJS=gdoi/srtp+gdoi.o
+
+fi
+echo "$as_me:$LINENO: result: $enable_gdoi" >&5
+echo "${ECHO_T}$enable_gdoi" >&6
+
+ ac_config_headers="$ac_config_headers crypto/include/config.h:config_in.h"
+
+
+ ac_config_files="$ac_config_files Makefile crypto/Makefile doc/Makefile"
+cat >confcache <<\_ACEOF
+# This file is a shell script that caches the results of configure
+# tests run on this system so they can be shared between configure
+# scripts and configure runs, see configure's option --config-cache.
+# It is not useful on other systems. If it contains results you don't
+# want to keep, you may remove or edit it.
+#
+# config.status only pays attention to the cache file if you give it
+# the --recheck option to rerun configure.
+#
+# `ac_cv_env_foo' variables (set or unset) will be overridden when
+# loading this file, other *unset* `ac_cv_foo' will be assigned the
+# following values.
+
+_ACEOF
+
+# The following way of writing the cache mishandles newlines in values,
+# but we know of no workaround that is simple, portable, and efficient.
+# So, don't put newlines in cache variables' values.
+# Ultrix sh set writes to stderr and can't be redirected directly,
+# and sets the high bit in the cache file unless we assign to the vars.
+{
+ (set) 2>&1 |
+ case `(ac_space=' '; set | grep ac_space) 2>&1` in
+ *ac_space=\ *)
+ # `set' does not quote correctly, so add quotes (double-quote
+ # substitution turns \\\\ into \\, and sed turns \\ into \).
+ sed -n \
+ "s/'/'\\\\''/g;
+ s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p"
+ ;;
+ *)
+ # `set' quotes correctly as required by POSIX, so do not add quotes.
+ sed -n \
+ "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p"
+ ;;
+ esac;
+} |
+ sed '
+ t clear
+ : clear
+ s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/
+ t end
+ /^ac_cv_env/!s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/
+ : end' >>confcache
+if diff $cache_file confcache >/dev/null 2>&1; then :; else
+ if test -w $cache_file; then
+ test "x$cache_file" != "x/dev/null" && echo "updating cache $cache_file"
+ cat confcache >$cache_file
+ else
+ echo "not updating unwritable cache $cache_file"
+ fi
+fi
+rm -f confcache
+
+test "x$prefix" = xNONE && prefix=$ac_default_prefix
+# Let make expand exec_prefix.
+test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
+
+# VPATH may cause trouble with some makes, so we remove $(srcdir),
+# ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and
+# trailing colons and then remove the whole line if VPATH becomes empty
+# (actually we leave an empty line to preserve line numbers).
+if test "x$srcdir" = x.; then
+ ac_vpsub='/^[ ]*VPATH[ ]*=/{
+s/:*\$(srcdir):*/:/;
+s/:*\${srcdir}:*/:/;
+s/:*@srcdir@:*/:/;
+s/^\([^=]*=[ ]*\):*/\1/;
+s/:*$//;
+s/^[^=]*=[ ]*$//;
+}'
+fi
+
+DEFS=-DHAVE_CONFIG_H
+
+ac_libobjs=
+ac_ltlibobjs=
+for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
+ # 1. Remove the extension, and $U if already installed.
+ ac_i=`echo "$ac_i" |
+ sed 's/\$U\././;s/\.o$//;s/\.obj$//'`
+ # 2. Add them.
+ ac_libobjs="$ac_libobjs $ac_i\$U.$ac_objext"
+ ac_ltlibobjs="$ac_ltlibobjs $ac_i"'$U.lo'
+done
+LIBOBJS=$ac_libobjs
+
+LTLIBOBJS=$ac_ltlibobjs
+
+
+
+: ${CONFIG_STATUS=./config.status}
+ac_clean_files_save=$ac_clean_files
+ac_clean_files="$ac_clean_files $CONFIG_STATUS"
+{ echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5
+echo "$as_me: creating $CONFIG_STATUS" >&6;}
+cat >$CONFIG_STATUS <<_ACEOF
+#! $SHELL
+# Generated by $as_me.
+# Run this file to recreate the current configuration.
+# Compiler output produced by configure, useful for debugging
+# configure, is in config.log if it exists.
+
+debug=false
+ac_cs_recheck=false
+ac_cs_silent=false
+SHELL=\${CONFIG_SHELL-$SHELL}
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF
+## --------------------- ##
+## M4sh Initialization. ##
+## --------------------- ##
+
+# Be Bourne compatible
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+ emulate sh
+ NULLCMD=:
+ # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '${1+"$@"}'='"$@"'
+elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then
+ set -o posix
+fi
+DUALCASE=1; export DUALCASE # for MKS sh
+
+# Support unset when possible.
+if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
+ as_unset=unset
+else
+ as_unset=false
+fi
+
+
+# Work around bugs in pre-3.0 UWIN ksh.
+$as_unset ENV MAIL MAILPATH
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# NLS nuisances.
+for as_var in \
+ LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \
+ LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \
+ LC_TELEPHONE LC_TIME
+do
+ if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then
+ eval $as_var=C; export $as_var
+ else
+ $as_unset $as_var
+ fi
+done
+
+# Required to use basename.
+if expr a : '\(a\)' >/dev/null 2>&1; then
+ as_expr=expr
+else
+ as_expr=false
+fi
+
+if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then
+ as_basename=basename
+else
+ as_basename=false
+fi
+
+
+# Name of the executable.
+as_me=`$as_basename "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+ X"$0" : 'X\(//\)$' \| \
+ X"$0" : 'X\(/\)$' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X/"$0" |
+ sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; }
+ /^X\/\(\/\/\)$/{ s//\1/; q; }
+ /^X\/\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+
+
+# PATH needs CR, and LINENO needs CR and PATH.
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ echo "#! /bin/sh" >conf$$.sh
+ echo "exit 0" >>conf$$.sh
+ chmod +x conf$$.sh
+ if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+ PATH_SEPARATOR=';'
+ else
+ PATH_SEPARATOR=:
+ fi
+ rm -f conf$$.sh
+fi
+
+
+ as_lineno_1=$LINENO
+ as_lineno_2=$LINENO
+ as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
+ test "x$as_lineno_1" != "x$as_lineno_2" &&
+ test "x$as_lineno_3" = "x$as_lineno_2" || {
+ # Find who we are. Look in the path if we contain no path at all
+ # relative or not.
+ case $0 in
+ *[\\/]* ) as_myself=$0 ;;
+ *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+done
+
+ ;;
+ esac
+ # We did not find ourselves, most probably we were run as `sh COMMAND'
+ # in which case we are not to be found in the path.
+ if test "x$as_myself" = x; then
+ as_myself=$0
+ fi
+ if test ! -f "$as_myself"; then
+ { { echo "$as_me:$LINENO: error: cannot find myself; rerun with an absolute path" >&5
+echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+ case $CONFIG_SHELL in
+ '')
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for as_base in sh bash ksh sh5; do
+ case $as_dir in
+ /*)
+ if ("$as_dir/$as_base" -c '
+ as_lineno_1=$LINENO
+ as_lineno_2=$LINENO
+ as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
+ test "x$as_lineno_1" != "x$as_lineno_2" &&
+ test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then
+ $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; }
+ $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; }
+ CONFIG_SHELL=$as_dir/$as_base
+ export CONFIG_SHELL
+ exec "$CONFIG_SHELL" "$0" ${1+"$@"}
+ fi;;
+ esac
+ done
+done
+;;
+ esac
+
+ # Create $as_me.lineno as a copy of $as_myself, but with $LINENO
+ # uniformly replaced by the line number. The first 'sed' inserts a
+ # line-number line before each line; the second 'sed' does the real
+ # work. The second script uses 'N' to pair each line-number line
+ # with the numbered line, and appends trailing '-' during
+ # substitution so that $LINENO is not a special case at line end.
+ # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the
+ # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-)
+ sed '=' <$as_myself |
+ sed '
+ N
+ s,$,-,
+ : loop
+ s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3,
+ t loop
+ s,-$,,
+ s,^['$as_cr_digits']*\n,,
+ ' >$as_me.lineno &&
+ chmod +x $as_me.lineno ||
+ { { echo "$as_me:$LINENO: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&5
+echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2;}
+ { (exit 1); exit 1; }; }
+
+ # Don't try to exec as it changes $[0], causing all sort of problems
+ # (the dirname of $[0] is not the place where we might find the
+ # original and so on. Autoconf is especially sensible to this).
+ . ./$as_me.lineno
+ # Exit status is that of the last command.
+ exit
+}
+
+
+case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in
+ *c*,-n*) ECHO_N= ECHO_C='
+' ECHO_T=' ' ;;
+ *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;;
+ *) ECHO_N= ECHO_C='\c' ECHO_T= ;;
+esac
+
+if expr a : '\(a\)' >/dev/null 2>&1; then
+ as_expr=expr
+else
+ as_expr=false
+fi
+
+rm -f conf$$ conf$$.exe conf$$.file
+echo >conf$$.file
+if ln -s conf$$.file conf$$ 2>/dev/null; then
+ # We could just check for DJGPP; but this test a) works b) is more generic
+ # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04).
+ if test -f conf$$.exe; then
+ # Don't use ln at all; we don't have any links
+ as_ln_s='cp -p'
+ else
+ as_ln_s='ln -s'
+ fi
+elif ln conf$$.file conf$$ 2>/dev/null; then
+ as_ln_s=ln
+else
+ as_ln_s='cp -p'
+fi
+rm -f conf$$ conf$$.exe conf$$.file
+
+if mkdir -p . 2>/dev/null; then
+ as_mkdir_p=:
+else
+ test -d ./-p && rmdir ./-p
+ as_mkdir_p=false
+fi
+
+as_executable_p="test -f"
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+
+# IFS
+# We need space, tab and new line, in precisely that order.
+as_nl='
+'
+IFS=" $as_nl"
+
+# CDPATH.
+$as_unset CDPATH
+
+exec 6>&1
+
+# Open the log real soon, to keep \$[0] and so on meaningful, and to
+# report actual input values of CONFIG_FILES etc. instead of their
+# values after options handling. Logging --version etc. is OK.
+exec 5>>config.log
+{
+ echo
+ sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
+## Running $as_me. ##
+_ASBOX
+} >&5
+cat >&5 <<_CSEOF
+
+This file was extended by $as_me, which was
+generated by GNU Autoconf 2.59. Invocation command line was
+
+ CONFIG_FILES = $CONFIG_FILES
+ CONFIG_HEADERS = $CONFIG_HEADERS
+ CONFIG_LINKS = $CONFIG_LINKS
+ CONFIG_COMMANDS = $CONFIG_COMMANDS
+ $ $0 $@
+
+_CSEOF
+echo "on `(hostname || uname -n) 2>/dev/null | sed 1q`" >&5
+echo >&5
+_ACEOF
+
+# Files that config.status was made for.
+if test -n "$ac_config_files"; then
+ echo "config_files=\"$ac_config_files\"" >>$CONFIG_STATUS
+fi
+
+if test -n "$ac_config_headers"; then
+ echo "config_headers=\"$ac_config_headers\"" >>$CONFIG_STATUS
+fi
+
+if test -n "$ac_config_links"; then
+ echo "config_links=\"$ac_config_links\"" >>$CONFIG_STATUS
+fi
+
+if test -n "$ac_config_commands"; then
+ echo "config_commands=\"$ac_config_commands\"" >>$CONFIG_STATUS
+fi
+
+cat >>$CONFIG_STATUS <<\_ACEOF
+
+ac_cs_usage="\
+\`$as_me' instantiates files from templates according to the
+current configuration.
+
+Usage: $0 [OPTIONS] [FILE]...
+
+ -h, --help print this help, then exit
+ -V, --version print version number, then exit
+ -q, --quiet do not print progress messages
+ -d, --debug don't remove temporary files
+ --recheck update $as_me by reconfiguring in the same conditions
+ --file=FILE[:TEMPLATE]
+ instantiate the configuration file FILE
+ --header=FILE[:TEMPLATE]
+ instantiate the configuration header FILE
+
+Configuration files:
+$config_files
+
+Configuration headers:
+$config_headers
+
+Report bugs to <bug-autoconf@gnu.org>."
+_ACEOF
+
+cat >>$CONFIG_STATUS <<_ACEOF
+ac_cs_version="\\
+config.status
+configured by $0, generated by GNU Autoconf 2.59,
+ with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
+
+Copyright (C) 2003 Free Software Foundation, Inc.
+This config.status script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it."
+srcdir=$srcdir
+INSTALL="$INSTALL"
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF
+# If no file are specified by the user, then we need to provide default
+# value. By we need to know if files were specified by the user.
+ac_need_defaults=:
+while test $# != 0
+do
+ case $1 in
+ --*=*)
+ ac_option=`expr "x$1" : 'x\([^=]*\)='`
+ ac_optarg=`expr "x$1" : 'x[^=]*=\(.*\)'`
+ ac_shift=:
+ ;;
+ -*)
+ ac_option=$1
+ ac_optarg=$2
+ ac_shift=shift
+ ;;
+ *) # This is not an option, so the user has probably given explicit
+ # arguments.
+ ac_option=$1
+ ac_need_defaults=false;;
+ esac
+
+ case $ac_option in
+ # Handling of the options.
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF
+ -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
+ ac_cs_recheck=: ;;
+ --version | --vers* | -V )
+ echo "$ac_cs_version"; exit 0 ;;
+ --he | --h)
+ # Conflict between --help and --header
+ { { echo "$as_me:$LINENO: error: ambiguous option: $1
+Try \`$0 --help' for more information." >&5
+echo "$as_me: error: ambiguous option: $1
+Try \`$0 --help' for more information." >&2;}
+ { (exit 1); exit 1; }; };;
+ --help | --hel | -h )
+ echo "$ac_cs_usage"; exit 0 ;;
+ --debug | --d* | -d )
+ debug=: ;;
+ --file | --fil | --fi | --f )
+ $ac_shift
+ CONFIG_FILES="$CONFIG_FILES $ac_optarg"
+ ac_need_defaults=false;;
+ --header | --heade | --head | --hea )
+ $ac_shift
+ CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg"
+ ac_need_defaults=false;;
+ -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+ | -silent | --silent | --silen | --sile | --sil | --si | --s)
+ ac_cs_silent=: ;;
+
+ # This is an error.
+ -*) { { echo "$as_me:$LINENO: error: unrecognized option: $1
+Try \`$0 --help' for more information." >&5
+echo "$as_me: error: unrecognized option: $1
+Try \`$0 --help' for more information." >&2;}
+ { (exit 1); exit 1; }; } ;;
+
+ *) ac_config_targets="$ac_config_targets $1" ;;
+
+ esac
+ shift
+done
+
+ac_configure_extra_args=
+
+if $ac_cs_silent; then
+ exec 6>/dev/null
+ ac_configure_extra_args="$ac_configure_extra_args --silent"
+fi
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF
+if \$ac_cs_recheck; then
+ echo "running $SHELL $0 " $ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6
+ exec $SHELL $0 $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
+fi
+
+_ACEOF
+
+
+
+
+
+cat >>$CONFIG_STATUS <<\_ACEOF
+for ac_config_target in $ac_config_targets
+do
+ case "$ac_config_target" in
+ # Handling of arguments.
+ "Makefile" ) CONFIG_FILES="$CONFIG_FILES Makefile" ;;
+ "crypto/Makefile" ) CONFIG_FILES="$CONFIG_FILES crypto/Makefile" ;;
+ "doc/Makefile" ) CONFIG_FILES="$CONFIG_FILES doc/Makefile" ;;
+ "crypto/include/config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS crypto/include/config.h:config_in.h" ;;
+ *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5
+echo "$as_me: error: invalid argument: $ac_config_target" >&2;}
+ { (exit 1); exit 1; }; };;
+ esac
+done
+
+# If the user did not use the arguments to specify the items to instantiate,
+# then the envvar interface is used. Set only those that are not.
+# We use the long form for the default assignment because of an extremely
+# bizarre bug on SunOS 4.1.3.
+if $ac_need_defaults; then
+ test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
+ test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
+fi
+
+# Have a temporary directory for convenience. Make it in the build tree
+# simply because there is no reason to put it here, and in addition,
+# creating and moving files from /tmp can sometimes cause problems.
+# Create a temporary directory, and hook for its removal unless debugging.
+$debug ||
+{
+ trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0
+ trap '{ (exit 1); exit 1; }' 1 2 13 15
+}
+
+# Create a (secure) tmp directory for tmp files.
+
+{
+ tmp=`(umask 077 && mktemp -d -q "./confstatXXXXXX") 2>/dev/null` &&
+ test -n "$tmp" && test -d "$tmp"
+} ||
+{
+ tmp=./confstat$$-$RANDOM
+ (umask 077 && mkdir $tmp)
+} ||
+{
+ echo "$me: cannot create a temporary directory in ." >&2
+ { (exit 1); exit 1; }
+}
+
+_ACEOF
+
+cat >>$CONFIG_STATUS <<_ACEOF
+
+#
+# CONFIG_FILES section.
+#
+
+# No need to generate the scripts if there are no CONFIG_FILES.
+# This happens for instance when ./config.status config.h
+if test -n "\$CONFIG_FILES"; then
+ # Protect against being on the right side of a sed subst in config.status.
+ sed 's/,@/@@/; s/@,/@@/; s/,;t t\$/@;t t/; /@;t t\$/s/[\\\\&,]/\\\\&/g;
+ s/@@/,@/; s/@@/@,/; s/@;t t\$/,;t t/' >\$tmp/subs.sed <<\\CEOF
+s,@SHELL@,$SHELL,;t t
+s,@PATH_SEPARATOR@,$PATH_SEPARATOR,;t t
+s,@PACKAGE_NAME@,$PACKAGE_NAME,;t t
+s,@PACKAGE_TARNAME@,$PACKAGE_TARNAME,;t t
+s,@PACKAGE_VERSION@,$PACKAGE_VERSION,;t t
+s,@PACKAGE_STRING@,$PACKAGE_STRING,;t t
+s,@PACKAGE_BUGREPORT@,$PACKAGE_BUGREPORT,;t t
+s,@exec_prefix@,$exec_prefix,;t t
+s,@prefix@,$prefix,;t t
+s,@program_transform_name@,$program_transform_name,;t t
+s,@bindir@,$bindir,;t t
+s,@sbindir@,$sbindir,;t t
+s,@libexecdir@,$libexecdir,;t t
+s,@datadir@,$datadir,;t t
+s,@sysconfdir@,$sysconfdir,;t t
+s,@sharedstatedir@,$sharedstatedir,;t t
+s,@localstatedir@,$localstatedir,;t t
+s,@libdir@,$libdir,;t t
+s,@includedir@,$includedir,;t t
+s,@oldincludedir@,$oldincludedir,;t t
+s,@infodir@,$infodir,;t t
+s,@mandir@,$mandir,;t t
+s,@build_alias@,$build_alias,;t t
+s,@host_alias@,$host_alias,;t t
+s,@target_alias@,$target_alias,;t t
+s,@DEFS@,$DEFS,;t t
+s,@ECHO_C@,$ECHO_C,;t t
+s,@ECHO_N@,$ECHO_N,;t t
+s,@ECHO_T@,$ECHO_T,;t t
+s,@LIBS@,$LIBS,;t t
+s,@RANLIB@,$RANLIB,;t t
+s,@ac_ct_RANLIB@,$ac_ct_RANLIB,;t t
+s,@CC@,$CC,;t t
+s,@CFLAGS@,$CFLAGS,;t t
+s,@LDFLAGS@,$LDFLAGS,;t t
+s,@CPPFLAGS@,$CPPFLAGS,;t t
+s,@ac_ct_CC@,$ac_ct_CC,;t t
+s,@EXEEXT@,$EXEEXT,;t t
+s,@OBJEXT@,$OBJEXT,;t t
+s,@INSTALL_PROGRAM@,$INSTALL_PROGRAM,;t t
+s,@INSTALL_SCRIPT@,$INSTALL_SCRIPT,;t t
+s,@INSTALL_DATA@,$INSTALL_DATA,;t t
+s,@RNG_OBJS@,$RNG_OBJS,;t t
+s,@CPP@,$CPP,;t t
+s,@EGREP@,$EGREP,;t t
+s,@build@,$build,;t t
+s,@build_cpu@,$build_cpu,;t t
+s,@build_vendor@,$build_vendor,;t t
+s,@build_os@,$build_os,;t t
+s,@host@,$host,;t t
+s,@host_cpu@,$host_cpu,;t t
+s,@host_vendor@,$host_vendor,;t t
+s,@host_os@,$host_os,;t t
+s,@EXE@,$EXE,;t t
+s,@GDOI_OBJS@,$GDOI_OBJS,;t t
+s,@LIBOBJS@,$LIBOBJS,;t t
+s,@LTLIBOBJS@,$LTLIBOBJS,;t t
+CEOF
+
+_ACEOF
+
+ cat >>$CONFIG_STATUS <<\_ACEOF
+ # Split the substitutions into bite-sized pieces for seds with
+ # small command number limits, like on Digital OSF/1 and HP-UX.
+ ac_max_sed_lines=48
+ ac_sed_frag=1 # Number of current file.
+ ac_beg=1 # First line for current file.
+ ac_end=$ac_max_sed_lines # Line after last line for current file.
+ ac_more_lines=:
+ ac_sed_cmds=
+ while $ac_more_lines; do
+ if test $ac_beg -gt 1; then
+ sed "1,${ac_beg}d; ${ac_end}q" $tmp/subs.sed >$tmp/subs.frag
+ else
+ sed "${ac_end}q" $tmp/subs.sed >$tmp/subs.frag
+ fi
+ if test ! -s $tmp/subs.frag; then
+ ac_more_lines=false
+ else
+ # The purpose of the label and of the branching condition is to
+ # speed up the sed processing (if there are no `@' at all, there
+ # is no need to browse any of the substitutions).
+ # These are the two extra sed commands mentioned above.
+ (echo ':t
+ /@[a-zA-Z_][a-zA-Z_0-9]*@/!b' && cat $tmp/subs.frag) >$tmp/subs-$ac_sed_frag.sed
+ if test -z "$ac_sed_cmds"; then
+ ac_sed_cmds="sed -f $tmp/subs-$ac_sed_frag.sed"
+ else
+ ac_sed_cmds="$ac_sed_cmds | sed -f $tmp/subs-$ac_sed_frag.sed"
+ fi
+ ac_sed_frag=`expr $ac_sed_frag + 1`
+ ac_beg=$ac_end
+ ac_end=`expr $ac_end + $ac_max_sed_lines`
+ fi
+ done
+ if test -z "$ac_sed_cmds"; then
+ ac_sed_cmds=cat
+ fi
+fi # test -n "$CONFIG_FILES"
+
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF
+for ac_file in : $CONFIG_FILES; do test "x$ac_file" = x: && continue
+ # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
+ case $ac_file in
+ - | *:- | *:-:* ) # input from stdin
+ cat >$tmp/stdin
+ ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
+ ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
+ *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
+ ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
+ * ) ac_file_in=$ac_file.in ;;
+ esac
+
+ # Compute @srcdir@, @top_srcdir@, and @INSTALL@ for subdirectories.
+ ac_dir=`(dirname "$ac_file") 2>/dev/null ||
+$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$ac_file" : 'X\(//\)[^/]' \| \
+ X"$ac_file" : 'X\(//\)$' \| \
+ X"$ac_file" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$ac_file" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ { if $as_mkdir_p; then
+ mkdir -p "$ac_dir"
+ else
+ as_dir="$ac_dir"
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5
+echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+ ac_builddir=.
+
+if test "$ac_dir" != .; then
+ ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
+ # A "../" for each directory in $ac_dir_suffix.
+ ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'`
+else
+ ac_dir_suffix= ac_top_builddir=
+fi
+
+case $srcdir in
+ .) # No --srcdir option. We are building in place.
+ ac_srcdir=.
+ if test -z "$ac_top_builddir"; then
+ ac_top_srcdir=.
+ else
+ ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'`
+ fi ;;
+ [\\/]* | ?:[\\/]* ) # Absolute path.
+ ac_srcdir=$srcdir$ac_dir_suffix;
+ ac_top_srcdir=$srcdir ;;
+ *) # Relative path.
+ ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix
+ ac_top_srcdir=$ac_top_builddir$srcdir ;;
+esac
+
+# Do not use `cd foo && pwd` to compute absolute paths, because
+# the directories may not exist.
+case `pwd` in
+.) ac_abs_builddir="$ac_dir";;
+*)
+ case "$ac_dir" in
+ .) ac_abs_builddir=`pwd`;;
+ [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";;
+ *) ac_abs_builddir=`pwd`/"$ac_dir";;
+ esac;;
+esac
+case $ac_abs_builddir in
+.) ac_abs_top_builddir=${ac_top_builddir}.;;
+*)
+ case ${ac_top_builddir}. in
+ .) ac_abs_top_builddir=$ac_abs_builddir;;
+ [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;;
+ *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;;
+ esac;;
+esac
+case $ac_abs_builddir in
+.) ac_abs_srcdir=$ac_srcdir;;
+*)
+ case $ac_srcdir in
+ .) ac_abs_srcdir=$ac_abs_builddir;;
+ [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;;
+ *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;;
+ esac;;
+esac
+case $ac_abs_builddir in
+.) ac_abs_top_srcdir=$ac_top_srcdir;;
+*)
+ case $ac_top_srcdir in
+ .) ac_abs_top_srcdir=$ac_abs_builddir;;
+ [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;;
+ *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;;
+ esac;;
+esac
+
+
+ case $INSTALL in
+ [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;;
+ *) ac_INSTALL=$ac_top_builddir$INSTALL ;;
+ esac
+
+ if test x"$ac_file" != x-; then
+ { echo "$as_me:$LINENO: creating $ac_file" >&5
+echo "$as_me: creating $ac_file" >&6;}
+ rm -f "$ac_file"
+ fi
+ # Let's still pretend it is `configure' which instantiates (i.e., don't
+ # use $as_me), people would be surprised to read:
+ # /* config.h. Generated by config.status. */
+ if test x"$ac_file" = x-; then
+ configure_input=
+ else
+ configure_input="$ac_file. "
+ fi
+ configure_input=$configure_input"Generated from `echo $ac_file_in |
+ sed 's,.*/,,'` by configure."
+
+ # First look for the input files in the build tree, otherwise in the
+ # src tree.
+ ac_file_inputs=`IFS=:
+ for f in $ac_file_in; do
+ case $f in
+ -) echo $tmp/stdin ;;
+ [\\/$]*)
+ # Absolute (can't be DOS-style, as IFS=:)
+ test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
+echo "$as_me: error: cannot find input file: $f" >&2;}
+ { (exit 1); exit 1; }; }
+ echo "$f";;
+ *) # Relative
+ if test -f "$f"; then
+ # Build tree
+ echo "$f"
+ elif test -f "$srcdir/$f"; then
+ # Source tree
+ echo "$srcdir/$f"
+ else
+ # /dev/null tree
+ { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
+echo "$as_me: error: cannot find input file: $f" >&2;}
+ { (exit 1); exit 1; }; }
+ fi;;
+ esac
+ done` || { (exit 1); exit 1; }
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF
+ sed "$ac_vpsub
+$extrasub
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF
+:t
+/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
+s,@configure_input@,$configure_input,;t t
+s,@srcdir@,$ac_srcdir,;t t
+s,@abs_srcdir@,$ac_abs_srcdir,;t t
+s,@top_srcdir@,$ac_top_srcdir,;t t
+s,@abs_top_srcdir@,$ac_abs_top_srcdir,;t t
+s,@builddir@,$ac_builddir,;t t
+s,@abs_builddir@,$ac_abs_builddir,;t t
+s,@top_builddir@,$ac_top_builddir,;t t
+s,@abs_top_builddir@,$ac_abs_top_builddir,;t t
+s,@INSTALL@,$ac_INSTALL,;t t
+" $ac_file_inputs | (eval "$ac_sed_cmds") >$tmp/out
+ rm -f $tmp/stdin
+ if test x"$ac_file" != x-; then
+ mv $tmp/out $ac_file
+ else
+ cat $tmp/out
+ rm -f $tmp/out
+ fi
+
+done
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF
+
+#
+# CONFIG_HEADER section.
+#
+
+# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where
+# NAME is the cpp macro being defined and VALUE is the value it is being given.
+#
+# ac_d sets the value in "#define NAME VALUE" lines.
+ac_dA='s,^\([ ]*\)#\([ ]*define[ ][ ]*\)'
+ac_dB='[ ].*$,\1#\2'
+ac_dC=' '
+ac_dD=',;t'
+# ac_u turns "#undef NAME" without trailing blanks into "#define NAME VALUE".
+ac_uA='s,^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)'
+ac_uB='$,\1#\2define\3'
+ac_uC=' '
+ac_uD=',;t'
+
+for ac_file in : $CONFIG_HEADERS; do test "x$ac_file" = x: && continue
+ # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
+ case $ac_file in
+ - | *:- | *:-:* ) # input from stdin
+ cat >$tmp/stdin
+ ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
+ ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
+ *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
+ ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
+ * ) ac_file_in=$ac_file.in ;;
+ esac
+
+ test x"$ac_file" != x- && { echo "$as_me:$LINENO: creating $ac_file" >&5
+echo "$as_me: creating $ac_file" >&6;}
+
+ # First look for the input files in the build tree, otherwise in the
+ # src tree.
+ ac_file_inputs=`IFS=:
+ for f in $ac_file_in; do
+ case $f in
+ -) echo $tmp/stdin ;;
+ [\\/$]*)
+ # Absolute (can't be DOS-style, as IFS=:)
+ test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
+echo "$as_me: error: cannot find input file: $f" >&2;}
+ { (exit 1); exit 1; }; }
+ # Do quote $f, to prevent DOS paths from being IFS'd.
+ echo "$f";;
+ *) # Relative
+ if test -f "$f"; then
+ # Build tree
+ echo "$f"
+ elif test -f "$srcdir/$f"; then
+ # Source tree
+ echo "$srcdir/$f"
+ else
+ # /dev/null tree
+ { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
+echo "$as_me: error: cannot find input file: $f" >&2;}
+ { (exit 1); exit 1; }; }
+ fi;;
+ esac
+ done` || { (exit 1); exit 1; }
+ # Remove the trailing spaces.
+ sed 's/[ ]*$//' $ac_file_inputs >$tmp/in
+
+_ACEOF
+
+# Transform confdefs.h into two sed scripts, `conftest.defines' and
+# `conftest.undefs', that substitutes the proper values into
+# config.h.in to produce config.h. The first handles `#define'
+# templates, and the second `#undef' templates.
+# And first: Protect against being on the right side of a sed subst in
+# config.status. Protect against being in an unquoted here document
+# in config.status.
+rm -f conftest.defines conftest.undefs
+# Using a here document instead of a string reduces the quoting nightmare.
+# Putting comments in sed scripts is not portable.
+#
+# `end' is used to avoid that the second main sed command (meant for
+# 0-ary CPP macros) applies to n-ary macro definitions.
+# See the Autoconf documentation for `clear'.
+cat >confdef2sed.sed <<\_ACEOF
+s/[\\&,]/\\&/g
+s,[\\$`],\\&,g
+t clear
+: clear
+s,^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*\)\(([^)]*)\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1\2${ac_dC}\3${ac_dD},gp
+t end
+s,^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD},gp
+: end
+_ACEOF
+# If some macros were called several times there might be several times
+# the same #defines, which is useless. Nevertheless, we may not want to
+# sort them, since we want the *last* AC-DEFINE to be honored.
+uniq confdefs.h | sed -n -f confdef2sed.sed >conftest.defines
+sed 's/ac_d/ac_u/g' conftest.defines >conftest.undefs
+rm -f confdef2sed.sed
+
+# This sed command replaces #undef with comments. This is necessary, for
+# example, in the case of _POSIX_SOURCE, which is predefined and required
+# on some systems where configure will not decide to define it.
+cat >>conftest.undefs <<\_ACEOF
+s,^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*,/* & */,
+_ACEOF
+
+# Break up conftest.defines because some shells have a limit on the size
+# of here documents, and old seds have small limits too (100 cmds).
+echo ' # Handle all the #define templates only if necessary.' >>$CONFIG_STATUS
+echo ' if grep "^[ ]*#[ ]*define" $tmp/in >/dev/null; then' >>$CONFIG_STATUS
+echo ' # If there are no defines, we may have an empty if/fi' >>$CONFIG_STATUS
+echo ' :' >>$CONFIG_STATUS
+rm -f conftest.tail
+while grep . conftest.defines >/dev/null
+do
+ # Write a limited-size here document to $tmp/defines.sed.
+ echo ' cat >$tmp/defines.sed <<CEOF' >>$CONFIG_STATUS
+ # Speed up: don't consider the non `#define' lines.
+ echo '/^[ ]*#[ ]*define/!b' >>$CONFIG_STATUS
+ # Work around the forget-to-reset-the-flag bug.
+ echo 't clr' >>$CONFIG_STATUS
+ echo ': clr' >>$CONFIG_STATUS
+ sed ${ac_max_here_lines}q conftest.defines >>$CONFIG_STATUS
+ echo 'CEOF
+ sed -f $tmp/defines.sed $tmp/in >$tmp/out
+ rm -f $tmp/in
+ mv $tmp/out $tmp/in
+' >>$CONFIG_STATUS
+ sed 1,${ac_max_here_lines}d conftest.defines >conftest.tail
+ rm -f conftest.defines
+ mv conftest.tail conftest.defines
+done
+rm -f conftest.defines
+echo ' fi # grep' >>$CONFIG_STATUS
+echo >>$CONFIG_STATUS
+
+# Break up conftest.undefs because some shells have a limit on the size
+# of here documents, and old seds have small limits too (100 cmds).
+echo ' # Handle all the #undef templates' >>$CONFIG_STATUS
+rm -f conftest.tail
+while grep . conftest.undefs >/dev/null
+do
+ # Write a limited-size here document to $tmp/undefs.sed.
+ echo ' cat >$tmp/undefs.sed <<CEOF' >>$CONFIG_STATUS
+ # Speed up: don't consider the non `#undef'
+ echo '/^[ ]*#[ ]*undef/!b' >>$CONFIG_STATUS
+ # Work around the forget-to-reset-the-flag bug.
+ echo 't clr' >>$CONFIG_STATUS
+ echo ': clr' >>$CONFIG_STATUS
+ sed ${ac_max_here_lines}q conftest.undefs >>$CONFIG_STATUS
+ echo 'CEOF
+ sed -f $tmp/undefs.sed $tmp/in >$tmp/out
+ rm -f $tmp/in
+ mv $tmp/out $tmp/in
+' >>$CONFIG_STATUS
+ sed 1,${ac_max_here_lines}d conftest.undefs >conftest.tail
+ rm -f conftest.undefs
+ mv conftest.tail conftest.undefs
+done
+rm -f conftest.undefs
+
+cat >>$CONFIG_STATUS <<\_ACEOF
+ # Let's still pretend it is `configure' which instantiates (i.e., don't
+ # use $as_me), people would be surprised to read:
+ # /* config.h. Generated by config.status. */
+ if test x"$ac_file" = x-; then
+ echo "/* Generated by configure. */" >$tmp/config.h
+ else
+ echo "/* $ac_file. Generated by configure. */" >$tmp/config.h
+ fi
+ cat $tmp/in >>$tmp/config.h
+ rm -f $tmp/in
+ if test x"$ac_file" != x-; then
+ if diff $ac_file $tmp/config.h >/dev/null 2>&1; then
+ { echo "$as_me:$LINENO: $ac_file is unchanged" >&5
+echo "$as_me: $ac_file is unchanged" >&6;}
+ else
+ ac_dir=`(dirname "$ac_file") 2>/dev/null ||
+$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$ac_file" : 'X\(//\)[^/]' \| \
+ X"$ac_file" : 'X\(//\)$' \| \
+ X"$ac_file" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$ac_file" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ { if $as_mkdir_p; then
+ mkdir -p "$ac_dir"
+ else
+ as_dir="$ac_dir"
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5
+echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+ rm -f $ac_file
+ mv $tmp/config.h $ac_file
+ fi
+ else
+ cat $tmp/config.h
+ rm -f $tmp/config.h
+ fi
+done
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF
+
+{ (exit 0); exit 0; }
+_ACEOF
+chmod +x $CONFIG_STATUS
+ac_clean_files=$ac_clean_files_save
+
+
+# configure is writing to config.log, and then calls config.status.
+# config.status does its own redirection, appending to config.log.
+# Unfortunately, on DOS this fails, as config.log is still kept open
+# by configure, so config.status won't be able to write to it; its
+# output is simply discarded. So we exec the FD to /dev/null,
+# effectively closing config.log, so it can be properly (re)opened and
+# appended to by config.status. When coming back to configure, we
+# need to make the FD available again.
+if test "$no_create" != yes; then
+ ac_cs_success=:
+ ac_config_status_args=
+ test "$silent" = yes &&
+ ac_config_status_args="$ac_config_status_args --quiet"
+ exec 5>/dev/null
+ $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false
+ exec 5>>config.log
+ # Use ||, not &&, to avoid exiting from the if with $? = 1, which
+ # would make configure fail if this is the last instruction.
+ $ac_cs_success || { (exit 1); exit 1; }
+fi
+
+
+# This is needed when building outside the source dir.
+{ if $as_mkdir_p; then
+ mkdir -p crypto/ae_xfm
+ else
+ as_dir=crypto/ae_xfm
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/ae_xfm" >&5
+echo "$as_me: error: cannot create directory crypto/ae_xfm" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+{ if $as_mkdir_p; then
+ mkdir -p crypto/cipher
+ else
+ as_dir=crypto/cipher
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/cipher" >&5
+echo "$as_me: error: cannot create directory crypto/cipher" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+{ if $as_mkdir_p; then
+ mkdir -p crypto/hash
+ else
+ as_dir=crypto/hash
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/hash" >&5
+echo "$as_me: error: cannot create directory crypto/hash" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+{ if $as_mkdir_p; then
+ mkdir -p crypto/kernel
+ else
+ as_dir=crypto/kernel
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/kernel" >&5
+echo "$as_me: error: cannot create directory crypto/kernel" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+{ if $as_mkdir_p; then
+ mkdir -p crypto/math
+ else
+ as_dir=crypto/math
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/math" >&5
+echo "$as_me: error: cannot create directory crypto/math" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+{ if $as_mkdir_p; then
+ mkdir -p crypto/replay
+ else
+ as_dir=crypto/replay
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/replay" >&5
+echo "$as_me: error: cannot create directory crypto/replay" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+{ if $as_mkdir_p; then
+ mkdir -p crypto/rng
+ else
+ as_dir=crypto/rng
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/rng" >&5
+echo "$as_me: error: cannot create directory crypto/rng" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+{ if $as_mkdir_p; then
+ mkdir -p crypto/test
+ else
+ as_dir=crypto/test
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/test" >&5
+echo "$as_me: error: cannot create directory crypto/test" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+{ if $as_mkdir_p; then
+ mkdir -p doc
+ else
+ as_dir=doc
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory doc" >&5
+echo "$as_me: error: cannot create directory doc" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+{ if $as_mkdir_p; then
+ mkdir -p srtp
+ else
+ as_dir=srtp
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory srtp" >&5
+echo "$as_me: error: cannot create directory srtp" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+{ if $as_mkdir_p; then
+ mkdir -p tables
+ else
+ as_dir=tables
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory tables" >&5
+echo "$as_me: error: cannot create directory tables" >&2;}
+ { (exit 1); exit 1; }; }; }
+
+{ if $as_mkdir_p; then
+ mkdir -p test
+ else
+ as_dir=test
+ as_dirs=
+ while test ! -d "$as_dir"; do
+ as_dirs="$as_dir $as_dirs"
+ as_dir=`(dirname "$as_dir") 2>/dev/null ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| \
+ . : '\(.\)' 2>/dev/null ||
+echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
+ /^X\(\/\/\)[^/].*/{ s//\1/; q; }
+ /^X\(\/\/\)$/{ s//\1/; q; }
+ /^X\(\/\).*/{ s//\1/; q; }
+ s/.*/./; q'`
+ done
+ test ! -n "$as_dirs" || mkdir $as_dirs
+ fi || { { echo "$as_me:$LINENO: error: cannot create directory test" >&5
+echo "$as_me: error: cannot create directory test" >&2;}
+ { (exit 1); exit 1; }; }; }
+
diff --git a/srtp/configure.in b/srtp/configure.in
new file mode 100644
index 0000000..49aaf8e
--- /dev/null
+++ b/srtp/configure.in
@@ -0,0 +1,206 @@
+dnl Process this file with autoconf to produce a configure script.
+AC_INIT(srtp)
+
+dnl Must come before AC_PROG_CC
+if test -z "$CFLAGS"; then
+ dnl Default value for CFLAGS if not specified.
+ CFLAGS="-Wall -O4 -fexpensive-optimizations -funroll-loops"
+fi
+
+dnl Checks for programs.
+AC_PROG_RANLIB
+AC_PROG_CC
+AC_PROG_INSTALL
+
+
+AC_ARG_ENABLE(kernel-linux,
+ [AS_HELP_STRING([--enable-kernel-linux],
+ [build library to run in Linux kernel context])],
+ [], enable_kernel_linux=no)
+AC_MSG_CHECKING(whether to build for Linux kernel context)
+if test "$enable_kernel_linux" = "yes"; then
+ AC_DEFINE(SRTP_KERNEL, 1,
+ [Define to compile for kernel contexts.])
+ AC_DEFINE(SRTP_KERNEL_LINUX, 1,
+ [Define to compile for Linux kernel context.])
+fi
+AC_MSG_RESULT($enable_kernel_linux)
+
+if test "$cross_compiling" != yes; then
+ dnl Check for /dev/urandom
+ AC_CHECK_FILE(/dev/urandom, DEV_URANDOM=/dev/urandom,
+ [AC_CHECK_FILE(/dev/random, DEV_URANDOM=/dev/random)])
+fi
+
+AC_MSG_CHECKING(which random device to use)
+if test "$enable_kernel_linux" = "yes"; then
+ RNG_OBJS=rand_linux_kernel.o
+ AC_MSG_RESULT([Linux kernel builtin])
+else
+ RNG_OBJS=rand_source.o
+ if test -n "$DEV_URANDOM"; then
+ AC_DEFINE_UNQUOTED(DEV_URANDOM, "$DEV_URANDOM",[Path to random device])
+ AC_MSG_RESULT([$DEV_URANDOM])
+ else
+ AC_MSG_RESULT([standard rand() function...])
+ fi
+fi
+AC_SUBST(RNG_OBJS)
+
+
+dnl Checks for header files.
+AC_HEADER_STDC
+AC_CHECK_HEADERS(stdlib.h)
+AC_CHECK_HEADERS(unistd.h)
+AC_CHECK_HEADERS(byteswap.h)
+AC_CHECK_HEADERS(stdint.h)
+AC_CHECK_HEADERS(sys/uio.h)
+AC_CHECK_HEADERS(inttypes.h)
+AC_CHECK_HEADERS(sys/types.h)
+AC_CHECK_HEADERS(machine/types.h)
+AC_CHECK_HEADERS(sys/int_types.h)
+
+dnl socket() and friends
+AC_CHECK_HEADERS(sys/socket.h netinet/in.h arpa/inet.h)
+AC_CHECK_HEADERS(windows.h, [AC_CHECK_HEADERS(winsock2.h)])
+
+AC_CHECK_HEADERS(syslog.h)
+
+AC_CHECK_TYPES([int8_t,uint8_t,int16_t,uint16_t,int32_t,uint32_t,uint64_t])
+AC_CHECK_SIZEOF(unsigned long)
+AC_CHECK_SIZEOF(unsigned long long)
+
+dnl Checks for typedefs, structures, and compiler characteristics.
+AC_C_CONST
+AC_C_INLINE
+AC_TYPE_SIZE_T
+
+dnl Checks for library functions.
+AC_CHECK_FUNCS(socket inet_aton usleep)
+
+dnl Find socket function if not found yet.
+if test "x$ac_cv_func_socket" = "xno"; then
+ AC_CHECK_LIB(socket, socket)
+ AC_MSG_CHECKING([for socket in -lwsock32])
+ SAVELIBS="$LIBS"
+ LIBS="$LIBS -lwsock32"
+ AC_TRY_LINK([
+#include <winsock2.h>
+],[
+socket(0, 0, 0);
+],
+ ac_cv_func_socket=yes
+ AC_MSG_RESULT(yes),
+ LIBS="$SAVELIBS"
+ AC_MSG_RESULT(no))
+fi
+
+dnl Check the byte order
+AC_C_BIGENDIAN
+
+AC_CANONICAL_HOST
+
+dnl check host_cpu type, set defines appropriately
+case $host_cpu in
+ i*86 )
+ AC_DEFINE(CPU_CISC, 1,
+ [Define if building for a CISC machine (e.g. Intel).])
+ AC_DEFINE(HAVE_X86, 1,
+ [Define to use X86 inlined assembly code]);;
+ * )
+ # CPU_RISC is only supported for big endian machines.
+ if test "$ac_cv_c_bigendian" = "yes"; then
+ AC_DEFINE(CPU_RISC, 1,
+ [Define if building for a RISC machine (assume slow byte access).])
+ else
+ AC_DEFINE(CPU_CISC, 1)
+ fi
+ ;;
+esac
+
+dnl Check if we're on a Windows platform.
+case $host_os in
+ *cygwin*|*mingw* )
+ EXE=.exe;;
+ * ) EXE="";;
+esac
+
+AC_SUBST(EXE) # define executable suffix; this is needed for `make clean'
+
+AC_MSG_CHECKING(whether to compile in debugging)
+AC_ARG_ENABLE(debug,
+ [AS_HELP_STRING([--disable-debug],
+ [do not compile in dynamic debugging system])],
+ [], enable_debug=yes)
+if test "$enable_debug" = "yes"; then
+ AC_DEFINE(ENABLE_DEBUGGING, 1,
+ [Define to compile in dynamic debugging system.])
+fi
+AC_MSG_RESULT($enable_debug)
+
+AC_MSG_CHECKING(whether to use ISMAcryp code)
+AC_ARG_ENABLE(generic-aesicm,
+ [AS_HELP_STRING([--enable-generic-aesicm],
+ [compile in changes for ISMAcryp])],
+ [], enable_generic_aesicm=no)
+if test "$enable_generic_aesicm" = "yes"; then
+ AC_DEFINE(GENERIC_AESICM, 1, [Define this to use ISMAcryp code.])
+fi
+AC_MSG_RESULT($enable_generic_aesicm)
+
+AC_MSG_CHECKING(whether to use syslog for error reporting)
+AC_ARG_ENABLE(syslog,
+ [AS_HELP_STRING([--enable-syslog], [use syslog for error reporting])],
+ [], enable_syslog=no)
+if test "$enable_syslog" = "yes"; then
+ AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog logging.])
+fi
+AC_MSG_RESULT($enable_syslog)
+
+AC_MSG_CHECKING(whether to use stdout for error reporting)
+AC_ARG_ENABLE(stdout,
+ [AS_HELP_STRING([--disable-stdout], [don't use stdout for error reporting])],
+ [], enable_stdout=yes)
+if test "$enable_stdout" = "yes"; then
+ AC_DEFINE(ERR_REPORTING_STDOUT, 1, [Define to use logging to stdout.])
+fi
+AC_MSG_RESULT($enable_stdout)
+
+AC_MSG_CHECKING(whether to use /dev/console for error reporting)
+AC_ARG_ENABLE(console,
+ [AS_HELP_STRING([--enable-console], [use /dev/console for error reporting])],
+ [], enable_console=no)
+if test "$enable_console" = "yes"; then
+ AC_DEFINE(USE_ERR_REPORTING_FILE, 1, [Write errors to this file])
+ AC_DEFINE(ERR_REPORTING_FILE, "/dev/console", [Report errors to this file.])
+fi
+AC_MSG_RESULT($enable_console)
+
+AC_MSG_CHECKING(whether to use GDOI key management)
+AC_ARG_ENABLE(gdoi,
+ [AS_HELP_STRING([--enable-gdoi], [enable GDOI key management])],
+ [], enable_gdoi=no)
+if test "$enable_gdoi" = "yes"; then
+ AC_DEFINE(SRTP_GDOI, 1, [Define to use GDOI.])
+ GDOI_OBJS=gdoi/srtp+gdoi.o
+ AC_SUBST(GDOI_OBJS)
+fi
+AC_MSG_RESULT($enable_gdoi)
+
+AC_CONFIG_HEADER(crypto/include/config.h:config_in.h)
+
+AC_OUTPUT(Makefile crypto/Makefile doc/Makefile)
+
+# This is needed when building outside the source dir.
+AS_MKDIR_P(crypto/ae_xfm)
+AS_MKDIR_P(crypto/cipher)
+AS_MKDIR_P(crypto/hash)
+AS_MKDIR_P(crypto/kernel)
+AS_MKDIR_P(crypto/math)
+AS_MKDIR_P(crypto/replay)
+AS_MKDIR_P(crypto/rng)
+AS_MKDIR_P(crypto/test)
+AS_MKDIR_P(doc)
+AS_MKDIR_P(srtp)
+AS_MKDIR_P(tables)
+AS_MKDIR_P(test)
diff --git a/srtp/crypto/.cvsignore b/srtp/crypto/.cvsignore
new file mode 100644
index 0000000..f3c7a7c
--- /dev/null
+++ b/srtp/crypto/.cvsignore
@@ -0,0 +1 @@
+Makefile
diff --git a/srtp/crypto/CVS/Entries b/srtp/crypto/CVS/Entries
new file mode 100644
index 0000000..42d879b
--- /dev/null
+++ b/srtp/crypto/CVS/Entries
@@ -0,0 +1,12 @@
+/.cvsignore/1.1/Thu Sep 29 13:27:59 2005//
+/Makefile.in/1.5/Mon Oct 3 15:16:37 2005//
+/VERSION/1.1.1.1/Wed Sep 21 22:51:38 2005//
+D/ae_xfm////
+D/cipher////
+D/hash////
+D/include////
+D/kernel////
+D/math////
+D/replay////
+D/rng////
+D/test////
diff --git a/srtp/crypto/CVS/Repository b/srtp/crypto/CVS/Repository
new file mode 100644
index 0000000..3abe7a3
--- /dev/null
+++ b/srtp/crypto/CVS/Repository
@@ -0,0 +1 @@
+srtp/crypto
diff --git a/srtp/crypto/CVS/Root b/srtp/crypto/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/crypto/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/crypto/Makefile b/srtp/crypto/Makefile
new file mode 100644
index 0000000..d7ac61f
--- /dev/null
+++ b/srtp/crypto/Makefile
@@ -0,0 +1,130 @@
+# Makefile for libcryptomodule.a
+#
+# David A. McGrew
+# Cisco Systems, Inc.
+
+srcdir = .
+top_srcdir = ..
+top_builddir = ../
+
+
+CC = gcc
+INCDIR = -Iinclude -I$(srcdir)/include
+DEFS = -DHAVE_CONFIG_H
+CPPFLAGS=
+CFLAGS = -Wall -O4 -fexpensive-optimizations -funroll-loops
+LIBS =
+LDFLAGS = -L.
+COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS)
+CRYPTOLIB = -lcryptomodule
+
+RANLIB = ranlib
+
+# EXE defines the suffix on executables - it's .exe for cygwin, and
+# null on linux, bsd, and OS X and other OSes. we define this so that
+# `make clean` will work on the cygwin platform
+EXE =
+# Random source.
+RNG_OBJS = rand_source.o
+
+ifdef ARCH
+ DEFS += -D$(ARCH)=1
+endif
+
+ifdef sysname
+ DEFS += -D$(sysname)=1
+endif
+
+.PHONY: dummy all runtest clean superclean
+
+dummy : all runtest
+
+# test applications
+
+testapp = test/cipher_driver$(EXE) test/datatypes_driver$(EXE) \
+ test/stat_driver$(EXE) test/sha1_driver$(EXE) \
+ test/kernel_driver$(EXE) test/aes_calc$(EXE) test/rand_gen$(EXE) \
+ test/env$(EXE)
+
+# data values used to test the aes_calc application
+
+k=000102030405060708090a0b0c0d0e0f
+p=00112233445566778899aabbccddeeff
+c=69c4e0d86a7b0430d8cdb78070b4c55a
+
+runtest: libcryptomodule.a $(testapp)
+ test/env$(EXE) # print out information on the build environment
+ @echo "running libcryptomodule test applications..."
+ test `test/aes_calc $k $p` = $c
+ test/cipher_driver$(EXE) -v >/dev/null
+ test/datatypes_driver$(EXE) -v >/dev/null
+ test/stat_driver$(EXE) >/dev/null
+ test/sha1_driver$(EXE) -v >/dev/null
+ test/kernel_driver$(EXE) -v >/dev/null
+ test/rand_gen$(EXE) -n 256 >/dev/null
+ @echo "libcryptomodule test applications passed."
+
+# libcryptomodule.a (the crypto engine)
+
+ciphers = cipher/cipher.o cipher/null_cipher.o \
+ cipher/aes.o cipher/aes_icm.o \
+ cipher/aes_cbc.o
+
+hashes = hash/null_auth.o hash/sha1.o \
+ hash/hmac.o hash/auth.o
+
+math = math/datatypes.o math/stat.o
+
+rng = rng/$(RNG_OBJS) rng/rand_source.o rng/prng.o rng/ctr_prng.o
+
+err = kernel/err.o
+
+kernel = kernel/crypto_kernel.o kernel/alloc.o \
+ kernel/key.o $(rng) $(err)
+
+xfm = ae_xfm/xfm.o
+
+cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(xfm)
+
+# the rule for making object files and test apps
+
+%.o: %.c
+ $(COMPILE) -c $< -o $@
+
+%$(EXE): %.c libcryptomodule.a
+ $(COMPILE) $(LDFLAGS) $< -o $@ $(CRYPTOLIB) $(LIBS)
+
+ifndef AR
+ AR=ar
+endif
+
+# and the crypto module library itself
+
+libcryptomodule.a: $(cryptobj)
+ $(AR) cr libcryptomodule.a $(cryptobj)
+ $(RANLIB) libcryptomodule.a
+
+all: libcryptomodule.a $(testapp)
+
+# housekeeping functions
+
+clean:
+ rm -f libcryptomodule.a
+ rm -f $(testapp) *.o */*.o
+ for a in * .* */*; do if [ -f "$$a~" ] ; then rm $$a~; fi; done;
+ rm -f `find . -name "*.[ch]~*~"`
+ rm -rf latex
+
+superclean: clean
+ rm -f *core TAGS ktrace.out
+
+
+# the target 'package' builds a compressed tar archive of the source code
+
+distname = crypto-$(shell cat VERSION)
+
+package: superclean
+ cd ..; tar cvzf $(distname).tgz crypto/
+
+
+# EOF
diff --git a/srtp/crypto/Makefile.in b/srtp/crypto/Makefile.in
new file mode 100644
index 0000000..c14dba5
--- /dev/null
+++ b/srtp/crypto/Makefile.in
@@ -0,0 +1,130 @@
+# Makefile for libcryptomodule.a
+#
+# David A. McGrew
+# Cisco Systems, Inc.
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+top_builddir = @top_builddir@
+VPATH = @srcdir@
+
+CC = @CC@
+INCDIR = -Iinclude -I$(srcdir)/include
+DEFS = @DEFS@
+CPPFLAGS= @CPPFLAGS@
+CFLAGS = @CFLAGS@
+LIBS = @LIBS@
+LDFLAGS = @LDFLAGS@ -L.
+COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS)
+CRYPTOLIB = -lcryptomodule
+
+RANLIB = @RANLIB@
+
+# EXE defines the suffix on executables - it's .exe for cygwin, and
+# null on linux, bsd, and OS X and other OSes. we define this so that
+# `make clean` will work on the cygwin platform
+EXE = @EXE@
+# Random source.
+RNG_OBJS = @RNG_OBJS@
+
+ifdef ARCH
+ DEFS += -D$(ARCH)=1
+endif
+
+ifdef sysname
+ DEFS += -D$(sysname)=1
+endif
+
+.PHONY: dummy all runtest clean superclean
+
+dummy : all runtest
+
+# test applications
+
+testapp = test/cipher_driver$(EXE) test/datatypes_driver$(EXE) \
+ test/stat_driver$(EXE) test/sha1_driver$(EXE) \
+ test/kernel_driver$(EXE) test/aes_calc$(EXE) test/rand_gen$(EXE) \
+ test/env$(EXE)
+
+# data values used to test the aes_calc application
+
+k=000102030405060708090a0b0c0d0e0f
+p=00112233445566778899aabbccddeeff
+c=69c4e0d86a7b0430d8cdb78070b4c55a
+
+runtest: libcryptomodule.a $(testapp)
+ test/env$(EXE) # print out information on the build environment
+ @echo "running libcryptomodule test applications..."
+ test `test/aes_calc $k $p` = $c
+ test/cipher_driver$(EXE) -v >/dev/null
+ test/datatypes_driver$(EXE) -v >/dev/null
+ test/stat_driver$(EXE) >/dev/null
+ test/sha1_driver$(EXE) -v >/dev/null
+ test/kernel_driver$(EXE) -v >/dev/null
+ test/rand_gen$(EXE) -n 256 >/dev/null
+ @echo "libcryptomodule test applications passed."
+
+# libcryptomodule.a (the crypto engine)
+
+ciphers = cipher/cipher.o cipher/null_cipher.o \
+ cipher/aes.o cipher/aes_icm.o \
+ cipher/aes_cbc.o
+
+hashes = hash/null_auth.o hash/sha1.o \
+ hash/hmac.o hash/auth.o
+
+math = math/datatypes.o math/stat.o
+
+rng = rng/$(RNG_OBJS) rng/rand_source.o rng/prng.o rng/ctr_prng.o
+
+err = kernel/err.o
+
+kernel = kernel/crypto_kernel.o kernel/alloc.o \
+ kernel/key.o $(rng) $(err)
+
+xfm = ae_xfm/xfm.o
+
+cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(xfm)
+
+# the rule for making object files and test apps
+
+%.o: %.c
+ $(COMPILE) -c $< -o $@
+
+%$(EXE): %.c libcryptomodule.a
+ $(COMPILE) $(LDFLAGS) $< -o $@ $(CRYPTOLIB) $(LIBS)
+
+ifndef AR
+ AR=ar
+endif
+
+# and the crypto module library itself
+
+libcryptomodule.a: $(cryptobj)
+ $(AR) cr libcryptomodule.a $(cryptobj)
+ $(RANLIB) libcryptomodule.a
+
+all: libcryptomodule.a $(testapp)
+
+# housekeeping functions
+
+clean:
+ rm -f libcryptomodule.a
+ rm -f $(testapp) *.o */*.o
+ for a in * .* */*; do if [ -f "$$a~" ] ; then rm $$a~; fi; done;
+ rm -f `find . -name "*.[ch]~*~"`
+ rm -rf latex
+
+superclean: clean
+ rm -f *core TAGS ktrace.out
+
+
+# the target 'package' builds a compressed tar archive of the source code
+
+distname = crypto-$(shell cat VERSION)
+
+package: superclean
+ cd ..; tar cvzf $(distname).tgz crypto/
+
+
+# EOF
diff --git a/srtp/crypto/VERSION b/srtp/crypto/VERSION
new file mode 100644
index 0000000..3eefcb9
--- /dev/null
+++ b/srtp/crypto/VERSION
@@ -0,0 +1 @@
+1.0.0
diff --git a/srtp/crypto/ae_xfm/CVS/Entries b/srtp/crypto/ae_xfm/CVS/Entries
new file mode 100644
index 0000000..26c85b0
--- /dev/null
+++ b/srtp/crypto/ae_xfm/CVS/Entries
@@ -0,0 +1,2 @@
+/xfm.c/1.3/Tue Jul 18 19:45:45 2006//
+D
diff --git a/srtp/crypto/ae_xfm/CVS/Repository b/srtp/crypto/ae_xfm/CVS/Repository
new file mode 100644
index 0000000..116e5b3
--- /dev/null
+++ b/srtp/crypto/ae_xfm/CVS/Repository
@@ -0,0 +1 @@
+srtp/crypto/ae_xfm
diff --git a/srtp/crypto/ae_xfm/CVS/Root b/srtp/crypto/ae_xfm/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/crypto/ae_xfm/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/crypto/ae_xfm/xfm.c b/srtp/crypto/ae_xfm/xfm.c
new file mode 100644
index 0000000..f149d46
--- /dev/null
+++ b/srtp/crypto/ae_xfm/xfm.c
@@ -0,0 +1,570 @@
+/*
+ * xfm.c
+ *
+ * Crypto transform implementation
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+#include "cryptoalg.h"
+#include "aes_cbc.h"
+#include "hmac.h"
+#include "crypto_kernel.h" /* for crypto_get_random() */
+
+#define KEY_LEN 16
+#define ENC_KEY_LEN 16
+#define MAC_KEY_LEN 16
+#define IV_LEN 16
+#define TAG_LEN 12
+#define MAX_EXPAND 27
+
+err_status_t
+aes_128_cbc_hmac_sha1_96_func(void *key,
+ void *clear,
+ unsigned clear_len,
+ void *iv,
+ void *opaque,
+ unsigned *opaque_len,
+ void *auth_tag) {
+ aes_cbc_ctx_t aes_ctx;
+ hmac_ctx_t hmac_ctx;
+ unsigned char enc_key[ENC_KEY_LEN];
+ unsigned char mac_key[MAC_KEY_LEN];
+ err_status_t status;
+
+ /* check if we're doing authentication only */
+ if ((iv == NULL) && (opaque == NULL) && (opaque_len == NULL)) {
+
+ /* perform authentication only */
+
+ } else if ((iv == NULL) || (opaque == NULL) || (opaque_len == NULL)) {
+
+ /*
+ * bad parameter - we expect either all three pointers to be NULL,
+ * or none of those pointers to be NULL
+ */
+ return err_status_fail;
+
+ } else {
+
+ /* derive encryption and authentication keys from the input key */
+ status = hmac_init(&hmac_ctx, key, KEY_LEN);
+ if (status) return status;
+ status = hmac_compute(&hmac_ctx, "ENC", 3, ENC_KEY_LEN, enc_key);
+ if (status) return status;
+
+ status = hmac_init(&hmac_ctx, key, KEY_LEN);
+ if (status) return status;
+ status = hmac_compute(&hmac_ctx, "MAC", 3, MAC_KEY_LEN, mac_key);
+ if (status) return status;
+
+
+ /* perform encryption and authentication */
+
+ /* set aes key */
+ status = aes_cbc_context_init(&aes_ctx, key, direction_encrypt);
+ if (status) return status;
+
+ /* set iv */
+ status = crypto_get_random(iv, IV_LEN);
+ if (status) return status;
+ status = aes_cbc_set_iv(&aes_ctx, iv);
+
+ /* encrypt the opaque data */
+ status = aes_cbc_nist_encrypt(&aes_ctx, opaque, opaque_len);
+ if (status) return status;
+
+ /* authenticate clear and opaque data */
+ status = hmac_init(&hmac_ctx, mac_key, MAC_KEY_LEN);
+ if (status) return status;
+
+ status = hmac_start(&hmac_ctx);
+ if (status) return status;
+
+ status = hmac_update(&hmac_ctx, clear, clear_len);
+ if (status) return status;
+
+ status = hmac_compute(&hmac_ctx, opaque, *opaque_len, TAG_LEN, auth_tag);
+ if (status) return status;
+
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+aes_128_cbc_hmac_sha1_96_inv(void *key,
+ void *clear,
+ unsigned clear_len,
+ void *iv,
+ void *opaque,
+ unsigned *opaque_len,
+ void *auth_tag) {
+ aes_cbc_ctx_t aes_ctx;
+ hmac_ctx_t hmac_ctx;
+ unsigned char enc_key[ENC_KEY_LEN];
+ unsigned char mac_key[MAC_KEY_LEN];
+ unsigned char tmp_tag[TAG_LEN];
+ unsigned char *tag = auth_tag;
+ err_status_t status;
+ int i;
+
+ /* check if we're doing authentication only */
+ if ((iv == NULL) && (opaque == NULL) && (opaque_len == NULL)) {
+
+ /* perform authentication only */
+
+ } else if ((iv == NULL) || (opaque == NULL) || (opaque_len == NULL)) {
+
+ /*
+ * bad parameter - we expect either all three pointers to be NULL,
+ * or none of those pointers to be NULL
+ */
+ return err_status_fail;
+
+ } else {
+
+ /* derive encryption and authentication keys from the input key */
+ status = hmac_init(&hmac_ctx, key, KEY_LEN);
+ if (status) return status;
+ status = hmac_compute(&hmac_ctx, "ENC", 3, ENC_KEY_LEN, enc_key);
+ if (status) return status;
+
+ status = hmac_init(&hmac_ctx, key, KEY_LEN);
+ if (status) return status;
+ status = hmac_compute(&hmac_ctx, "MAC", 3, MAC_KEY_LEN, mac_key);
+ if (status) return status;
+
+ /* perform encryption and authentication */
+
+ /* set aes key */
+ status = aes_cbc_context_init(&aes_ctx, key, direction_decrypt);
+ if (status) return status;
+
+ /* set iv */
+ status = rand_source_get_octet_string(iv, IV_LEN);
+ if (status) return status;
+ status = aes_cbc_set_iv(&aes_ctx, iv);
+
+ /* encrypt the opaque data */
+ status = aes_cbc_nist_decrypt(&aes_ctx, opaque, opaque_len);
+ if (status) return status;
+
+ /* authenticate clear and opaque data */
+ status = hmac_init(&hmac_ctx, mac_key, MAC_KEY_LEN);
+ if (status) return status;
+
+ status = hmac_start(&hmac_ctx);
+ if (status) return status;
+
+ status = hmac_update(&hmac_ctx, clear, clear_len);
+ if (status) return status;
+
+ status = hmac_compute(&hmac_ctx, opaque, *opaque_len, TAG_LEN, tmp_tag);
+ if (status) return status;
+
+ /* compare the computed tag with the one provided as input */
+ for (i=0; i < TAG_LEN; i++)
+ if (tmp_tag[i] != tag[i])
+ return err_status_auth_fail;
+
+ }
+
+ return err_status_ok;
+}
+
+
+#define ENC 1
+
+#define DEBUG 0
+
+err_status_t
+aes_128_cbc_hmac_sha1_96_enc(void *key,
+ const void *clear,
+ unsigned clear_len,
+ void *iv,
+ void *opaque,
+ unsigned *opaque_len) {
+ aes_cbc_ctx_t aes_ctx;
+ hmac_ctx_t hmac_ctx;
+ unsigned char enc_key[ENC_KEY_LEN];
+ unsigned char mac_key[MAC_KEY_LEN];
+ unsigned char *auth_tag;
+ err_status_t status;
+
+ /* check if we're doing authentication only */
+ if ((iv == NULL) && (opaque == NULL) && (opaque_len == NULL)) {
+
+ /* perform authentication only */
+
+ } else if ((iv == NULL) || (opaque == NULL) || (opaque_len == NULL)) {
+
+ /*
+ * bad parameter - we expect either all three pointers to be NULL,
+ * or none of those pointers to be NULL
+ */
+ return err_status_fail;
+
+ } else {
+
+#if DEBUG
+ printf("ENC using key %s\n", octet_string_hex_string(key, KEY_LEN));
+#endif
+
+ /* derive encryption and authentication keys from the input key */
+ status = hmac_init(&hmac_ctx, key, KEY_LEN);
+ if (status) return status;
+ status = hmac_compute(&hmac_ctx, "ENC", 3, ENC_KEY_LEN, enc_key);
+ if (status) return status;
+
+ status = hmac_init(&hmac_ctx, key, KEY_LEN);
+ if (status) return status;
+ status = hmac_compute(&hmac_ctx, "MAC", 3, MAC_KEY_LEN, mac_key);
+ if (status) return status;
+
+
+ /* perform encryption and authentication */
+
+ /* set aes key */
+ status = aes_cbc_context_init(&aes_ctx, key, direction_encrypt);
+ if (status) return status;
+
+ /* set iv */
+ status = rand_source_get_octet_string(iv, IV_LEN);
+ if (status) return status;
+ status = aes_cbc_set_iv(&aes_ctx, iv);
+ if (status) return status;
+
+#if DEBUG
+ printf("plaintext len: %d\n", *opaque_len);
+ printf("iv: %s\n", octet_string_hex_string(iv, IV_LEN));
+ printf("plaintext: %s\n", octet_string_hex_string(opaque, *opaque_len));
+#endif
+
+#if ENC
+ /* encrypt the opaque data */
+ status = aes_cbc_nist_encrypt(&aes_ctx, opaque, opaque_len);
+ if (status) return status;
+#endif
+
+#if DEBUG
+ printf("ciphertext len: %d\n", *opaque_len);
+ printf("ciphertext: %s\n", octet_string_hex_string(opaque, *opaque_len));
+#endif
+
+ /*
+ * authenticate clear and opaque data, then write the
+ * authentication tag to the location immediately following the
+ * ciphertext
+ */
+ status = hmac_init(&hmac_ctx, mac_key, MAC_KEY_LEN);
+ if (status) return status;
+
+ status = hmac_start(&hmac_ctx);
+ if (status) return status;
+
+ status = hmac_update(&hmac_ctx, clear, clear_len);
+ if (status) return status;
+#if DEBUG
+ printf("hmac input: %s\n",
+ octet_string_hex_string(clear, clear_len));
+#endif
+ auth_tag = (unsigned char *)opaque;
+ auth_tag += *opaque_len;
+ status = hmac_compute(&hmac_ctx, opaque, *opaque_len, TAG_LEN, auth_tag);
+ if (status) return status;
+#if DEBUG
+ printf("hmac input: %s\n",
+ octet_string_hex_string(opaque, *opaque_len));
+#endif
+ /* bump up the opaque_len to reflect the authentication tag */
+ *opaque_len += TAG_LEN;
+
+#if DEBUG
+ printf("prot data len: %d\n", *opaque_len);
+ printf("prot data: %s\n", octet_string_hex_string(opaque, *opaque_len));
+#endif
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+aes_128_cbc_hmac_sha1_96_dec(void *key,
+ const void *clear,
+ unsigned clear_len,
+ void *iv,
+ void *opaque,
+ unsigned *opaque_len) {
+ aes_cbc_ctx_t aes_ctx;
+ hmac_ctx_t hmac_ctx;
+ unsigned char enc_key[ENC_KEY_LEN];
+ unsigned char mac_key[MAC_KEY_LEN];
+ unsigned char tmp_tag[TAG_LEN];
+ unsigned char *auth_tag;
+ unsigned ciphertext_len;
+ err_status_t status;
+ int i;
+
+ /* check if we're doing authentication only */
+ if ((iv == NULL) && (opaque == NULL) && (opaque_len == NULL)) {
+
+ /* perform authentication only */
+
+ } else if ((iv == NULL) || (opaque == NULL) || (opaque_len == NULL)) {
+
+ /*
+ * bad parameter - we expect either all three pointers to be NULL,
+ * or none of those pointers to be NULL
+ */
+ return err_status_fail;
+
+ } else {
+#if DEBUG
+ printf("DEC using key %s\n", octet_string_hex_string(key, KEY_LEN));
+#endif
+
+ /* derive encryption and authentication keys from the input key */
+ status = hmac_init(&hmac_ctx, key, KEY_LEN);
+ if (status) return status;
+ status = hmac_compute(&hmac_ctx, "ENC", 3, ENC_KEY_LEN, enc_key);
+ if (status) return status;
+
+ status = hmac_init(&hmac_ctx, key, KEY_LEN);
+ if (status) return status;
+ status = hmac_compute(&hmac_ctx, "MAC", 3, MAC_KEY_LEN, mac_key);
+ if (status) return status;
+
+#if DEBUG
+ printf("prot data len: %d\n", *opaque_len);
+ printf("prot data: %s\n", octet_string_hex_string(opaque, *opaque_len));
+#endif
+
+ /*
+ * set the protected data length to that of the ciphertext, by
+ * subtracting out the length of the authentication tag
+ */
+ ciphertext_len = *opaque_len - TAG_LEN;
+
+#if DEBUG
+ printf("ciphertext len: %d\n", ciphertext_len);
+#endif
+ /* verify the authentication tag */
+
+ /*
+ * compute the authentication tag for the clear and opaque data,
+ * and write it to a temporary location
+ */
+ status = hmac_init(&hmac_ctx, mac_key, MAC_KEY_LEN);
+ if (status) return status;
+
+ status = hmac_start(&hmac_ctx);
+ if (status) return status;
+
+ status = hmac_update(&hmac_ctx, clear, clear_len);
+ if (status) return status;
+
+#if DEBUG
+ printf("hmac input: %s\n",
+ octet_string_hex_string(clear, clear_len));
+#endif
+
+ status = hmac_compute(&hmac_ctx, opaque, ciphertext_len, TAG_LEN, tmp_tag);
+ if (status) return status;
+
+#if DEBUG
+ printf("hmac input: %s\n",
+ octet_string_hex_string(opaque, ciphertext_len));
+#endif
+
+ /*
+ * compare the computed tag with the one provided as input (which
+ * immediately follows the ciphertext)
+ */
+ auth_tag = (unsigned char *)opaque;
+ auth_tag += ciphertext_len;
+#if DEBUG
+ printf("auth_tag: %s\n", octet_string_hex_string(auth_tag, TAG_LEN));
+ printf("tmp_tag: %s\n", octet_string_hex_string(tmp_tag, TAG_LEN));
+#endif
+ for (i=0; i < TAG_LEN; i++) {
+ if (tmp_tag[i] != auth_tag[i])
+ return err_status_auth_fail;
+ }
+
+ /* bump down the opaque_len to reflect the authentication tag */
+ *opaque_len -= TAG_LEN;
+
+ /* decrypt the confidential data */
+ status = aes_cbc_context_init(&aes_ctx, key, direction_decrypt);
+ if (status) return status;
+ status = aes_cbc_set_iv(&aes_ctx, iv);
+ if (status) return status;
+
+#if DEBUG
+ printf("ciphertext: %s\n", octet_string_hex_string(opaque, *opaque_len));
+ printf("iv: %s\n", octet_string_hex_string(iv, IV_LEN));
+#endif
+
+#if ENC
+ status = aes_cbc_nist_decrypt(&aes_ctx, opaque, &ciphertext_len);
+ if (status) return status;
+#endif
+
+#if DEBUG
+ printf("plaintext len: %d\n", ciphertext_len);
+ printf("plaintext: %s\n",
+ octet_string_hex_string(opaque, ciphertext_len));
+#endif
+
+ /* indicate the length of the plaintext */
+ *opaque_len = ciphertext_len;
+ }
+
+ return err_status_ok;
+}
+
+cryptoalg_ctx_t cryptoalg_ctx = {
+ aes_128_cbc_hmac_sha1_96_enc,
+ aes_128_cbc_hmac_sha1_96_dec,
+ KEY_LEN,
+ IV_LEN,
+ TAG_LEN,
+ MAX_EXPAND,
+};
+
+cryptoalg_t cryptoalg = &cryptoalg_ctx;
+
+#define NULL_TAG_LEN 12
+
+err_status_t
+null_enc(void *key,
+ const void *clear,
+ unsigned clear_len,
+ void *iv,
+ void *opaque,
+ unsigned *opaque_len) {
+ int i;
+ unsigned char *auth_tag;
+ unsigned char *init_vec = iv;
+
+ /* check if we're doing authentication only */
+ if ((iv == NULL) && (opaque == NULL) && (opaque_len == NULL)) {
+
+ /* perform authentication only */
+
+ } else if ((iv == NULL) || (opaque == NULL) || (opaque_len == NULL)) {
+
+ /*
+ * bad parameter - we expect either all three pointers to be NULL,
+ * or none of those pointers to be NULL
+ */
+ return err_status_fail;
+
+ } else {
+
+#if DEBUG
+ printf("NULL ENC using key %s\n", octet_string_hex_string(key, KEY_LEN));
+ printf("NULL_TAG_LEN: %d\n", NULL_TAG_LEN);
+ printf("plaintext len: %d\n", *opaque_len);
+#endif
+ for (i=0; i < IV_LEN; i++)
+ init_vec[i] = i + (i * 16);
+#if DEBUG
+ printf("iv: %s\n",
+ octet_string_hex_string(iv, IV_LEN));
+ printf("plaintext: %s\n",
+ octet_string_hex_string(opaque, *opaque_len));
+#endif
+ auth_tag = opaque;
+ auth_tag += *opaque_len;
+ for (i=0; i < NULL_TAG_LEN; i++)
+ auth_tag[i] = i + (i * 16);
+ *opaque_len += NULL_TAG_LEN;
+#if DEBUG
+ printf("protected data len: %d\n", *opaque_len);
+ printf("protected data: %s\n",
+ octet_string_hex_string(opaque, *opaque_len));
+#endif
+
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+null_dec(void *key,
+ const void *clear,
+ unsigned clear_len,
+ void *iv,
+ void *opaque,
+ unsigned *opaque_len) {
+ unsigned char *auth_tag;
+
+ /* check if we're doing authentication only */
+ if ((iv == NULL) && (opaque == NULL) && (opaque_len == NULL)) {
+
+ /* perform authentication only */
+
+ } else if ((iv == NULL) || (opaque == NULL) || (opaque_len == NULL)) {
+
+ /*
+ * bad parameter - we expect either all three pointers to be NULL,
+ * or none of those pointers to be NULL
+ */
+ return err_status_fail;
+
+ } else {
+
+#if DEBUG
+ printf("NULL DEC using key %s\n", octet_string_hex_string(key, KEY_LEN));
+
+ printf("protected data len: %d\n", *opaque_len);
+ printf("protected data: %s\n",
+ octet_string_hex_string(opaque, *opaque_len));
+#endif
+ auth_tag = opaque;
+ auth_tag += (*opaque_len - NULL_TAG_LEN);
+#if DEBUG
+ printf("iv: %s\n", octet_string_hex_string(iv, IV_LEN));
+#endif
+ *opaque_len -= NULL_TAG_LEN;
+#if DEBUG
+ printf("plaintext len: %d\n", *opaque_len);
+ printf("plaintext: %s\n",
+ octet_string_hex_string(opaque, *opaque_len));
+#endif
+ }
+
+ return err_status_ok;
+}
+
+cryptoalg_ctx_t null_cryptoalg_ctx = {
+ null_enc,
+ null_dec,
+ KEY_LEN,
+ IV_LEN,
+ NULL_TAG_LEN,
+ MAX_EXPAND,
+};
+
+cryptoalg_t null_cryptoalg = &null_cryptoalg_ctx;
+
+int
+cryptoalg_get_id(cryptoalg_t c) {
+ if (c == cryptoalg)
+ return 1;
+ return 0;
+}
+
+cryptoalg_t
+cryptoalg_find_by_id(int id) {
+ switch(id) {
+ case 1:
+ return cryptoalg;
+ default:
+ break;
+ }
+ return 0;
+}
diff --git a/srtp/crypto/cipher/CVS/Entries b/srtp/crypto/cipher/CVS/Entries
new file mode 100644
index 0000000..c48bc3f
--- /dev/null
+++ b/srtp/crypto/cipher/CVS/Entries
@@ -0,0 +1,6 @@
+/aes.c/1.10/Wed Jul 12 22:22:08 2006//
+/aes_cbc.c/1.7/Wed Jul 12 22:22:08 2006//
+/aes_icm.c/1.14/Tue Jul 18 19:45:46 2006//
+/cipher.c/1.7/Wed Jul 12 22:22:08 2006//
+/null_cipher.c/1.4/Wed Jul 12 22:22:08 2006//
+D
diff --git a/srtp/crypto/cipher/CVS/Repository b/srtp/crypto/cipher/CVS/Repository
new file mode 100644
index 0000000..06fe3bc
--- /dev/null
+++ b/srtp/crypto/cipher/CVS/Repository
@@ -0,0 +1 @@
+srtp/crypto/cipher
diff --git a/srtp/crypto/cipher/CVS/Root b/srtp/crypto/cipher/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/crypto/cipher/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/crypto/cipher/aes.c b/srtp/crypto/cipher/aes.c
new file mode 100644
index 0000000..f1286c3
--- /dev/null
+++ b/srtp/crypto/cipher/aes.c
@@ -0,0 +1,1951 @@
+/*
+ * aes.c
+ *
+ * An implemnetation of the AES block cipher.
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "aes.h"
+#include "err.h"
+
+/*
+ * we use the tables T0, T1, T2, T3, and T4 to compute AES, and
+ * the tables U0, U1, U2, and U4 to compute its inverse
+ *
+ * different tables are used on little-endian (Intel, VMS) and
+ * big-endian processors (everything else)
+ *
+ * these tables are computed using the program tables/aes_tables; use
+ * this program to generate different tables for porting or
+ * optimization on a different platform
+ */
+
+#ifndef WORDS_BIGENDIAN
+
+static uint32_t T0[256] = {
+ 0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6,
+ 0xdf2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591,
+ 0x50303060, 0x3010102, 0xa96767ce, 0x7d2b2b56,
+ 0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec,
+ 0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa,
+ 0x15fafaef, 0xeb5959b2, 0xc947478e, 0xbf0f0fb,
+ 0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45,
+ 0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b,
+ 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c,
+ 0x5a36366c, 0x413f3f7e, 0x2f7f7f5, 0x4fcccc83,
+ 0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x8f1f1f9,
+ 0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a,
+ 0xc040408, 0x52c7c795, 0x65232346, 0x5ec3c39d,
+ 0x28181830, 0xa1969637, 0xf05050a, 0xb59a9a2f,
+ 0x907070e, 0x36121224, 0x9b80801b, 0x3de2e2df,
+ 0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea,
+ 0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34,
+ 0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b,
+ 0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d,
+ 0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413,
+ 0xf55353a6, 0x68d1d1b9, 0x0, 0x2cededc1,
+ 0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6,
+ 0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972,
+ 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85,
+ 0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed,
+ 0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511,
+ 0xcf45458a, 0x10f9f9e9, 0x6020204, 0x817f7ffe,
+ 0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b,
+ 0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05,
+ 0xad92923f, 0xbc9d9d21, 0x48383870, 0x4f5f5f1,
+ 0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142,
+ 0x30101020, 0x1affffe5, 0xef3f3fd, 0x6dd2d2bf,
+ 0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3,
+ 0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e,
+ 0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a,
+ 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6,
+ 0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3,
+ 0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b,
+ 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428,
+ 0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad,
+ 0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14,
+ 0xdb494992, 0xa06060c, 0x6c242448, 0xe45c5cb8,
+ 0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4,
+ 0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2,
+ 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda,
+ 0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949,
+ 0xb46c6cd8, 0xfa5656ac, 0x7f4f4f3, 0x25eaeacf,
+ 0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810,
+ 0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c,
+ 0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697,
+ 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e,
+ 0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f,
+ 0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc,
+ 0xd8484890, 0x5030306, 0x1f6f6f7, 0x120e0e1c,
+ 0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969,
+ 0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27,
+ 0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122,
+ 0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433,
+ 0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9,
+ 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5,
+ 0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a,
+ 0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0,
+ 0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e,
+ 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c,
+};
+
+static uint32_t T1[256] = {
+ 0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d,
+ 0xf2f2ff0d, 0x6b6bd6bd, 0x6f6fdeb1, 0xc5c59154,
+ 0x30306050, 0x1010203, 0x6767cea9, 0x2b2b567d,
+ 0xfefee719, 0xd7d7b562, 0xabab4de6, 0x7676ec9a,
+ 0xcaca8f45, 0x82821f9d, 0xc9c98940, 0x7d7dfa87,
+ 0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b,
+ 0xadad41ec, 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea,
+ 0x9c9c23bf, 0xa4a453f7, 0x7272e496, 0xc0c09b5b,
+ 0xb7b775c2, 0xfdfde11c, 0x93933dae, 0x26264c6a,
+ 0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f,
+ 0x3434685c, 0xa5a551f4, 0xe5e5d134, 0xf1f1f908,
+ 0x7171e293, 0xd8d8ab73, 0x31316253, 0x15152a3f,
+ 0x404080c, 0xc7c79552, 0x23234665, 0xc3c39d5e,
+ 0x18183028, 0x969637a1, 0x5050a0f, 0x9a9a2fb5,
+ 0x7070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d,
+ 0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f,
+ 0x909121b, 0x83831d9e, 0x2c2c5874, 0x1a1a342e,
+ 0x1b1b362d, 0x6e6edcb2, 0x5a5ab4ee, 0xa0a05bfb,
+ 0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 0xb3b37dce,
+ 0x2929527b, 0xe3e3dd3e, 0x2f2f5e71, 0x84841397,
+ 0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c,
+ 0x20204060, 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed,
+ 0x6a6ad4be, 0xcbcb8d46, 0xbebe67d9, 0x3939724b,
+ 0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 0xcfcf854a,
+ 0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16,
+ 0x434386c5, 0x4d4d9ad7, 0x33336655, 0x85851194,
+ 0x45458acf, 0xf9f9e910, 0x2020406, 0x7f7ffe81,
+ 0x5050a0f0, 0x3c3c7844, 0x9f9f25ba, 0xa8a84be3,
+ 0x5151a2f3, 0xa3a35dfe, 0x404080c0, 0x8f8f058a,
+ 0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104,
+ 0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263,
+ 0x10102030, 0xffffe51a, 0xf3f3fd0e, 0xd2d2bf6d,
+ 0xcdcd814c, 0xc0c1814, 0x13132635, 0xececc32f,
+ 0x5f5fbee1, 0x979735a2, 0x444488cc, 0x17172e39,
+ 0xc4c49357, 0xa7a755f2, 0x7e7efc82, 0x3d3d7a47,
+ 0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695,
+ 0x6060c0a0, 0x81811998, 0x4f4f9ed1, 0xdcdca37f,
+ 0x22224466, 0x2a2a547e, 0x90903bab, 0x88880b83,
+ 0x46468cca, 0xeeeec729, 0xb8b86bd3, 0x1414283c,
+ 0xdedea779, 0x5e5ebce2, 0xb0b161d, 0xdbdbad76,
+ 0xe0e0db3b, 0x32326456, 0x3a3a744e, 0xa0a141e,
+ 0x494992db, 0x6060c0a, 0x2424486c, 0x5c5cb8e4,
+ 0xc2c29f5d, 0xd3d3bd6e, 0xacac43ef, 0x6262c4a6,
+ 0x919139a8, 0x959531a4, 0xe4e4d337, 0x7979f28b,
+ 0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7,
+ 0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0,
+ 0x6c6cd8b4, 0x5656acfa, 0xf4f4f307, 0xeaeacf25,
+ 0x6565caaf, 0x7a7af48e, 0xaeae47e9, 0x8081018,
+ 0xbaba6fd5, 0x7878f088, 0x25254a6f, 0x2e2e5c72,
+ 0x1c1c3824, 0xa6a657f1, 0xb4b473c7, 0xc6c69751,
+ 0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21,
+ 0x4b4b96dd, 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85,
+ 0x7070e090, 0x3e3e7c42, 0xb5b571c4, 0x6666ccaa,
+ 0x484890d8, 0x3030605, 0xf6f6f701, 0xe0e1c12,
+ 0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0,
+ 0x86861791, 0xc1c19958, 0x1d1d3a27, 0x9e9e27b9,
+ 0xe1e1d938, 0xf8f8eb13, 0x98982bb3, 0x11112233,
+ 0x6969d2bb, 0xd9d9a970, 0x8e8e0789, 0x949433a7,
+ 0x9b9b2db6, 0x1e1e3c22, 0x87871592, 0xe9e9c920,
+ 0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a,
+ 0x8c8c038f, 0xa1a159f8, 0x89890980, 0xd0d1a17,
+ 0xbfbf65da, 0xe6e6d731, 0x424284c6, 0x6868d0b8,
+ 0x414182c3, 0x999929b0, 0x2d2d5a77, 0xf0f1e11,
+ 0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a,
+};
+
+static uint32_t T2[256] = {
+ 0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b,
+ 0xf2ff0df2, 0x6bd6bd6b, 0x6fdeb16f, 0xc59154c5,
+ 0x30605030, 0x1020301, 0x67cea967, 0x2b567d2b,
+ 0xfee719fe, 0xd7b562d7, 0xab4de6ab, 0x76ec9a76,
+ 0xca8f45ca, 0x821f9d82, 0xc98940c9, 0x7dfa877d,
+ 0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0,
+ 0xad41ecad, 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf,
+ 0x9c23bf9c, 0xa453f7a4, 0x72e49672, 0xc09b5bc0,
+ 0xb775c2b7, 0xfde11cfd, 0x933dae93, 0x264c6a26,
+ 0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc,
+ 0x34685c34, 0xa551f4a5, 0xe5d134e5, 0xf1f908f1,
+ 0x71e29371, 0xd8ab73d8, 0x31625331, 0x152a3f15,
+ 0x4080c04, 0xc79552c7, 0x23466523, 0xc39d5ec3,
+ 0x18302818, 0x9637a196, 0x50a0f05, 0x9a2fb59a,
+ 0x70e0907, 0x12243612, 0x801b9b80, 0xe2df3de2,
+ 0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75,
+ 0x9121b09, 0x831d9e83, 0x2c58742c, 0x1a342e1a,
+ 0x1b362d1b, 0x6edcb26e, 0x5ab4ee5a, 0xa05bfba0,
+ 0x52a4f652, 0x3b764d3b, 0xd6b761d6, 0xb37dceb3,
+ 0x29527b29, 0xe3dd3ee3, 0x2f5e712f, 0x84139784,
+ 0x53a6f553, 0xd1b968d1, 0x0, 0xedc12ced,
+ 0x20406020, 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b,
+ 0x6ad4be6a, 0xcb8d46cb, 0xbe67d9be, 0x39724b39,
+ 0x4a94de4a, 0x4c98d44c, 0x58b0e858, 0xcf854acf,
+ 0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb,
+ 0x4386c543, 0x4d9ad74d, 0x33665533, 0x85119485,
+ 0x458acf45, 0xf9e910f9, 0x2040602, 0x7ffe817f,
+ 0x50a0f050, 0x3c78443c, 0x9f25ba9f, 0xa84be3a8,
+ 0x51a2f351, 0xa35dfea3, 0x4080c040, 0x8f058a8f,
+ 0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5,
+ 0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321,
+ 0x10203010, 0xffe51aff, 0xf3fd0ef3, 0xd2bf6dd2,
+ 0xcd814ccd, 0xc18140c, 0x13263513, 0xecc32fec,
+ 0x5fbee15f, 0x9735a297, 0x4488cc44, 0x172e3917,
+ 0xc49357c4, 0xa755f2a7, 0x7efc827e, 0x3d7a473d,
+ 0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573,
+ 0x60c0a060, 0x81199881, 0x4f9ed14f, 0xdca37fdc,
+ 0x22446622, 0x2a547e2a, 0x903bab90, 0x880b8388,
+ 0x468cca46, 0xeec729ee, 0xb86bd3b8, 0x14283c14,
+ 0xdea779de, 0x5ebce25e, 0xb161d0b, 0xdbad76db,
+ 0xe0db3be0, 0x32645632, 0x3a744e3a, 0xa141e0a,
+ 0x4992db49, 0x60c0a06, 0x24486c24, 0x5cb8e45c,
+ 0xc29f5dc2, 0xd3bd6ed3, 0xac43efac, 0x62c4a662,
+ 0x9139a891, 0x9531a495, 0xe4d337e4, 0x79f28b79,
+ 0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d,
+ 0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9,
+ 0x6cd8b46c, 0x56acfa56, 0xf4f307f4, 0xeacf25ea,
+ 0x65caaf65, 0x7af48e7a, 0xae47e9ae, 0x8101808,
+ 0xba6fd5ba, 0x78f08878, 0x254a6f25, 0x2e5c722e,
+ 0x1c38241c, 0xa657f1a6, 0xb473c7b4, 0xc69751c6,
+ 0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f,
+ 0x4b96dd4b, 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a,
+ 0x70e09070, 0x3e7c423e, 0xb571c4b5, 0x66ccaa66,
+ 0x4890d848, 0x3060503, 0xf6f701f6, 0xe1c120e,
+ 0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9,
+ 0x86179186, 0xc19958c1, 0x1d3a271d, 0x9e27b99e,
+ 0xe1d938e1, 0xf8eb13f8, 0x982bb398, 0x11223311,
+ 0x69d2bb69, 0xd9a970d9, 0x8e07898e, 0x9433a794,
+ 0x9b2db69b, 0x1e3c221e, 0x87159287, 0xe9c920e9,
+ 0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf,
+ 0x8c038f8c, 0xa159f8a1, 0x89098089, 0xd1a170d,
+ 0xbf65dabf, 0xe6d731e6, 0x4284c642, 0x68d0b868,
+ 0x4182c341, 0x9929b099, 0x2d5a772d, 0xf1e110f,
+ 0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16,
+};
+
+static uint32_t T3[256] = {
+ 0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b,
+ 0xff0df2f2, 0xd6bd6b6b, 0xdeb16f6f, 0x9154c5c5,
+ 0x60503030, 0x2030101, 0xcea96767, 0x567d2b2b,
+ 0xe719fefe, 0xb562d7d7, 0x4de6abab, 0xec9a7676,
+ 0x8f45caca, 0x1f9d8282, 0x8940c9c9, 0xfa877d7d,
+ 0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0,
+ 0x41ecadad, 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf,
+ 0x23bf9c9c, 0x53f7a4a4, 0xe4967272, 0x9b5bc0c0,
+ 0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 0x4c6a2626,
+ 0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc,
+ 0x685c3434, 0x51f4a5a5, 0xd134e5e5, 0xf908f1f1,
+ 0xe2937171, 0xab73d8d8, 0x62533131, 0x2a3f1515,
+ 0x80c0404, 0x9552c7c7, 0x46652323, 0x9d5ec3c3,
+ 0x30281818, 0x37a19696, 0xa0f0505, 0x2fb59a9a,
+ 0xe090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2,
+ 0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575,
+ 0x121b0909, 0x1d9e8383, 0x58742c2c, 0x342e1a1a,
+ 0x362d1b1b, 0xdcb26e6e, 0xb4ee5a5a, 0x5bfba0a0,
+ 0xa4f65252, 0x764d3b3b, 0xb761d6d6, 0x7dceb3b3,
+ 0x527b2929, 0xdd3ee3e3, 0x5e712f2f, 0x13978484,
+ 0xa6f55353, 0xb968d1d1, 0x0, 0xc12ceded,
+ 0x40602020, 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b,
+ 0xd4be6a6a, 0x8d46cbcb, 0x67d9bebe, 0x724b3939,
+ 0x94de4a4a, 0x98d44c4c, 0xb0e85858, 0x854acfcf,
+ 0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb,
+ 0x86c54343, 0x9ad74d4d, 0x66553333, 0x11948585,
+ 0x8acf4545, 0xe910f9f9, 0x4060202, 0xfe817f7f,
+ 0xa0f05050, 0x78443c3c, 0x25ba9f9f, 0x4be3a8a8,
+ 0xa2f35151, 0x5dfea3a3, 0x80c04040, 0x58a8f8f,
+ 0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5,
+ 0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121,
+ 0x20301010, 0xe51affff, 0xfd0ef3f3, 0xbf6dd2d2,
+ 0x814ccdcd, 0x18140c0c, 0x26351313, 0xc32fecec,
+ 0xbee15f5f, 0x35a29797, 0x88cc4444, 0x2e391717,
+ 0x9357c4c4, 0x55f2a7a7, 0xfc827e7e, 0x7a473d3d,
+ 0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373,
+ 0xc0a06060, 0x19988181, 0x9ed14f4f, 0xa37fdcdc,
+ 0x44662222, 0x547e2a2a, 0x3bab9090, 0xb838888,
+ 0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 0x283c1414,
+ 0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb,
+ 0xdb3be0e0, 0x64563232, 0x744e3a3a, 0x141e0a0a,
+ 0x92db4949, 0xc0a0606, 0x486c2424, 0xb8e45c5c,
+ 0x9f5dc2c2, 0xbd6ed3d3, 0x43efacac, 0xc4a66262,
+ 0x39a89191, 0x31a49595, 0xd337e4e4, 0xf28b7979,
+ 0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d,
+ 0x18c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9,
+ 0xd8b46c6c, 0xacfa5656, 0xf307f4f4, 0xcf25eaea,
+ 0xcaaf6565, 0xf48e7a7a, 0x47e9aeae, 0x10180808,
+ 0x6fd5baba, 0xf0887878, 0x4a6f2525, 0x5c722e2e,
+ 0x38241c1c, 0x57f1a6a6, 0x73c7b4b4, 0x9751c6c6,
+ 0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f,
+ 0x96dd4b4b, 0x61dcbdbd, 0xd868b8b, 0xf858a8a,
+ 0xe0907070, 0x7c423e3e, 0x71c4b5b5, 0xccaa6666,
+ 0x90d84848, 0x6050303, 0xf701f6f6, 0x1c120e0e,
+ 0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9,
+ 0x17918686, 0x9958c1c1, 0x3a271d1d, 0x27b99e9e,
+ 0xd938e1e1, 0xeb13f8f8, 0x2bb39898, 0x22331111,
+ 0xd2bb6969, 0xa970d9d9, 0x7898e8e, 0x33a79494,
+ 0x2db69b9b, 0x3c221e1e, 0x15928787, 0xc920e9e9,
+ 0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf,
+ 0x38f8c8c, 0x59f8a1a1, 0x9808989, 0x1a170d0d,
+ 0x65dabfbf, 0xd731e6e6, 0x84c64242, 0xd0b86868,
+ 0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f,
+ 0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616,
+};
+
+static uint32_t U0[256] = {
+ 0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a,
+ 0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b,
+ 0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5,
+ 0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5,
+ 0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d,
+ 0x2752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b,
+ 0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295,
+ 0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e,
+ 0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927,
+ 0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d,
+ 0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362,
+ 0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9,
+ 0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52,
+ 0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566,
+ 0x728ebb2, 0x3c2b52f, 0x9a7bc586, 0xa50837d3,
+ 0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed,
+ 0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e,
+ 0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4,
+ 0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4,
+ 0x39ec830b, 0xaaef6040, 0x69f715e, 0x51106ebd,
+ 0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d,
+ 0xb58d5491, 0x55dc471, 0x6fd40604, 0xff155060,
+ 0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967,
+ 0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879,
+ 0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x0,
+ 0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c,
+ 0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36,
+ 0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624,
+ 0xb1670a0c, 0xfe75793, 0xd296eeb4, 0x9e919b1b,
+ 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c,
+ 0xaba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12,
+ 0xb0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14,
+ 0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3,
+ 0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b,
+ 0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8,
+ 0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684,
+ 0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7,
+ 0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177,
+ 0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947,
+ 0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322,
+ 0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498,
+ 0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f,
+ 0xe49d3a2c, 0xd927850, 0x9bcc5f6a, 0x62467e54,
+ 0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382,
+ 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf,
+ 0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb,
+ 0x97826cd, 0xf418596e, 0x1b79aec, 0xa89a4f83,
+ 0x656e95e6, 0x7ee6ffaa, 0x8cfbc21, 0xe6e815ef,
+ 0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029,
+ 0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235,
+ 0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733,
+ 0x4a9804f1, 0xf7daec41, 0xe50cd7f, 0x2ff69117,
+ 0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4,
+ 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546,
+ 0x4ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb,
+ 0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d,
+ 0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb,
+ 0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a,
+ 0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773,
+ 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478,
+ 0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2,
+ 0x72c31d16, 0xc25e2bc, 0x8b493c28, 0x41950dff,
+ 0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664,
+ 0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0,
+};
+
+static uint32_t U1[256] = {
+ 0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96,
+ 0x6bab3bcb, 0x459d1ff1, 0x58faacab, 0x3e34b93,
+ 0xfa302055, 0x6d76adf6, 0x76cc8891, 0x4c02f525,
+ 0xd7e54ffc, 0xcb2ac5d7, 0x44352680, 0xa362b58f,
+ 0x5ab1de49, 0x1bba2567, 0xeea4598, 0xc0fe5de1,
+ 0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6,
+ 0x5f8f03e7, 0x9c921595, 0x7a6dbfeb, 0x595295da,
+ 0x83bed42d, 0x217458d3, 0x69e04929, 0xc8c98e44,
+ 0x89c2756a, 0x798ef478, 0x3e58996b, 0x71b927dd,
+ 0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4,
+ 0x4adf6318, 0x311ae582, 0x33519760, 0x7f536245,
+ 0x7764b1e0, 0xae6bbb84, 0xa081fe1c, 0x2b08f994,
+ 0x68487058, 0xfd458f19, 0x6cde9487, 0xf87b52b7,
+ 0xd373ab23, 0x24b72e2, 0x8f1fe357, 0xab55662a,
+ 0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x837d3a5,
+ 0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c,
+ 0x1ccf8a2b, 0xb479a792, 0xf207f3f0, 0xe2694ea1,
+ 0xf4da65cd, 0xbe0506d5, 0x6234d11f, 0xfea6c48a,
+ 0x532e349d, 0x55f3a2a0, 0xe18a0532, 0xebf6a475,
+ 0xec830b39, 0xef6040aa, 0x9f715e06, 0x106ebd51,
+ 0x8a213ef9, 0x6dd963d, 0x53eddae, 0xbde64d46,
+ 0x8d5491b5, 0x5dc47105, 0xd406046f, 0x155060ff,
+ 0xfb981924, 0xe9bdd697, 0x434089cc, 0x9ed96777,
+ 0x42e8b0bd, 0x8b890788, 0x5b19e738, 0xeec879db,
+ 0xa7ca147, 0xf427ce9, 0x1e84f8c9, 0x0,
+ 0x86800983, 0xed2b3248, 0x70111eac, 0x725a6c4e,
+ 0xff0efdfb, 0x38850f56, 0xd5ae3d1e, 0x392d3627,
+ 0xd90f0a64, 0xa65c6821, 0x545b9bd1, 0x2e36243a,
+ 0x670a0cb1, 0xe757930f, 0x96eeb4d2, 0x919b1b9e,
+ 0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16,
+ 0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d,
+ 0xd090e0b, 0xc78bf2ad, 0xa8b62db9, 0xa91e14c8,
+ 0x19f15785, 0x775af4c, 0xdd99eebb, 0x607fa3fd,
+ 0x2601f79f, 0xf5725cbc, 0x3b6644c5, 0x7efb5b34,
+ 0x29438b76, 0xc623cbdc, 0xfcedb668, 0xf1e4b863,
+ 0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420,
+ 0x244a857d, 0x3dbbd2f8, 0x32f9ae11, 0xa129c76d,
+ 0x2f9e1d4b, 0x30b2dcf3, 0x52860dec, 0xe3c177d0,
+ 0x16b32b6c, 0xb970a999, 0x489411fa, 0x64e94722,
+ 0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef,
+ 0x4e4987c7, 0xd138d9c1, 0xa2ca8cfe, 0xbd49836,
+ 0x81f5a6cf, 0xde7aa528, 0x8eb7da26, 0xbfad3fa4,
+ 0x9d3a2ce4, 0x9278500d, 0xcc5f6a9b, 0x467e5462,
+ 0x138df6c2, 0xb8d890e8, 0xf7392e5e, 0xafc382f5,
+ 0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3,
+ 0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b,
+ 0x7826cd09, 0x18596ef4, 0xb79aec01, 0x9a4f83a8,
+ 0x6e95e665, 0xe6ffaa7e, 0xcfbc2108, 0xe815efe6,
+ 0x9be7bad9, 0x366f4ace, 0x99fead4, 0x7cb029d6,
+ 0xb2a431af, 0x233f2a31, 0x94a5c630, 0x66a235c0,
+ 0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315,
+ 0x9804f14a, 0xdaec41f7, 0x50cd7f0e, 0xf691172f,
+ 0xd64d768d, 0xb0ef434d, 0x4daacc54, 0x496e4df,
+ 0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8, 0x5165467f,
+ 0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e,
+ 0x1d67b35a, 0xd2db9252, 0x5610e933, 0x47d66d13,
+ 0x61d79a8c, 0xca1377a, 0x14f8598e, 0x3c13eb89,
+ 0x27a9ceee, 0xc961b735, 0xe51ce1ed, 0xb1477a3c,
+ 0xdfd29c59, 0x73f2553f, 0xce141879, 0x37c773bf,
+ 0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886,
+ 0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f,
+ 0xc31d1672, 0x25e2bc0c, 0x493c288b, 0x950dff41,
+ 0x1a83971, 0xb30c08de, 0xe4b4d89c, 0xc1566490,
+ 0x84cb7b61, 0xb632d570, 0x5c6c4874, 0x57b8d042,
+};
+
+static uint32_t U2[256] = {
+ 0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e,
+ 0xab3bcb6b, 0x9d1ff145, 0xfaacab58, 0xe34b9303,
+ 0x302055fa, 0x76adf66d, 0xcc889176, 0x2f5254c,
+ 0xe54ffcd7, 0x2ac5d7cb, 0x35268044, 0x62b58fa3,
+ 0xb1de495a, 0xba25671b, 0xea45980e, 0xfe5de1c0,
+ 0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9,
+ 0x8f03e75f, 0x9215959c, 0x6dbfeb7a, 0x5295da59,
+ 0xbed42d83, 0x7458d321, 0xe0492969, 0xc98e44c8,
+ 0xc2756a89, 0x8ef47879, 0x58996b3e, 0xb927dd71,
+ 0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a,
+ 0xdf63184a, 0x1ae58231, 0x51976033, 0x5362457f,
+ 0x64b1e077, 0x6bbb84ae, 0x81fe1ca0, 0x8f9942b,
+ 0x48705868, 0x458f19fd, 0xde94876c, 0x7b52b7f8,
+ 0x73ab23d3, 0x4b72e202, 0x1fe3578f, 0x55662aab,
+ 0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508,
+ 0x2830f287, 0xbf23b2a5, 0x302ba6a, 0x16ed5c82,
+ 0xcf8a2b1c, 0x79a792b4, 0x7f3f0f2, 0x694ea1e2,
+ 0xda65cdf4, 0x506d5be, 0x34d11f62, 0xa6c48afe,
+ 0x2e349d53, 0xf3a2a055, 0x8a0532e1, 0xf6a475eb,
+ 0x830b39ec, 0x6040aaef, 0x715e069f, 0x6ebd5110,
+ 0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd,
+ 0x5491b58d, 0xc471055d, 0x6046fd4, 0x5060ff15,
+ 0x981924fb, 0xbdd697e9, 0x4089cc43, 0xd967779e,
+ 0xe8b0bd42, 0x8907888b, 0x19e7385b, 0xc879dbee,
+ 0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x0,
+ 0x80098386, 0x2b3248ed, 0x111eac70, 0x5a6c4e72,
+ 0xefdfbff, 0x850f5638, 0xae3d1ed5, 0x2d362739,
+ 0xf0a64d9, 0x5c6821a6, 0x5b9bd154, 0x36243a2e,
+ 0xa0cb167, 0x57930fe7, 0xeeb4d296, 0x9b1b9e91,
+ 0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a,
+ 0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17,
+ 0x90e0b0d, 0x8bf2adc7, 0xb62db9a8, 0x1e14c8a9,
+ 0xf1578519, 0x75af4c07, 0x99eebbdd, 0x7fa3fd60,
+ 0x1f79f26, 0x725cbcf5, 0x6644c53b, 0xfb5b347e,
+ 0x438b7629, 0x23cbdcc6, 0xedb668fc, 0xe4b863f1,
+ 0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011,
+ 0x4a857d24, 0xbbd2f83d, 0xf9ae1132, 0x29c76da1,
+ 0x9e1d4b2f, 0xb2dcf330, 0x860dec52, 0xc177d0e3,
+ 0xb32b6c16, 0x70a999b9, 0x9411fa48, 0xe9472264,
+ 0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90,
+ 0x4987c74e, 0x38d9c1d1, 0xca8cfea2, 0xd498360b,
+ 0xf5a6cf81, 0x7aa528de, 0xb7da268e, 0xad3fa4bf,
+ 0x3a2ce49d, 0x78500d92, 0x5f6a9bcc, 0x7e546246,
+ 0x8df6c213, 0xd890e8b8, 0x392e5ef7, 0xc382f5af,
+ 0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312,
+ 0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb,
+ 0x26cd0978, 0x596ef418, 0x9aec01b7, 0x4f83a89a,
+ 0x95e6656e, 0xffaa7ee6, 0xbc2108cf, 0x15efe6e8,
+ 0xe7bad99b, 0x6f4ace36, 0x9fead409, 0xb029d67c,
+ 0xa431afb2, 0x3f2a3123, 0xa5c63094, 0xa235c066,
+ 0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8,
+ 0x4f14a98, 0xec41f7da, 0xcd7f0e50, 0x91172ff6,
+ 0x4d768dd6, 0xef434db0, 0xaacc544d, 0x96e4df04,
+ 0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f, 0x65467f51,
+ 0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0xbfb2e41,
+ 0x67b35a1d, 0xdb9252d2, 0x10e93356, 0xd66d1347,
+ 0xd79a8c61, 0xa1377a0c, 0xf8598e14, 0x13eb893c,
+ 0xa9ceee27, 0x61b735c9, 0x1ce1ede5, 0x477a3cb1,
+ 0xd29c59df, 0xf2553f73, 0x141879ce, 0xc773bf37,
+ 0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db,
+ 0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40,
+ 0x1d1672c3, 0xe2bc0c25, 0x3c288b49, 0xdff4195,
+ 0xa8397101, 0xc08deb3, 0xb4d89ce4, 0x566490c1,
+ 0xcb7b6184, 0x32d570b6, 0x6c48745c, 0xb8d04257,
+};
+
+static uint32_t U3[256] = {
+ 0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27,
+ 0x3bcb6bab, 0x1ff1459d, 0xacab58fa, 0x4b9303e3,
+ 0x2055fa30, 0xadf66d76, 0x889176cc, 0xf5254c02,
+ 0x4ffcd7e5, 0xc5d7cb2a, 0x26804435, 0xb58fa362,
+ 0xde495ab1, 0x25671bba, 0x45980eea, 0x5de1c0fe,
+ 0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3,
+ 0x3e75f8f, 0x15959c92, 0xbfeb7a6d, 0x95da5952,
+ 0xd42d83be, 0x58d32174, 0x492969e0, 0x8e44c8c9,
+ 0x756a89c2, 0xf478798e, 0x996b3e58, 0x27dd71b9,
+ 0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace,
+ 0x63184adf, 0xe582311a, 0x97603351, 0x62457f53,
+ 0xb1e07764, 0xbb84ae6b, 0xfe1ca081, 0xf9942b08,
+ 0x70586848, 0x8f19fd45, 0x94876cde, 0x52b7f87b,
+ 0xab23d373, 0x72e2024b, 0xe3578f1f, 0x662aab55,
+ 0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837,
+ 0x30f28728, 0x23b2a5bf, 0x2ba6a03, 0xed5c8216,
+ 0x8a2b1ccf, 0xa792b479, 0xf3f0f207, 0x4ea1e269,
+ 0x65cdf4da, 0x6d5be05, 0xd11f6234, 0xc48afea6,
+ 0x349d532e, 0xa2a055f3, 0x532e18a, 0xa475ebf6,
+ 0xb39ec83, 0x40aaef60, 0x5e069f71, 0xbd51106e,
+ 0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6,
+ 0x91b58d54, 0x71055dc4, 0x46fd406, 0x60ff1550,
+ 0x1924fb98, 0xd697e9bd, 0x89cc4340, 0x67779ed9,
+ 0xb0bd42e8, 0x7888b89, 0xe7385b19, 0x79dbeec8,
+ 0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x0,
+ 0x9838680, 0x3248ed2b, 0x1eac7011, 0x6c4e725a,
+ 0xfdfbff0e, 0xf563885, 0x3d1ed5ae, 0x3627392d,
+ 0xa64d90f, 0x6821a65c, 0x9bd1545b, 0x243a2e36,
+ 0xcb1670a, 0x930fe757, 0xb4d296ee, 0x1b9e919b,
+ 0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12,
+ 0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b,
+ 0xe0b0d09, 0xf2adc78b, 0x2db9a8b6, 0x14c8a91e,
+ 0x578519f1, 0xaf4c0775, 0xeebbdd99, 0xa3fd607f,
+ 0xf79f2601, 0x5cbcf572, 0x44c53b66, 0x5b347efb,
+ 0x8b762943, 0xcbdcc623, 0xb668fced, 0xb863f1e4,
+ 0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6,
+ 0x857d244a, 0xd2f83dbb, 0xae1132f9, 0xc76da129,
+ 0x1d4b2f9e, 0xdcf330b2, 0xdec5286, 0x77d0e3c1,
+ 0x2b6c16b3, 0xa999b970, 0x11fa4894, 0x472264e9,
+ 0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033,
+ 0x87c74e49, 0xd9c1d138, 0x8cfea2ca, 0x98360bd4,
+ 0xa6cf81f5, 0xa528de7a, 0xda268eb7, 0x3fa4bfad,
+ 0x2ce49d3a, 0x500d9278, 0x6a9bcc5f, 0x5462467e,
+ 0xf6c2138d, 0x90e8b8d8, 0x2e5ef739, 0x82f5afc3,
+ 0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225,
+ 0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b,
+ 0xcd097826, 0x6ef41859, 0xec01b79a, 0x83a89a4f,
+ 0xe6656e95, 0xaa7ee6ff, 0x2108cfbc, 0xefe6e815,
+ 0xbad99be7, 0x4ace366f, 0xead4099f, 0x29d67cb0,
+ 0x31afb2a4, 0x2a31233f, 0xc63094a5, 0x35c066a2,
+ 0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7,
+ 0xf14a9804, 0x41f7daec, 0x7f0e50cd, 0x172ff691,
+ 0x768dd64d, 0x434db0ef, 0xcc544daa, 0xe4df0496,
+ 0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c, 0x467f5165,
+ 0x9d04ea5e, 0x15d358c, 0xfa737487, 0xfb2e410b,
+ 0xb35a1d67, 0x9252d2db, 0xe9335610, 0x6d1347d6,
+ 0x9a8c61d7, 0x377a0ca1, 0x598e14f8, 0xeb893c13,
+ 0xceee27a9, 0xb735c961, 0xe1ede51c, 0x7a3cb147,
+ 0x9c59dfd2, 0x553f73f2, 0x1879ce14, 0x73bf37c7,
+ 0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44,
+ 0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3,
+ 0x1672c31d, 0xbc0c25e2, 0x288b493c, 0xff41950d,
+ 0x397101a8, 0x8deb30c, 0xd89ce4b4, 0x6490c156,
+ 0x7b6184cb, 0xd570b632, 0x48745c6c, 0xd04257b8,
+};
+
+#else /* assume big endian */
+
+static uint32_t T0[256] = {
+ 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
+ 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
+ 0x60303050, 0x2010103, 0xce6767a9, 0x562b2b7d,
+ 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
+ 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
+ 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
+ 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
+ 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
+ 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
+ 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
+ 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
+ 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
+ 0x804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
+ 0x30181828, 0x379696a1, 0xa05050f, 0x2f9a9ab5,
+ 0xe070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
+ 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
+ 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
+ 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
+ 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
+ 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
+ 0xa65353f5, 0xb9d1d168, 0x0, 0xc1eded2c,
+ 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
+ 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
+ 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
+ 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
+ 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
+ 0x8a4545cf, 0xe9f9f910, 0x4020206, 0xfe7f7f81,
+ 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
+ 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x58f8f8a,
+ 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
+ 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
+ 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
+ 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
+ 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
+ 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
+ 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
+ 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
+ 0x44222266, 0x542a2a7e, 0x3b9090ab, 0xb888883,
+ 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
+ 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
+ 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
+ 0x924949db, 0xc06060a, 0x4824246c, 0xb85c5ce4,
+ 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
+ 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
+ 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
+ 0x18d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
+ 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
+ 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
+ 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
+ 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
+ 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
+ 0x964b4bdd, 0x61bdbddc, 0xd8b8b86, 0xf8a8a85,
+ 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
+ 0x904848d8, 0x6030305, 0xf7f6f601, 0x1c0e0e12,
+ 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
+ 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
+ 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
+ 0xd26969bb, 0xa9d9d970, 0x78e8e89, 0x339494a7,
+ 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
+ 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
+ 0x38c8c8f, 0x59a1a1f8, 0x9898980, 0x1a0d0d17,
+ 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
+ 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
+ 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a,
+};
+
+static uint32_t T1[256] = {
+ 0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b,
+ 0xdfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5,
+ 0x50603030, 0x3020101, 0xa9ce6767, 0x7d562b2b,
+ 0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676,
+ 0x458fcaca, 0x9d1f8282, 0x4089c9c9, 0x87fa7d7d,
+ 0x15effafa, 0xebb25959, 0xc98e4747, 0xbfbf0f0,
+ 0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf,
+ 0xbf239c9c, 0xf753a4a4, 0x96e47272, 0x5b9bc0c0,
+ 0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626,
+ 0x5a6c3636, 0x417e3f3f, 0x2f5f7f7, 0x4f83cccc,
+ 0x5c683434, 0xf451a5a5, 0x34d1e5e5, 0x8f9f1f1,
+ 0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515,
+ 0xc080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3,
+ 0x28301818, 0xa1379696, 0xf0a0505, 0xb52f9a9a,
+ 0x90e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2,
+ 0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575,
+ 0x1b120909, 0x9e1d8383, 0x74582c2c, 0x2e341a1a,
+ 0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0,
+ 0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3,
+ 0x7b522929, 0x3edde3e3, 0x715e2f2f, 0x97138484,
+ 0xf5a65353, 0x68b9d1d1, 0x0, 0x2cc1eded,
+ 0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b,
+ 0xbed46a6a, 0x468dcbcb, 0xd967bebe, 0x4b723939,
+ 0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf,
+ 0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb,
+ 0xc5864343, 0xd79a4d4d, 0x55663333, 0x94118585,
+ 0xcf8a4545, 0x10e9f9f9, 0x6040202, 0x81fe7f7f,
+ 0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8,
+ 0xf3a25151, 0xfe5da3a3, 0xc0804040, 0x8a058f8f,
+ 0xad3f9292, 0xbc219d9d, 0x48703838, 0x4f1f5f5,
+ 0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121,
+ 0x30201010, 0x1ae5ffff, 0xefdf3f3, 0x6dbfd2d2,
+ 0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec,
+ 0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717,
+ 0x5793c4c4, 0xf255a7a7, 0x82fc7e7e, 0x477a3d3d,
+ 0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373,
+ 0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc,
+ 0x66442222, 0x7e542a2a, 0xab3b9090, 0x830b8888,
+ 0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414,
+ 0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb,
+ 0x3bdbe0e0, 0x56643232, 0x4e743a3a, 0x1e140a0a,
+ 0xdb924949, 0xa0c0606, 0x6c482424, 0xe4b85c5c,
+ 0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262,
+ 0xa8399191, 0xa4319595, 0x37d3e4e4, 0x8bf27979,
+ 0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d,
+ 0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9,
+ 0xb4d86c6c, 0xfaac5656, 0x7f3f4f4, 0x25cfeaea,
+ 0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808,
+ 0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e,
+ 0x24381c1c, 0xf157a6a6, 0xc773b4b4, 0x5197c6c6,
+ 0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f,
+ 0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a,
+ 0x90e07070, 0x427c3e3e, 0xc471b5b5, 0xaacc6666,
+ 0xd8904848, 0x5060303, 0x1f7f6f6, 0x121c0e0e,
+ 0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9,
+ 0x91178686, 0x5899c1c1, 0x273a1d1d, 0xb9279e9e,
+ 0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111,
+ 0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494,
+ 0xb62d9b9b, 0x223c1e1e, 0x92158787, 0x20c9e9e9,
+ 0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf,
+ 0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d,
+ 0xda65bfbf, 0x31d7e6e6, 0xc6844242, 0xb8d06868,
+ 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f,
+ 0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616,
+};
+
+static uint32_t T2[256] = {
+ 0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b,
+ 0xf20dfff2, 0x6bbdd66b, 0x6fb1de6f, 0xc55491c5,
+ 0x30506030, 0x1030201, 0x67a9ce67, 0x2b7d562b,
+ 0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76,
+ 0xca458fca, 0x829d1f82, 0xc94089c9, 0x7d87fa7d,
+ 0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0,
+ 0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af,
+ 0x9cbf239c, 0xa4f753a4, 0x7296e472, 0xc05b9bc0,
+ 0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26,
+ 0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc,
+ 0x345c6834, 0xa5f451a5, 0xe534d1e5, 0xf108f9f1,
+ 0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15,
+ 0x40c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3,
+ 0x18283018, 0x96a13796, 0x50f0a05, 0x9ab52f9a,
+ 0x7090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2,
+ 0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75,
+ 0x91b1209, 0x839e1d83, 0x2c74582c, 0x1a2e341a,
+ 0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0,
+ 0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3,
+ 0x297b5229, 0xe33edde3, 0x2f715e2f, 0x84971384,
+ 0x53f5a653, 0xd168b9d1, 0x0, 0xed2cc1ed,
+ 0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b,
+ 0x6abed46a, 0xcb468dcb, 0xbed967be, 0x394b7239,
+ 0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf,
+ 0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb,
+ 0x43c58643, 0x4dd79a4d, 0x33556633, 0x85941185,
+ 0x45cf8a45, 0xf910e9f9, 0x2060402, 0x7f81fe7f,
+ 0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8,
+ 0x51f3a251, 0xa3fe5da3, 0x40c08040, 0x8f8a058f,
+ 0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5,
+ 0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221,
+ 0x10302010, 0xff1ae5ff, 0xf30efdf3, 0xd26dbfd2,
+ 0xcd4c81cd, 0xc14180c, 0x13352613, 0xec2fc3ec,
+ 0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17,
+ 0xc45793c4, 0xa7f255a7, 0x7e82fc7e, 0x3d477a3d,
+ 0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673,
+ 0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc,
+ 0x22664422, 0x2a7e542a, 0x90ab3b90, 0x88830b88,
+ 0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814,
+ 0xde79a7de, 0x5ee2bc5e, 0xb1d160b, 0xdb76addb,
+ 0xe03bdbe0, 0x32566432, 0x3a4e743a, 0xa1e140a,
+ 0x49db9249, 0x60a0c06, 0x246c4824, 0x5ce4b85c,
+ 0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462,
+ 0x91a83991, 0x95a43195, 0xe437d3e4, 0x798bf279,
+ 0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d,
+ 0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9,
+ 0x6cb4d86c, 0x56faac56, 0xf407f3f4, 0xea25cfea,
+ 0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x8181008,
+ 0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e,
+ 0x1c24381c, 0xa6f157a6, 0xb4c773b4, 0xc65197c6,
+ 0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f,
+ 0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a,
+ 0x7090e070, 0x3e427c3e, 0xb5c471b5, 0x66aacc66,
+ 0x48d89048, 0x3050603, 0xf601f7f6, 0xe121c0e,
+ 0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9,
+ 0x86911786, 0xc15899c1, 0x1d273a1d, 0x9eb9279e,
+ 0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211,
+ 0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394,
+ 0x9bb62d9b, 0x1e223c1e, 0x87921587, 0xe920c9e9,
+ 0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df,
+ 0x8c8f038c, 0xa1f859a1, 0x89800989, 0xd171a0d,
+ 0xbfda65bf, 0xe631d7e6, 0x42c68442, 0x68b8d068,
+ 0x41c38241, 0x99b02999, 0x2d775a2d, 0xf111e0f,
+ 0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16,
+};
+
+static uint32_t T3[256] = {
+ 0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6,
+ 0xf2f20dff, 0x6b6bbdd6, 0x6f6fb1de, 0xc5c55491,
+ 0x30305060, 0x1010302, 0x6767a9ce, 0x2b2b7d56,
+ 0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec,
+ 0xcaca458f, 0x82829d1f, 0xc9c94089, 0x7d7d87fa,
+ 0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb,
+ 0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45,
+ 0x9c9cbf23, 0xa4a4f753, 0x727296e4, 0xc0c05b9b,
+ 0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c,
+ 0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83,
+ 0x34345c68, 0xa5a5f451, 0xe5e534d1, 0xf1f108f9,
+ 0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a,
+ 0x4040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d,
+ 0x18182830, 0x9696a137, 0x5050f0a, 0x9a9ab52f,
+ 0x707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf,
+ 0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea,
+ 0x9091b12, 0x83839e1d, 0x2c2c7458, 0x1a1a2e34,
+ 0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b,
+ 0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d,
+ 0x29297b52, 0xe3e33edd, 0x2f2f715e, 0x84849713,
+ 0x5353f5a6, 0xd1d168b9, 0x0, 0xeded2cc1,
+ 0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6,
+ 0x6a6abed4, 0xcbcb468d, 0xbebed967, 0x39394b72,
+ 0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85,
+ 0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed,
+ 0x4343c586, 0x4d4dd79a, 0x33335566, 0x85859411,
+ 0x4545cf8a, 0xf9f910e9, 0x2020604, 0x7f7f81fe,
+ 0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b,
+ 0x5151f3a2, 0xa3a3fe5d, 0x4040c080, 0x8f8f8a05,
+ 0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1,
+ 0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342,
+ 0x10103020, 0xffff1ae5, 0xf3f30efd, 0xd2d26dbf,
+ 0xcdcd4c81, 0xc0c1418, 0x13133526, 0xecec2fc3,
+ 0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e,
+ 0xc4c45793, 0xa7a7f255, 0x7e7e82fc, 0x3d3d477a,
+ 0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6,
+ 0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3,
+ 0x22226644, 0x2a2a7e54, 0x9090ab3b, 0x8888830b,
+ 0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28,
+ 0xdede79a7, 0x5e5ee2bc, 0xb0b1d16, 0xdbdb76ad,
+ 0xe0e03bdb, 0x32325664, 0x3a3a4e74, 0xa0a1e14,
+ 0x4949db92, 0x6060a0c, 0x24246c48, 0x5c5ce4b8,
+ 0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4,
+ 0x9191a839, 0x9595a431, 0xe4e437d3, 0x79798bf2,
+ 0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da,
+ 0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049,
+ 0x6c6cb4d8, 0x5656faac, 0xf4f407f3, 0xeaea25cf,
+ 0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x8081810,
+ 0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c,
+ 0x1c1c2438, 0xa6a6f157, 0xb4b4c773, 0xc6c65197,
+ 0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e,
+ 0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f,
+ 0x707090e0, 0x3e3e427c, 0xb5b5c471, 0x6666aacc,
+ 0x4848d890, 0x3030506, 0xf6f601f7, 0xe0e121c,
+ 0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069,
+ 0x86869117, 0xc1c15899, 0x1d1d273a, 0x9e9eb927,
+ 0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322,
+ 0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733,
+ 0x9b9bb62d, 0x1e1e223c, 0x87879215, 0xe9e920c9,
+ 0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5,
+ 0x8c8c8f03, 0xa1a1f859, 0x89898009, 0xd0d171a,
+ 0xbfbfda65, 0xe6e631d7, 0x4242c684, 0x6868b8d0,
+ 0x4141c382, 0x9999b029, 0x2d2d775a, 0xf0f111e,
+ 0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c,
+};
+
+static uint32_t U0[256] = {
+ 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
+ 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
+ 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
+ 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
+ 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
+ 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
+ 0x38f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
+ 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
+ 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
+ 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
+ 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
+ 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
+ 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
+ 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
+ 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
+ 0x302887f2, 0x23bfa5b2, 0x2036aba, 0xed16825c,
+ 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
+ 0x65daf4cd, 0x605bed5, 0xd134621f, 0xc4a6fe8a,
+ 0x342e539d, 0xa2f355a0, 0x58ae132, 0xa4f6eb75,
+ 0xb83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
+ 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
+ 0x91548db5, 0x71c45d05, 0x406d46f, 0x605015ff,
+ 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
+ 0xb0e842bd, 0x7898b88, 0xe7195b38, 0x79c8eedb,
+ 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x0,
+ 0x9808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
+ 0xfd0efffb, 0xf853856, 0x3daed51e, 0x362d3927,
+ 0xa0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
+ 0xc0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
+ 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
+ 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
+ 0xe090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
+ 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
+ 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
+ 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
+ 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
+ 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
+ 0x1d9e2f4b, 0xdcb230f3, 0xd8652ec, 0x77c1e3d0,
+ 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
+ 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
+ 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
+ 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
+ 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
+ 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
+ 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
+ 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
+ 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
+ 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
+ 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
+ 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
+ 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
+ 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
+ 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
+ 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
+ 0x9d5eea04, 0x18c355d, 0xfa877473, 0xfb0b412e,
+ 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
+ 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
+ 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
+ 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
+ 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
+ 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
+ 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
+ 0x39a80171, 0x80cb3de, 0xd8b4e49c, 0x6456c190,
+ 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
+};
+
+static uint32_t U1[256] = {
+ 0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e,
+ 0xcb3bab6b, 0xf11f9d45, 0xabacfa58, 0x934be303,
+ 0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c,
+ 0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3,
+ 0x49deb15a, 0x6725ba1b, 0x9845ea0e, 0xe15dfec0,
+ 0x2c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9,
+ 0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259,
+ 0x2dd4be83, 0xd3587421, 0x2949e069, 0x448ec9c8,
+ 0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971,
+ 0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a,
+ 0x1863df4a, 0x82e51a31, 0x60975133, 0x4562537f,
+ 0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b,
+ 0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8,
+ 0x23ab73d3, 0xe2724b02, 0x57e31f8f, 0x2a6655ab,
+ 0x7b2eb28, 0x32fb5c2, 0x9a86c57b, 0xa5d33708,
+ 0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682,
+ 0x2b8acf1c, 0x92a779b4, 0xf0f307f2, 0xa14e69e2,
+ 0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe,
+ 0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb,
+ 0x390b83ec, 0xaa4060ef, 0x65e719f, 0x51bd6e10,
+ 0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd,
+ 0xb591548d, 0x571c45d, 0x6f0406d4, 0xff605015,
+ 0x241998fb, 0x97d6bde9, 0xcc894043, 0x7767d99e,
+ 0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee,
+ 0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x0,
+ 0x83098086, 0x48322bed, 0xac1e1170, 0x4e6c5a72,
+ 0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39,
+ 0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e,
+ 0xb10c0a67, 0xf9357e7, 0xd2b4ee96, 0x9e1b9b91,
+ 0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a,
+ 0xae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17,
+ 0xb0e090d, 0xadf28bc7, 0xb92db6a8, 0xc8141ea9,
+ 0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60,
+ 0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e,
+ 0x768b4329, 0xdccb23c6, 0x68b6edfc, 0x63b8e4f1,
+ 0xcad731dc, 0x10426385, 0x40139722, 0x2084c611,
+ 0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1,
+ 0x4b1d9e2f, 0xf3dcb230, 0xec0d8652, 0xd077c1e3,
+ 0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964,
+ 0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390,
+ 0xc787494e, 0xc1d938d1, 0xfe8ccaa2, 0x3698d40b,
+ 0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf,
+ 0xe42c3a9d, 0xd507892, 0x9b6a5fcc, 0x62547e46,
+ 0xc2f68d13, 0xe890d8b8, 0x5e2e39f7, 0xf582c3af,
+ 0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512,
+ 0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb,
+ 0x9cd2678, 0xf46e5918, 0x1ec9ab7, 0xa8834f9a,
+ 0x65e6956e, 0x7eaaffe6, 0x821bccf, 0xe6ef15e8,
+ 0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c,
+ 0xaf31a4b2, 0x312a3f23, 0x30c6a594, 0xc035a266,
+ 0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8,
+ 0x4af10498, 0xf741ecda, 0xe7fcd50, 0x2f1791f6,
+ 0x8d764dd6, 0x4d43efb0, 0x54ccaa4d, 0xdfe49604,
+ 0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551,
+ 0x49d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41,
+ 0x5ab3671d, 0x5292dbd2, 0x33e91056, 0x136dd647,
+ 0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c,
+ 0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1,
+ 0x599cd2df, 0x3f55f273, 0x791814ce, 0xbf73c737,
+ 0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db,
+ 0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340,
+ 0x72161dc3, 0xcbce225, 0x8b283c49, 0x41ff0d95,
+ 0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1,
+ 0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857
+};
+
+static uint32_t U2[256] = {
+ 0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27,
+ 0x6bcb3bab, 0x45f11f9d, 0x58abacfa, 0x3934be3,
+ 0xfa552030, 0x6df6ad76, 0x769188cc, 0x4c25f502,
+ 0xd7fc4fe5, 0xcbd7c52a, 0x44802635, 0xa38fb562,
+ 0x5a49deb1, 0x1b6725ba, 0xe9845ea, 0xc0e15dfe,
+ 0x7502c32f, 0xf012814c, 0x97a38d46, 0xf9c66bd3,
+ 0x5fe7038f, 0x9c951592, 0x7aebbf6d, 0x59da9552,
+ 0x832dd4be, 0x21d35874, 0x692949e0, 0xc8448ec9,
+ 0x896a75c2, 0x7978f48e, 0x3e6b9958, 0x71dd27b9,
+ 0x4fb6bee1, 0xad17f088, 0xac66c920, 0x3ab47dce,
+ 0x4a1863df, 0x3182e51a, 0x33609751, 0x7f456253,
+ 0x77e0b164, 0xae84bb6b, 0xa01cfe81, 0x2b94f908,
+ 0x68587048, 0xfd198f45, 0x6c8794de, 0xf8b7527b,
+ 0xd323ab73, 0x2e2724b, 0x8f57e31f, 0xab2a6655,
+ 0x2807b2eb, 0xc2032fb5, 0x7b9a86c5, 0x8a5d337,
+ 0x87f23028, 0xa5b223bf, 0x6aba0203, 0x825ced16,
+ 0x1c2b8acf, 0xb492a779, 0xf2f0f307, 0xe2a14e69,
+ 0xf4cd65da, 0xbed50605, 0x621fd134, 0xfe8ac4a6,
+ 0x539d342e, 0x55a0a2f3, 0xe132058a, 0xeb75a4f6,
+ 0xec390b83, 0xefaa4060, 0x9f065e71, 0x1051bd6e,
+ 0x8af93e21, 0x63d96dd, 0x5aedd3e, 0xbd464de6,
+ 0x8db59154, 0x5d0571c4, 0xd46f0406, 0x15ff6050,
+ 0xfb241998, 0xe997d6bd, 0x43cc8940, 0x9e7767d9,
+ 0x42bdb0e8, 0x8b880789, 0x5b38e719, 0xeedb79c8,
+ 0xa47a17c, 0xfe97c42, 0x1ec9f884, 0x0,
+ 0x86830980, 0xed48322b, 0x70ac1e11, 0x724e6c5a,
+ 0xfffbfd0e, 0x38560f85, 0xd51e3dae, 0x3927362d,
+ 0xd9640a0f, 0xa621685c, 0x54d19b5b, 0x2e3a2436,
+ 0x67b10c0a, 0xe70f9357, 0x96d2b4ee, 0x919e1b9b,
+ 0xc54f80c0, 0x20a261dc, 0x4b695a77, 0x1a161c12,
+ 0xba0ae293, 0x2ae5c0a0, 0xe0433c22, 0x171d121b,
+ 0xd0b0e09, 0xc7adf28b, 0xa8b92db6, 0xa9c8141e,
+ 0x198557f1, 0x74caf75, 0xddbbee99, 0x60fda37f,
+ 0x269ff701, 0xf5bc5c72, 0x3bc54466, 0x7e345bfb,
+ 0x29768b43, 0xc6dccb23, 0xfc68b6ed, 0xf163b8e4,
+ 0xdccad731, 0x85104263, 0x22401397, 0x112084c6,
+ 0x247d854a, 0x3df8d2bb, 0x3211aef9, 0xa16dc729,
+ 0x2f4b1d9e, 0x30f3dcb2, 0x52ec0d86, 0xe3d077c1,
+ 0x166c2bb3, 0xb999a970, 0x48fa1194, 0x642247e9,
+ 0x8cc4a8fc, 0x3f1aa0f0, 0x2cd8567d, 0x90ef2233,
+ 0x4ec78749, 0xd1c1d938, 0xa2fe8cca, 0xb3698d4,
+ 0x81cfa6f5, 0xde28a57a, 0x8e26dab7, 0xbfa43fad,
+ 0x9de42c3a, 0x920d5078, 0xcc9b6a5f, 0x4662547e,
+ 0x13c2f68d, 0xb8e890d8, 0xf75e2e39, 0xaff582c3,
+ 0x80be9f5d, 0x937c69d0, 0x2da96fd5, 0x12b3cf25,
+ 0x993bc8ac, 0x7da71018, 0x636ee89c, 0xbb7bdb3b,
+ 0x7809cd26, 0x18f46e59, 0xb701ec9a, 0x9aa8834f,
+ 0x6e65e695, 0xe67eaaff, 0xcf0821bc, 0xe8e6ef15,
+ 0x9bd9bae7, 0x36ce4a6f, 0x9d4ea9f, 0x7cd629b0,
+ 0xb2af31a4, 0x23312a3f, 0x9430c6a5, 0x66c035a2,
+ 0xbc37744e, 0xcaa6fc82, 0xd0b0e090, 0xd81533a7,
+ 0x984af104, 0xdaf741ec, 0x500e7fcd, 0xf62f1791,
+ 0xd68d764d, 0xb04d43ef, 0x4d54ccaa, 0x4dfe496,
+ 0xb5e39ed1, 0x881b4c6a, 0x1fb8c12c, 0x517f4665,
+ 0xea049d5e, 0x355d018c, 0x7473fa87, 0x412efb0b,
+ 0x1d5ab367, 0xd25292db, 0x5633e910, 0x47136dd6,
+ 0x618c9ad7, 0xc7a37a1, 0x148e59f8, 0x3c89eb13,
+ 0x27eecea9, 0xc935b761, 0xe5ede11c, 0xb13c7a47,
+ 0xdf599cd2, 0x733f55f2, 0xce791814, 0x37bf73c7,
+ 0xcdea53f7, 0xaa5b5ffd, 0x6f14df3d, 0xdb867844,
+ 0xf381caaf, 0xc43eb968, 0x342c3824, 0x405fc2a3,
+ 0xc372161d, 0x250cbce2, 0x498b283c, 0x9541ff0d,
+ 0x17139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456,
+ 0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8
+};
+
+static uint32_t U3[256] = {
+ 0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a,
+ 0xab6bcb3b, 0x9d45f11f, 0xfa58abac, 0xe303934b,
+ 0x30fa5520, 0x766df6ad, 0xcc769188, 0x24c25f5,
+ 0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5,
+ 0xb15a49de, 0xba1b6725, 0xea0e9845, 0xfec0e15d,
+ 0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b,
+ 0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95,
+ 0xbe832dd4, 0x7421d358, 0xe0692949, 0xc9c8448e,
+ 0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27,
+ 0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d,
+ 0xdf4a1863, 0x1a3182e5, 0x51336097, 0x537f4562,
+ 0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x82b94f9,
+ 0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752,
+ 0x73d323ab, 0x4b02e272, 0x1f8f57e3, 0x55ab2a66,
+ 0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3,
+ 0x2887f230, 0xbfa5b223, 0x36aba02, 0x16825ced,
+ 0xcf1c2b8a, 0x79b492a7, 0x7f2f0f3, 0x69e2a14e,
+ 0xdaf4cd65, 0x5bed506, 0x34621fd1, 0xa6fe8ac4,
+ 0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4,
+ 0x83ec390b, 0x60efaa40, 0x719f065e, 0x6e1051bd,
+ 0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d,
+ 0x548db591, 0xc45d0571, 0x6d46f04, 0x5015ff60,
+ 0x98fb2419, 0xbde997d6, 0x4043cc89, 0xd99e7767,
+ 0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79,
+ 0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x0,
+ 0x80868309, 0x2bed4832, 0x1170ac1e, 0x5a724e6c,
+ 0xefffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736,
+ 0xfd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24,
+ 0xa67b10c, 0x57e70f93, 0xee96d2b4, 0x9b919e1b,
+ 0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c,
+ 0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12,
+ 0x90d0b0e, 0x8bc7adf2, 0xb6a8b92d, 0x1ea9c814,
+ 0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3,
+ 0x1269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b,
+ 0x4329768b, 0x23c6dccb, 0xedfc68b6, 0xe4f163b8,
+ 0x31dccad7, 0x63851042, 0x97224013, 0xc6112084,
+ 0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7,
+ 0x9e2f4b1d, 0xb230f3dc, 0x8652ec0d, 0xc1e3d077,
+ 0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247,
+ 0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22,
+ 0x494ec787, 0x38d1c1d9, 0xcaa2fe8c, 0xd40b3698,
+ 0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f,
+ 0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254,
+ 0x8d13c2f6, 0xd8b8e890, 0x39f75e2e, 0xc3aff582,
+ 0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf,
+ 0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb,
+ 0x267809cd, 0x5918f46e, 0x9ab701ec, 0x4f9aa883,
+ 0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef,
+ 0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629,
+ 0xa4b2af31, 0x3f23312a, 0xa59430c6, 0xa266c035,
+ 0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533,
+ 0x4984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17,
+ 0x4dd68d76, 0xefb04d43, 0xaa4d54cc, 0x9604dfe4,
+ 0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46,
+ 0x5eea049d, 0x8c355d01, 0x877473fa, 0xb412efb,
+ 0x671d5ab3, 0xdbd25292, 0x105633e9, 0xd647136d,
+ 0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb,
+ 0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a,
+ 0xd2df599c, 0xf2733f55, 0x14ce7918, 0xc737bf73,
+ 0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678,
+ 0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2,
+ 0x1dc37216, 0xe2250cbc, 0x3c498b28, 0xd9541ff,
+ 0xa8017139, 0xcb3de08, 0xb4e49cd8, 0x56c19064,
+ 0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0
+};
+
+#endif
+
+/*
+ * the following tables (aes_sbox, aes_inv_sbox, T4, U4) are
+ * endian-neutral
+ */
+
+static uint8_t
+aes_sbox[256] = {
+ 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5,
+ 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
+ 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
+ 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
+ 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc,
+ 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
+ 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a,
+ 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
+ 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
+ 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
+ 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b,
+ 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
+ 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85,
+ 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
+ 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
+ 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
+ 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17,
+ 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
+ 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88,
+ 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
+ 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
+ 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
+ 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9,
+ 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
+ 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6,
+ 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
+ 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
+ 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
+ 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94,
+ 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
+ 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68,
+ 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+};
+
+#ifndef CPU_RISC
+static uint8_t
+aes_inv_sbox[256] = {
+ 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38,
+ 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
+ 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87,
+ 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
+ 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d,
+ 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
+ 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2,
+ 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
+ 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16,
+ 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
+ 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda,
+ 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
+ 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a,
+ 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
+ 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02,
+ 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
+ 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea,
+ 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
+ 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85,
+ 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
+ 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89,
+ 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
+ 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20,
+ 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
+ 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31,
+ 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
+ 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d,
+ 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
+ 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0,
+ 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
+ 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26,
+ 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+};
+#endif /* ! CPU_RISC */
+
+#ifdef CPU_RISC
+static uint32_t
+T4[256] = {
+ 0x63636363, 0x7c7c7c7c, 0x77777777, 0x7b7b7b7b,
+ 0xf2f2f2f2, 0x6b6b6b6b, 0x6f6f6f6f, 0xc5c5c5c5,
+ 0x30303030, 0x01010101, 0x67676767, 0x2b2b2b2b,
+ 0xfefefefe, 0xd7d7d7d7, 0xabababab, 0x76767676,
+ 0xcacacaca, 0x82828282, 0xc9c9c9c9, 0x7d7d7d7d,
+ 0xfafafafa, 0x59595959, 0x47474747, 0xf0f0f0f0,
+ 0xadadadad, 0xd4d4d4d4, 0xa2a2a2a2, 0xafafafaf,
+ 0x9c9c9c9c, 0xa4a4a4a4, 0x72727272, 0xc0c0c0c0,
+ 0xb7b7b7b7, 0xfdfdfdfd, 0x93939393, 0x26262626,
+ 0x36363636, 0x3f3f3f3f, 0xf7f7f7f7, 0xcccccccc,
+ 0x34343434, 0xa5a5a5a5, 0xe5e5e5e5, 0xf1f1f1f1,
+ 0x71717171, 0xd8d8d8d8, 0x31313131, 0x15151515,
+ 0x04040404, 0xc7c7c7c7, 0x23232323, 0xc3c3c3c3,
+ 0x18181818, 0x96969696, 0x05050505, 0x9a9a9a9a,
+ 0x07070707, 0x12121212, 0x80808080, 0xe2e2e2e2,
+ 0xebebebeb, 0x27272727, 0xb2b2b2b2, 0x75757575,
+ 0x09090909, 0x83838383, 0x2c2c2c2c, 0x1a1a1a1a,
+ 0x1b1b1b1b, 0x6e6e6e6e, 0x5a5a5a5a, 0xa0a0a0a0,
+ 0x52525252, 0x3b3b3b3b, 0xd6d6d6d6, 0xb3b3b3b3,
+ 0x29292929, 0xe3e3e3e3, 0x2f2f2f2f, 0x84848484,
+ 0x53535353, 0xd1d1d1d1, 0x00000000, 0xedededed,
+ 0x20202020, 0xfcfcfcfc, 0xb1b1b1b1, 0x5b5b5b5b,
+ 0x6a6a6a6a, 0xcbcbcbcb, 0xbebebebe, 0x39393939,
+ 0x4a4a4a4a, 0x4c4c4c4c, 0x58585858, 0xcfcfcfcf,
+ 0xd0d0d0d0, 0xefefefef, 0xaaaaaaaa, 0xfbfbfbfb,
+ 0x43434343, 0x4d4d4d4d, 0x33333333, 0x85858585,
+ 0x45454545, 0xf9f9f9f9, 0x02020202, 0x7f7f7f7f,
+ 0x50505050, 0x3c3c3c3c, 0x9f9f9f9f, 0xa8a8a8a8,
+ 0x51515151, 0xa3a3a3a3, 0x40404040, 0x8f8f8f8f,
+ 0x92929292, 0x9d9d9d9d, 0x38383838, 0xf5f5f5f5,
+ 0xbcbcbcbc, 0xb6b6b6b6, 0xdadadada, 0x21212121,
+ 0x10101010, 0xffffffff, 0xf3f3f3f3, 0xd2d2d2d2,
+ 0xcdcdcdcd, 0x0c0c0c0c, 0x13131313, 0xecececec,
+ 0x5f5f5f5f, 0x97979797, 0x44444444, 0x17171717,
+ 0xc4c4c4c4, 0xa7a7a7a7, 0x7e7e7e7e, 0x3d3d3d3d,
+ 0x64646464, 0x5d5d5d5d, 0x19191919, 0x73737373,
+ 0x60606060, 0x81818181, 0x4f4f4f4f, 0xdcdcdcdc,
+ 0x22222222, 0x2a2a2a2a, 0x90909090, 0x88888888,
+ 0x46464646, 0xeeeeeeee, 0xb8b8b8b8, 0x14141414,
+ 0xdededede, 0x5e5e5e5e, 0x0b0b0b0b, 0xdbdbdbdb,
+ 0xe0e0e0e0, 0x32323232, 0x3a3a3a3a, 0x0a0a0a0a,
+ 0x49494949, 0x06060606, 0x24242424, 0x5c5c5c5c,
+ 0xc2c2c2c2, 0xd3d3d3d3, 0xacacacac, 0x62626262,
+ 0x91919191, 0x95959595, 0xe4e4e4e4, 0x79797979,
+ 0xe7e7e7e7, 0xc8c8c8c8, 0x37373737, 0x6d6d6d6d,
+ 0x8d8d8d8d, 0xd5d5d5d5, 0x4e4e4e4e, 0xa9a9a9a9,
+ 0x6c6c6c6c, 0x56565656, 0xf4f4f4f4, 0xeaeaeaea,
+ 0x65656565, 0x7a7a7a7a, 0xaeaeaeae, 0x08080808,
+ 0xbabababa, 0x78787878, 0x25252525, 0x2e2e2e2e,
+ 0x1c1c1c1c, 0xa6a6a6a6, 0xb4b4b4b4, 0xc6c6c6c6,
+ 0xe8e8e8e8, 0xdddddddd, 0x74747474, 0x1f1f1f1f,
+ 0x4b4b4b4b, 0xbdbdbdbd, 0x8b8b8b8b, 0x8a8a8a8a,
+ 0x70707070, 0x3e3e3e3e, 0xb5b5b5b5, 0x66666666,
+ 0x48484848, 0x03030303, 0xf6f6f6f6, 0x0e0e0e0e,
+ 0x61616161, 0x35353535, 0x57575757, 0xb9b9b9b9,
+ 0x86868686, 0xc1c1c1c1, 0x1d1d1d1d, 0x9e9e9e9e,
+ 0xe1e1e1e1, 0xf8f8f8f8, 0x98989898, 0x11111111,
+ 0x69696969, 0xd9d9d9d9, 0x8e8e8e8e, 0x94949494,
+ 0x9b9b9b9b, 0x1e1e1e1e, 0x87878787, 0xe9e9e9e9,
+ 0xcececece, 0x55555555, 0x28282828, 0xdfdfdfdf,
+ 0x8c8c8c8c, 0xa1a1a1a1, 0x89898989, 0x0d0d0d0d,
+ 0xbfbfbfbf, 0xe6e6e6e6, 0x42424242, 0x68686868,
+ 0x41414141, 0x99999999, 0x2d2d2d2d, 0x0f0f0f0f,
+ 0xb0b0b0b0, 0x54545454, 0xbbbbbbbb, 0x16161616
+};
+
+static uint32_t U4[256] = {
+ 0x52525252, 0x9090909, 0x6a6a6a6a, 0xd5d5d5d5,
+ 0x30303030, 0x36363636, 0xa5a5a5a5, 0x38383838,
+ 0xbfbfbfbf, 0x40404040, 0xa3a3a3a3, 0x9e9e9e9e,
+ 0x81818181, 0xf3f3f3f3, 0xd7d7d7d7, 0xfbfbfbfb,
+ 0x7c7c7c7c, 0xe3e3e3e3, 0x39393939, 0x82828282,
+ 0x9b9b9b9b, 0x2f2f2f2f, 0xffffffff, 0x87878787,
+ 0x34343434, 0x8e8e8e8e, 0x43434343, 0x44444444,
+ 0xc4c4c4c4, 0xdededede, 0xe9e9e9e9, 0xcbcbcbcb,
+ 0x54545454, 0x7b7b7b7b, 0x94949494, 0x32323232,
+ 0xa6a6a6a6, 0xc2c2c2c2, 0x23232323, 0x3d3d3d3d,
+ 0xeeeeeeee, 0x4c4c4c4c, 0x95959595, 0xb0b0b0b,
+ 0x42424242, 0xfafafafa, 0xc3c3c3c3, 0x4e4e4e4e,
+ 0x8080808, 0x2e2e2e2e, 0xa1a1a1a1, 0x66666666,
+ 0x28282828, 0xd9d9d9d9, 0x24242424, 0xb2b2b2b2,
+ 0x76767676, 0x5b5b5b5b, 0xa2a2a2a2, 0x49494949,
+ 0x6d6d6d6d, 0x8b8b8b8b, 0xd1d1d1d1, 0x25252525,
+ 0x72727272, 0xf8f8f8f8, 0xf6f6f6f6, 0x64646464,
+ 0x86868686, 0x68686868, 0x98989898, 0x16161616,
+ 0xd4d4d4d4, 0xa4a4a4a4, 0x5c5c5c5c, 0xcccccccc,
+ 0x5d5d5d5d, 0x65656565, 0xb6b6b6b6, 0x92929292,
+ 0x6c6c6c6c, 0x70707070, 0x48484848, 0x50505050,
+ 0xfdfdfdfd, 0xedededed, 0xb9b9b9b9, 0xdadadada,
+ 0x5e5e5e5e, 0x15151515, 0x46464646, 0x57575757,
+ 0xa7a7a7a7, 0x8d8d8d8d, 0x9d9d9d9d, 0x84848484,
+ 0x90909090, 0xd8d8d8d8, 0xabababab, 0x0,
+ 0x8c8c8c8c, 0xbcbcbcbc, 0xd3d3d3d3, 0xa0a0a0a,
+ 0xf7f7f7f7, 0xe4e4e4e4, 0x58585858, 0x5050505,
+ 0xb8b8b8b8, 0xb3b3b3b3, 0x45454545, 0x6060606,
+ 0xd0d0d0d0, 0x2c2c2c2c, 0x1e1e1e1e, 0x8f8f8f8f,
+ 0xcacacaca, 0x3f3f3f3f, 0xf0f0f0f, 0x2020202,
+ 0xc1c1c1c1, 0xafafafaf, 0xbdbdbdbd, 0x3030303,
+ 0x1010101, 0x13131313, 0x8a8a8a8a, 0x6b6b6b6b,
+ 0x3a3a3a3a, 0x91919191, 0x11111111, 0x41414141,
+ 0x4f4f4f4f, 0x67676767, 0xdcdcdcdc, 0xeaeaeaea,
+ 0x97979797, 0xf2f2f2f2, 0xcfcfcfcf, 0xcececece,
+ 0xf0f0f0f0, 0xb4b4b4b4, 0xe6e6e6e6, 0x73737373,
+ 0x96969696, 0xacacacac, 0x74747474, 0x22222222,
+ 0xe7e7e7e7, 0xadadadad, 0x35353535, 0x85858585,
+ 0xe2e2e2e2, 0xf9f9f9f9, 0x37373737, 0xe8e8e8e8,
+ 0x1c1c1c1c, 0x75757575, 0xdfdfdfdf, 0x6e6e6e6e,
+ 0x47474747, 0xf1f1f1f1, 0x1a1a1a1a, 0x71717171,
+ 0x1d1d1d1d, 0x29292929, 0xc5c5c5c5, 0x89898989,
+ 0x6f6f6f6f, 0xb7b7b7b7, 0x62626262, 0xe0e0e0e,
+ 0xaaaaaaaa, 0x18181818, 0xbebebebe, 0x1b1b1b1b,
+ 0xfcfcfcfc, 0x56565656, 0x3e3e3e3e, 0x4b4b4b4b,
+ 0xc6c6c6c6, 0xd2d2d2d2, 0x79797979, 0x20202020,
+ 0x9a9a9a9a, 0xdbdbdbdb, 0xc0c0c0c0, 0xfefefefe,
+ 0x78787878, 0xcdcdcdcd, 0x5a5a5a5a, 0xf4f4f4f4,
+ 0x1f1f1f1f, 0xdddddddd, 0xa8a8a8a8, 0x33333333,
+ 0x88888888, 0x7070707, 0xc7c7c7c7, 0x31313131,
+ 0xb1b1b1b1, 0x12121212, 0x10101010, 0x59595959,
+ 0x27272727, 0x80808080, 0xecececec, 0x5f5f5f5f,
+ 0x60606060, 0x51515151, 0x7f7f7f7f, 0xa9a9a9a9,
+ 0x19191919, 0xb5b5b5b5, 0x4a4a4a4a, 0xd0d0d0d,
+ 0x2d2d2d2d, 0xe5e5e5e5, 0x7a7a7a7a, 0x9f9f9f9f,
+ 0x93939393, 0xc9c9c9c9, 0x9c9c9c9c, 0xefefefef,
+ 0xa0a0a0a0, 0xe0e0e0e0, 0x3b3b3b3b, 0x4d4d4d4d,
+ 0xaeaeaeae, 0x2a2a2a2a, 0xf5f5f5f5, 0xb0b0b0b0,
+ 0xc8c8c8c8, 0xebebebeb, 0xbbbbbbbb, 0x3c3c3c3c,
+ 0x83838383, 0x53535353, 0x99999999, 0x61616161,
+ 0x17171717, 0x2b2b2b2b, 0x4040404, 0x7e7e7e7e,
+ 0xbabababa, 0x77777777, 0xd6d6d6d6, 0x26262626,
+ 0xe1e1e1e1, 0x69696969, 0x14141414, 0x63636363,
+ 0x55555555, 0x21212121, 0xc0c0c0c, 0x7d7d7d7d
+};
+#endif /* CPU_RISC */
+
+
+/* aes internals */
+
+extern debug_module_t mod_aes_icm;
+
+void
+aes_expand_encryption_key(const v128_t *key,
+ aes_expanded_key_t expanded_key) {
+ int i;
+ gf2_8 rc;
+
+ /* initialize round constant */
+ rc = 1;
+
+ expanded_key[0].v32[0] = key->v32[0];
+ expanded_key[0].v32[1] = key->v32[1];
+ expanded_key[0].v32[2] = key->v32[2];
+ expanded_key[0].v32[3] = key->v32[3];
+
+#if 0
+ debug_print(mod_aes_icm,
+ "expanded key[0]: %s", v128_hex_string(&expanded_key[0]));
+#endif
+
+ /* loop over round keys */
+ for (i=1; i < 11; i++) {
+
+ /* munge first word of round key */
+ expanded_key[i].v8[0] = aes_sbox[expanded_key[i-1].v8[13]] ^ rc;
+ expanded_key[i].v8[1] = aes_sbox[expanded_key[i-1].v8[14]];
+ expanded_key[i].v8[2] = aes_sbox[expanded_key[i-1].v8[15]];
+ expanded_key[i].v8[3] = aes_sbox[expanded_key[i-1].v8[12]];
+
+ expanded_key[i].v32[0] ^= expanded_key[i-1].v32[0];
+
+ /* set remaining 32 bit words to the exor of the one previous with
+ * the one four words previous */
+
+ expanded_key[i].v32[1] =
+ expanded_key[i].v32[0] ^ expanded_key[i-1].v32[1];
+
+ expanded_key[i].v32[2] =
+ expanded_key[i].v32[1] ^ expanded_key[i-1].v32[2];
+
+ expanded_key[i].v32[3] =
+ expanded_key[i].v32[2] ^ expanded_key[i-1].v32[3];
+
+#if 0
+ debug_print2(mod_aes_icm,
+ "expanded key[%d]: %s", i,v128_hex_string(&expanded_key[i]));
+#endif
+
+ /* modify round constant */
+ rc = gf2_8_shift(rc);
+
+ }
+}
+
+void
+aes_expand_decryption_key(const v128_t *key,
+ aes_expanded_key_t expanded_key) {
+ int i;
+
+ aes_expand_encryption_key(key, expanded_key);
+
+ /* invert the order of the round keys */
+ for (i=0; i < 5; i++) {
+ v128_t tmp;
+ v128_copy(&tmp, &expanded_key[10-i]);
+ v128_copy(&expanded_key[10-i], &expanded_key[i]);
+ v128_copy(&expanded_key[i], &tmp);
+ }
+
+ /*
+ * apply the inverse mixColumn transform to the round keys (except
+ * for the first and the last)
+ *
+ * mixColumn is implemented by using the tables U0, U1, U2, U3,
+ * followed by the T4 table (which cancels out the use of the sbox
+ * in the U-tables)
+ */
+ for (i=1; i < 10; i++) {
+#ifdef CPU_RISC
+ uint32_t tmp;
+
+ tmp = expanded_key[i].v32[0];
+ expanded_key[i].v32[0] =
+ U0[T4[(tmp >> 24) ] & 0xff] ^
+ U1[T4[(tmp >> 16) & 0xff] & 0xff] ^
+ U2[T4[(tmp >> 8) & 0xff] & 0xff] ^
+ U3[T4[(tmp) & 0xff] & 0xff];
+
+ tmp = expanded_key[i].v32[1];
+ expanded_key[i].v32[1] =
+ U0[T4[(tmp >> 24) ] & 0xff] ^
+ U1[T4[(tmp >> 16) & 0xff] & 0xff] ^
+ U2[T4[(tmp >> 8) & 0xff] & 0xff] ^
+ U3[T4[(tmp) & 0xff] & 0xff];
+
+ tmp = expanded_key[i].v32[2];
+ expanded_key[i].v32[2] =
+ U0[T4[(tmp >> 24) ] & 0xff] ^
+ U1[T4[(tmp >> 16) & 0xff] & 0xff] ^
+ U2[T4[(tmp >> 8) & 0xff] & 0xff] ^
+ U3[T4[(tmp) & 0xff] & 0xff];
+
+ tmp = expanded_key[i].v32[3];
+ expanded_key[i].v32[3] =
+ U0[T4[(tmp >> 24) ] & 0xff] ^
+ U1[T4[(tmp >> 16) & 0xff] & 0xff] ^
+ U2[T4[(tmp >> 8) & 0xff] & 0xff] ^
+ U3[T4[(tmp) & 0xff] & 0xff];
+#else /* assume CPU_CISC */
+
+ uint32_t c0, c1, c2, c3;
+
+ c0 = U0[aes_sbox[expanded_key[i].v8[0]]]
+ ^ U1[aes_sbox[expanded_key[i].v8[1]]]
+ ^ U2[aes_sbox[expanded_key[i].v8[2]]]
+ ^ U3[aes_sbox[expanded_key[i].v8[3]]];
+
+ c1 = U0[aes_sbox[expanded_key[i].v8[4]]]
+ ^ U1[aes_sbox[expanded_key[i].v8[5]]]
+ ^ U2[aes_sbox[expanded_key[i].v8[6]]]
+ ^ U3[aes_sbox[expanded_key[i].v8[7]]];
+
+ c2 = U0[aes_sbox[expanded_key[i].v8[8]]]
+ ^ U1[aes_sbox[expanded_key[i].v8[9]]]
+ ^ U2[aes_sbox[expanded_key[i].v8[10]]]
+ ^ U3[aes_sbox[expanded_key[i].v8[11]]];
+
+ c3 = U0[aes_sbox[expanded_key[i].v8[12]]]
+ ^ U1[aes_sbox[expanded_key[i].v8[13]]]
+ ^ U2[aes_sbox[expanded_key[i].v8[14]]]
+ ^ U3[aes_sbox[expanded_key[i].v8[15]]];
+
+ expanded_key[i].v32[0] = c0;
+ expanded_key[i].v32[1] = c1;
+ expanded_key[i].v32[2] = c2;
+ expanded_key[i].v32[3] = c3;
+
+#endif
+ }
+}
+
+#ifdef CPU_CISC
+
+
+static inline void
+aes_round(v128_t *state, const v128_t *round_key) {
+ uint32_t column0, column1, column2, column3;
+
+ /* compute the columns of the output square in terms of the octets
+ of state, using the tables T0, T1, T2, T3 */
+
+ column0 = T0[state->v8[0]] ^ T1[state->v8[5]]
+ ^ T2[state->v8[10]] ^ T3[state->v8[15]];
+
+ column1 = T0[state->v8[4]] ^ T1[state->v8[9]]
+ ^ T2[state->v8[14]] ^ T3[state->v8[3]];
+
+ column2 = T0[state->v8[8]] ^ T1[state->v8[13]]
+ ^ T2[state->v8[2]] ^ T3[state->v8[7]];
+
+ column3 = T0[state->v8[12]] ^ T1[state->v8[1]]
+ ^ T2[state->v8[6]] ^ T3[state->v8[11]];
+
+ state->v32[0] = column0 ^ round_key->v32[0];
+ state->v32[1] = column1 ^ round_key->v32[1];
+ state->v32[2] = column2 ^ round_key->v32[2];
+ state->v32[3] = column3 ^ round_key->v32[3];
+
+}
+
+
+static inline void
+aes_inv_round(v128_t *state, const v128_t *round_key) {
+ uint32_t column0, column1, column2, column3;
+
+ /* compute the columns of the output square in terms of the octets
+ of state, using the tables U0, U1, U2, U3 */
+
+ column0 = U0[state->v8[0]] ^ U1[state->v8[13]]
+ ^ U2[state->v8[10]] ^ U3[state->v8[7]];
+
+ column1 = U0[state->v8[4]] ^ U1[state->v8[1]]
+ ^ U2[state->v8[14]] ^ U3[state->v8[11]];
+
+ column2 = U0[state->v8[8]] ^ U1[state->v8[5]]
+ ^ U2[state->v8[2]] ^ U3[state->v8[15]];
+
+ column3 = U0[state->v8[12]] ^ U1[state->v8[9]]
+ ^ U2[state->v8[6]] ^ U3[state->v8[3]];
+
+ state->v32[0] = column0 ^ round_key->v32[0];
+ state->v32[1] = column1 ^ round_key->v32[1];
+ state->v32[2] = column2 ^ round_key->v32[2];
+ state->v32[3] = column3 ^ round_key->v32[3];
+
+}
+
+static inline void
+aes_final_round(v128_t *state, const v128_t *round_key) {
+ uint8_t tmp;
+
+ /* byte substitutions and row shifts */
+ /* first row - no shift */
+ state->v8[0] = aes_sbox[state->v8[0]];
+ state->v8[4] = aes_sbox[state->v8[4]];
+ state->v8[8] = aes_sbox[state->v8[8]];
+ state->v8[12] = aes_sbox[state->v8[12]];
+
+ /* second row - shift one left */
+ tmp = aes_sbox[state->v8[1]];
+ state->v8[1] = aes_sbox[state->v8[5]];
+ state->v8[5] = aes_sbox[state->v8[9]];
+ state->v8[9] = aes_sbox[state->v8[13]];
+ state->v8[13] = tmp;
+
+ /* third row - shift two left */
+ tmp = aes_sbox[state->v8[10]];
+ state->v8[10] = aes_sbox[state->v8[2]];
+ state->v8[2] = tmp;
+ tmp = aes_sbox[state->v8[14]];
+ state->v8[14] = aes_sbox[state->v8[6]];
+ state->v8[6] = tmp;
+
+ /* fourth row - shift three left */
+ tmp = aes_sbox[state->v8[15]];
+ state->v8[15] = aes_sbox[state->v8[11]];
+ state->v8[11] = aes_sbox[state->v8[7]];
+ state->v8[7] = aes_sbox[state->v8[3]];
+ state->v8[3] = tmp;
+
+ v128_xor_eq(state, round_key);
+}
+
+static inline void
+aes_inv_final_round(v128_t *state, const v128_t *round_key) {
+ uint8_t tmp;
+
+ /* byte substitutions and row shifts */
+ /* first row - no shift */
+ state->v8[0] = aes_inv_sbox[state->v8[0]];
+ state->v8[4] = aes_inv_sbox[state->v8[4]];
+ state->v8[8] = aes_inv_sbox[state->v8[8]];
+ state->v8[12] = aes_inv_sbox[state->v8[12]];
+
+ /* second row - shift one right */
+ tmp = aes_inv_sbox[state->v8[13]];
+ state->v8[13] = aes_inv_sbox[state->v8[9]];
+ state->v8[9] = aes_inv_sbox[state->v8[5]];
+ state->v8[5] = aes_inv_sbox[state->v8[1]];
+ state->v8[1] = tmp;
+
+ /* third row - shift two right */
+ tmp = aes_inv_sbox[state->v8[2]];
+ state->v8[2] = aes_inv_sbox[state->v8[10]];
+ state->v8[10] = tmp;
+ tmp = aes_inv_sbox[state->v8[6]];
+ state->v8[6] = aes_inv_sbox[state->v8[14]];
+ state->v8[14] = tmp;
+
+ /* fourth row - shift three right */
+ tmp = aes_inv_sbox[state->v8[3]];
+ state->v8[3] = aes_inv_sbox[state->v8[7]];
+ state->v8[7] = aes_inv_sbox[state->v8[11]];
+ state->v8[11] = aes_inv_sbox[state->v8[15]];
+ state->v8[15] = tmp;
+
+ v128_xor_eq(state, round_key);
+}
+
+
+#elif CPU_RISC
+
+static inline void
+aes_round(v128_t *state, const v128_t *round_key) {
+ uint32_t column0, column1, column2, column3;
+
+ /* compute the columns of the output square in terms of the octets
+ of state, using the tables T0, T1, T2, T3 */
+#ifdef WORDS_BIGENDIAN
+ column0 = T0[state->v32[0] >> 24] ^ T1[(state->v32[1] >> 16) & 0xff]
+ ^ T2[(state->v32[2] >> 8) & 0xff] ^ T3[state->v32[3] & 0xff];
+
+ column1 = T0[state->v32[1] >> 24] ^ T1[(state->v32[2] >> 16) & 0xff]
+ ^ T2[(state->v32[3] >> 8) & 0xff] ^ T3[state->v32[0] & 0xff];
+
+ column2 = T0[state->v32[2] >> 24] ^ T1[(state->v32[3] >> 16) & 0xff]
+ ^ T2[(state->v32[0] >> 8) & 0xff] ^ T3[state->v32[1] & 0xff];
+
+ column3 = T0[state->v32[3] >> 24] ^ T1[(state->v32[0] >> 16) & 0xff]
+ ^ T2[(state->v32[1] >> 8) & 0xff] ^ T3[state->v32[2] & 0xff];
+#else
+ column0 = T0[state->v32[0] & 0xff] ^ T1[(state->v32[1] >> 8) & 0xff]
+ ^ T2[(state->v32[2] >> 16) & 0xff] ^ T3[state->v32[3] >> 24];
+
+ column1 = T0[state->v32[1] & 0xff] ^ T1[(state->v32[2] >> 8) & 0xff]
+ ^ T2[(state->v32[3] >> 16) & 0xff] ^ T3[state->v32[0] >> 24];
+
+ column2 = T0[state->v32[2] & 0xff] ^ T1[(state->v32[3] >> 8) & 0xff]
+ ^ T2[(state->v32[0] >> 16) & 0xff] ^ T3[state->v32[1] >> 24];
+
+ column3 = T0[state->v32[3] & 0xff] ^ T1[(state->v32[0] >> 8) & 0xff]
+ ^ T2[(state->v32[1] >> 16) & 0xff] ^ T3[state->v32[2] >> 24];
+#endif /* WORDS_BIGENDIAN */
+
+ state->v32[0] = column0 ^ round_key->v32[0];
+ state->v32[1] = column1 ^ round_key->v32[1];
+ state->v32[2] = column2 ^ round_key->v32[2];
+ state->v32[3] = column3 ^ round_key->v32[3];
+
+}
+
+static inline void
+aes_inv_round(v128_t *state, const v128_t *round_key) {
+ uint32_t column0, column1, column2, column3;
+
+ /* compute the columns of the output square in terms of the octets
+ of state, using the tables U0, U1, U2, U3 */
+
+#ifdef WORDS_BIGENDIAN
+ /* FIX! WRong indexes */
+ column0 = U0[state->v32[0] >> 24] ^ U1[(state->v32[3] >> 16) & 0xff]
+ ^ U2[(state->v32[2] >> 8) & 0xff] ^ U3[state->v32[1] & 0xff];
+
+ column1 = U0[state->v32[1] >> 24] ^ U1[(state->v32[0] >> 16) & 0xff]
+ ^ U2[(state->v32[3] >> 8) & 0xff] ^ U3[state->v32[2] & 0xff];
+
+ column2 = U0[state->v32[2] >> 24] ^ U1[(state->v32[1] >> 16) & 0xff]
+ ^ U2[(state->v32[0] >> 8) & 0xff] ^ U3[state->v32[3] & 0xff];
+
+ column3 = U0[state->v32[3] >> 24] ^ U1[(state->v32[2] >> 16) & 0xff]
+ ^ U2[(state->v32[1] >> 8) & 0xff] ^ U3[state->v32[0] & 0xff];
+#else
+ column0 = U0[state->v32[0] & 0xff] ^ U1[(state->v32[1] >> 8) & 0xff]
+ ^ U2[(state->v32[2] >> 16) & 0xff] ^ U3[state->v32[3] >> 24];
+
+ column1 = U0[state->v32[1] & 0xff] ^ U1[(state->v32[2] >> 8) & 0xff]
+ ^ U2[(state->v32[3] >> 16) & 0xff] ^ U3[state->v32[0] >> 24];
+
+ column2 = U0[state->v32[2] & 0xff] ^ U1[(state->v32[3] >> 8) & 0xff]
+ ^ U2[(state->v32[0] >> 16) & 0xff] ^ U3[state->v32[1] >> 24];
+
+ column3 = U0[state->v32[3] & 0xff] ^ U1[(state->v32[0] >> 8) & 0xff]
+ ^ U2[(state->v32[1] >> 16) & 0xff] ^ U3[state->v32[2] >> 24];
+#endif /* WORDS_BIGENDIAN */
+
+ state->v32[0] = column0 ^ round_key->v32[0];
+ state->v32[1] = column1 ^ round_key->v32[1];
+ state->v32[2] = column2 ^ round_key->v32[2];
+ state->v32[3] = column3 ^ round_key->v32[3];
+
+}
+
+static inline void
+aes_final_round(v128_t *state, const v128_t *round_key) {
+ uint32_t tmp0, tmp1, tmp2, tmp3;
+
+ tmp0 = (T4[(state->v32[0] >> 24)] & 0xff000000)
+ ^ (T4[(state->v32[1] >> 16) & 0xff] & 0x00ff0000)
+ ^ (T4[(state->v32[2] >> 8) & 0xff] & 0x0000ff00)
+ ^ (T4[(state->v32[3] ) & 0xff] & 0x000000ff)
+ ^ round_key->v32[0];
+
+ tmp1 = (T4[(state->v32[1] >> 24)] & 0xff000000)
+ ^ (T4[(state->v32[2] >> 16) & 0xff] & 0x00ff0000)
+ ^ (T4[(state->v32[3] >> 8) & 0xff] & 0x0000ff00)
+ ^ (T4[(state->v32[0] ) & 0xff] & 0x000000ff)
+ ^ round_key->v32[1];
+
+ tmp2 = (T4[(state->v32[2] >> 24)] & 0xff000000)
+ ^ (T4[(state->v32[3] >> 16) & 0xff] & 0x00ff0000)
+ ^ (T4[(state->v32[0] >> 8) & 0xff] & 0x0000ff00)
+ ^ (T4[(state->v32[1] ) & 0xff] & 0x000000ff)
+ ^ round_key->v32[2];
+
+ tmp3 = (T4[(state->v32[3] >> 24)] & 0xff000000)
+ ^ (T4[(state->v32[0] >> 16) & 0xff] & 0x00ff0000)
+ ^ (T4[(state->v32[1] >> 8) & 0xff] & 0x0000ff00)
+ ^ (T4[(state->v32[2] ) & 0xff] & 0x000000ff)
+ ^ round_key->v32[3];
+
+ state->v32[0] = tmp0;
+ state->v32[1] = tmp1;
+ state->v32[2] = tmp2;
+ state->v32[3] = tmp3;
+
+}
+
+static inline void
+aes_inv_final_round(v128_t *state, const v128_t *round_key) {
+ uint32_t tmp0, tmp1, tmp2, tmp3;
+
+ tmp0 = (U4[(state->v32[0] >> 24)] & 0xff000000)
+ ^ (U4[(state->v32[3] >> 16) & 0xff] & 0x00ff0000)
+ ^ (U4[(state->v32[2] >> 8) & 0xff] & 0x0000ff00)
+ ^ (U4[(state->v32[1] ) & 0xff] & 0x000000ff)
+ ^ round_key->v32[0];
+
+ tmp1 = (U4[(state->v32[1] >> 24)] & 0xff000000)
+ ^ (U4[(state->v32[0] >> 16) & 0xff] & 0x00ff0000)
+ ^ (U4[(state->v32[3] >> 8) & 0xff] & 0x0000ff00)
+ ^ (U4[(state->v32[2] ) & 0xff] & 0x000000ff)
+ ^ round_key->v32[1];
+
+ tmp2 = (U4[(state->v32[2] >> 24)] & 0xff000000)
+ ^ (U4[(state->v32[1] >> 16) & 0xff] & 0x00ff0000)
+ ^ (U4[(state->v32[0] >> 8) & 0xff] & 0x0000ff00)
+ ^ (U4[(state->v32[3] ) & 0xff] & 0x000000ff)
+ ^ round_key->v32[2];
+
+ tmp3 = (U4[(state->v32[3] >> 24)] & 0xff000000)
+ ^ (U4[(state->v32[2] >> 16) & 0xff] & 0x00ff0000)
+ ^ (U4[(state->v32[1] >> 8) & 0xff] & 0x0000ff00)
+ ^ (U4[(state->v32[0] ) & 0xff] & 0x000000ff)
+ ^ round_key->v32[3];
+
+ state->v32[0] = tmp0;
+ state->v32[1] = tmp1;
+ state->v32[2] = tmp2;
+ state->v32[3] = tmp3;
+
+}
+
+#elif CPU_16 /* assume 16-bit word size on processor */
+
+static inline void
+aes_round(v128_t *state, const v128_t *round_key) {
+ uint32_t column0, column1, column2, column3;
+ uint16_t c
+ /* compute the columns of the output square in terms of the octets
+ of state, using the tables T0, T1, T2, T3 */
+
+ column0 = T0[state->v8[0]] ^ T1[state->v8[5]]
+ ^ T2[state->v8[10]] ^ T3[state->v8[15]];
+
+ column1 = T0[state->v8[4]] ^ T1[state->v8[9]]
+ ^ T2[state->v8[14]] ^ T3[state->v8[3]];
+
+ column2 = T0[state->v8[8]] ^ T1[state->v8[13]]
+ ^ T2[state->v8[2]] ^ T3[state->v8[7]];
+
+ column3 = T0[state->v8[12]] ^ T1[state->v8[1]]
+ ^ T2[state->v8[6]] ^ T3[state->v8[11]];
+
+ state->v32[0] = column0 ^ round_key->v32[0];
+ state->v32[1] = column1 ^ round_key->v32[1];
+ state->v32[2] = column2 ^ round_key->v32[2];
+ state->v32[3] = column3 ^ round_key->v32[3];
+
+}
+
+
+static inline void
+aes_inv_round(v128_t *state, const v128_t *round_key) {
+ uint32_t column0, column1, column2, column3;
+
+ /* compute the columns of the output square in terms of the octets
+ of state, using the tables U0, U1, U2, U3 */
+
+ column0 = U0[state->v8[0]] ^ U1[state->v8[5]]
+ ^ U2[state->v8[10]] ^ U3[state->v8[15]];
+
+ column1 = U0[state->v8[4]] ^ U1[state->v8[9]]
+ ^ U2[state->v8[14]] ^ U3[state->v8[3]];
+
+ column2 = U0[state->v8[8]] ^ U1[state->v8[13]]
+ ^ U2[state->v8[2]] ^ U3[state->v8[7]];
+
+ column3 = U0[state->v8[12]] ^ U1[state->v8[1]]
+ ^ U2[state->v8[6]] ^ U3[state->v8[11]];
+
+ state->v32[0] = column0 ^ round_key->v32[0];
+ state->v32[1] = column1 ^ round_key->v32[1];
+ state->v32[2] = column2 ^ round_key->v32[2];
+ state->v32[3] = column3 ^ round_key->v32[3];
+
+}
+
+static inline void
+aes_final_round(v128_t *state, const v128_t *round_key) {
+ uint8_t tmp;
+
+ /* byte substitutions and row shifts */
+ /* first row - no shift */
+ state->v8[0] = aes_sbox[state->v8[0]];
+ state->v8[4] = aes_sbox[state->v8[4]];
+ state->v8[8] = aes_sbox[state->v8[8]];
+ state->v8[12] = aes_sbox[state->v8[12]];
+
+ /* second row - shift one left */
+ tmp = aes_sbox[state->v8[1]];
+ state->v8[1] = aes_sbox[state->v8[5]];
+ state->v8[5] = aes_sbox[state->v8[9]];
+ state->v8[9] = aes_sbox[state->v8[13]];
+ state->v8[13] = tmp;
+
+ /* third row - shift two left */
+ tmp = aes_sbox[state->v8[10]];
+ state->v8[10] = aes_sbox[state->v8[2]];
+ state->v8[2] = tmp;
+ tmp = aes_sbox[state->v8[14]];
+ state->v8[14] = aes_sbox[state->v8[6]];
+ state->v8[6] = tmp;
+
+ /* fourth row - shift three left */
+ tmp = aes_sbox[state->v8[15]];
+ state->v8[15] = aes_sbox[state->v8[11]];
+ state->v8[11] = aes_sbox[state->v8[7]];
+ state->v8[7] = aes_sbox[state->v8[3]];
+ state->v8[3] = tmp;
+
+ v128_xor_eq(state, round_key);
+}
+
+static inline void
+aes_inv_final_round(v128_t *state, const v128_t *round_key) {
+ uint8_t tmp;
+
+ /* byte substitutions and row shifts */
+ /* first row - no shift */
+ state->v8[0] = aes_inv_sbox[state->v8[0]];
+ state->v8[4] = aes_inv_sbox[state->v8[4]];
+ state->v8[8] = aes_inv_sbox[state->v8[8]];
+ state->v8[12] = aes_inv_sbox[state->v8[12]];
+
+ /* second row - shift one left */
+ tmp = aes_inv_sbox[state->v8[1]];
+ state->v8[1] = aes_inv_sbox[state->v8[5]];
+ state->v8[5] = aes_inv_sbox[state->v8[9]];
+ state->v8[9] = aes_inv_sbox[state->v8[13]];
+ state->v8[13] = tmp;
+
+ /* third row - shift two left */
+ tmp = aes_inv_sbox[state->v8[10]];
+ state->v8[10] = aes_inv_sbox[state->v8[2]];
+ state->v8[2] = tmp;
+ tmp = aes_inv_sbox[state->v8[14]];
+ state->v8[14] = aes_inv_sbox[state->v8[6]];
+ state->v8[6] = tmp;
+
+ /* fourth row - shift three left */
+ tmp = aes_inv_sbox[state->v8[15]];
+ state->v8[15] = aes_inv_sbox[state->v8[11]];
+ state->v8[11] = aes_inv_sbox[state->v8[7]];
+ state->v8[7] = aes_inv_sbox[state->v8[3]];
+ state->v8[3] = tmp;
+
+ v128_xor_eq(state, round_key);
+}
+
+#endif /* CPU type */
+
+
+void
+aes_encrypt(v128_t *plaintext, const aes_expanded_key_t exp_key) {
+
+ /* add in the subkey */
+ v128_xor_eq(plaintext, exp_key + 0);
+
+ /* now do nine rounds */
+ aes_round(plaintext, exp_key + 1);
+ aes_round(plaintext, exp_key + 2);
+ aes_round(plaintext, exp_key + 3);
+ aes_round(plaintext, exp_key + 4);
+ aes_round(plaintext, exp_key + 5);
+ aes_round(plaintext, exp_key + 6);
+ aes_round(plaintext, exp_key + 7);
+ aes_round(plaintext, exp_key + 8);
+ aes_round(plaintext, exp_key + 9);
+ /* the last round is different */
+
+ aes_final_round(plaintext, exp_key + 10);
+}
+
+void
+aes_decrypt(v128_t *plaintext, const aes_expanded_key_t exp_key) {
+
+ /* add in the subkey */
+ v128_xor_eq(plaintext, exp_key + 0);
+
+ /* now do nine rounds */
+ aes_inv_round(plaintext, exp_key + 1);
+ aes_inv_round(plaintext, exp_key + 2);
+ aes_inv_round(plaintext, exp_key + 3);
+ aes_inv_round(plaintext, exp_key + 4);
+ aes_inv_round(plaintext, exp_key + 5);
+ aes_inv_round(plaintext, exp_key + 6);
+ aes_inv_round(plaintext, exp_key + 7);
+ aes_inv_round(plaintext, exp_key + 8);
+ aes_inv_round(plaintext, exp_key + 9);
+ /* the last round is different */
+ aes_inv_final_round(plaintext, exp_key + 10);
+}
diff --git a/srtp/crypto/cipher/aes_cbc.c b/srtp/crypto/cipher/aes_cbc.c
new file mode 100644
index 0000000..8fc6a32
--- /dev/null
+++ b/srtp/crypto/cipher/aes_cbc.c
@@ -0,0 +1,444 @@
+/*
+ * aes_cbc.c
+ *
+ * AES Cipher Block Chaining Mode
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "aes_cbc.h"
+#include "alloc.h"
+
+debug_module_t mod_aes_cbc = {
+ 0, /* debugging is off by default */
+ "aes cbc" /* printable module name */
+};
+
+
+
+err_status_t
+aes_cbc_alloc(cipher_t **c, int key_len) {
+ extern cipher_type_t aes_cbc;
+ uint8_t *pointer;
+ int tmp;
+
+ debug_print(mod_aes_cbc,
+ "allocating cipher with key length %d", key_len);
+
+ if (key_len != 16)
+ return err_status_bad_param;
+
+ /* allocate memory a cipher of type aes_icm */
+ tmp = (sizeof(aes_cbc_ctx_t) + sizeof(cipher_t));
+ pointer = (uint8_t*)crypto_alloc(tmp);
+ if (pointer == NULL)
+ return err_status_alloc_fail;
+
+ /* set pointers */
+ *c = (cipher_t *)pointer;
+ (*c)->type = &aes_cbc;
+ (*c)->state = pointer + sizeof(cipher_t);
+
+ /* increment ref_count */
+ aes_cbc.ref_count++;
+
+ /* set key size */
+ (*c)->key_len = key_len;
+
+ return err_status_ok;
+}
+
+err_status_t
+aes_cbc_dealloc(cipher_t *c) {
+ extern cipher_type_t aes_cbc;
+
+ /* zeroize entire state*/
+ octet_string_set_to_zero((uint8_t *)c,
+ sizeof(aes_cbc_ctx_t) + sizeof(cipher_t));
+
+ /* free memory */
+ crypto_free(c);
+
+ /* decrement ref_count */
+ aes_cbc.ref_count--;
+
+ return err_status_ok;
+}
+
+err_status_t
+aes_cbc_context_init(aes_cbc_ctx_t *c, const uint8_t *key,
+ cipher_direction_t dir) {
+ v128_t tmp_key;
+
+ /* set tmp_key (for alignment) */
+ v128_copy_octet_string(&tmp_key, key);
+
+ debug_print(mod_aes_cbc,
+ "key: %s", v128_hex_string(&tmp_key));
+
+ /* expand key for the appropriate direction */
+ switch (dir) {
+ case (direction_encrypt):
+ aes_expand_encryption_key(&tmp_key, c->expanded_key);
+ break;
+ case (direction_decrypt):
+ aes_expand_decryption_key(&tmp_key, c->expanded_key);
+ break;
+ default:
+ return err_status_bad_param;
+ }
+
+
+ return err_status_ok;
+}
+
+
+err_status_t
+aes_cbc_set_iv(aes_cbc_ctx_t *c, void *iv) {
+ int i;
+/* v128_t *input = iv; */
+ uint8_t *input = (uint8_t*) iv;
+
+ /* set state and 'previous' block to iv */
+ for (i=0; i < 16; i++)
+ c->previous.v8[i] = c->state.v8[i] = input[i];
+
+ debug_print(mod_aes_cbc, "setting iv: %s", v128_hex_string(&c->state));
+
+ return err_status_ok;
+}
+
+err_status_t
+aes_cbc_encrypt(aes_cbc_ctx_t *c,
+ unsigned char *data,
+ unsigned int *bytes_in_data) {
+ int i;
+ unsigned char *input = data; /* pointer to data being read */
+ unsigned char *output = data; /* pointer to data being written */
+ int bytes_to_encr = *bytes_in_data;
+
+ /*
+ * verify that we're 16-octet aligned
+ */
+ if (*bytes_in_data & 0xf)
+ return err_status_bad_param;
+
+ /*
+ * note that we assume that the initialization vector has already
+ * been set, e.g. by calling aes_cbc_set_iv()
+ */
+ debug_print(mod_aes_cbc, "iv: %s",
+ v128_hex_string(&c->state));
+
+ /*
+ * loop over plaintext blocks, exoring state into plaintext then
+ * encrypting and writing to output
+ */
+ while (bytes_to_encr > 0) {
+
+ /* exor plaintext into state */
+ for (i=0; i < 16; i++)
+ c->state.v8[i] ^= *input++;
+
+ debug_print(mod_aes_cbc, "inblock: %s",
+ v128_hex_string(&c->state));
+
+ aes_encrypt(&c->state, c->expanded_key);
+
+ debug_print(mod_aes_cbc, "outblock: %s",
+ v128_hex_string(&c->state));
+
+ /* copy ciphertext to output */
+ for (i=0; i < 16; i++)
+ *output++ = c->state.v8[i];
+
+ bytes_to_encr -= 16;
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+aes_cbc_decrypt(aes_cbc_ctx_t *c,
+ unsigned char *data,
+ unsigned int *bytes_in_data) {
+ int i;
+ v128_t state, previous;
+ unsigned char *input = data; /* pointer to data being read */
+ unsigned char *output = data; /* pointer to data being written */
+ int bytes_to_encr = *bytes_in_data;
+ uint8_t tmp;
+
+ /*
+ * verify that we're 16-octet aligned
+ */
+ if (*bytes_in_data & 0x0f)
+ return err_status_bad_param;
+
+ /* set 'previous' block to iv*/
+ for (i=0; i < 16; i++) {
+ previous.v8[i] = c->previous.v8[i];
+ }
+
+ debug_print(mod_aes_cbc, "iv: %s",
+ v128_hex_string(&previous));
+
+ /*
+ * loop over ciphertext blocks, decrypting then exoring with state
+ * then writing plaintext to output
+ */
+ while (bytes_to_encr > 0) {
+
+ /* set state to ciphertext input block */
+ for (i=0; i < 16; i++) {
+ state.v8[i] = *input++;
+ }
+
+ debug_print(mod_aes_cbc, "inblock: %s",
+ v128_hex_string(&state));
+
+ /* decrypt state */
+ aes_decrypt(&state, c->expanded_key);
+
+ debug_print(mod_aes_cbc, "outblock: %s",
+ v128_hex_string(&state));
+
+ /*
+ * exor previous ciphertext block out of plaintext, and write new
+ * plaintext block to output, while copying old ciphertext block
+ * to the 'previous' block
+ */
+ for (i=0; i < 16; i++) {
+ tmp = *output;
+ *output++ = state.v8[i] ^ previous.v8[i];
+ previous.v8[i] = tmp;
+ }
+
+ bytes_to_encr -= 16;
+ }
+
+ return err_status_ok;
+}
+
+
+err_status_t
+aes_cbc_nist_encrypt(aes_cbc_ctx_t *c,
+ unsigned char *data,
+ unsigned int *bytes_in_data) {
+ int i;
+ unsigned char *pad_start;
+ int num_pad_bytes;
+ err_status_t status;
+
+ /*
+ * determine the number of padding bytes that we need to add -
+ * this value is always between 1 and 16, inclusive.
+ */
+ num_pad_bytes = 16 - (*bytes_in_data & 0xf);
+ pad_start = data;
+ pad_start += *bytes_in_data;
+ *pad_start++ = 0xa0;
+ for (i=0; i < num_pad_bytes; i++)
+ *pad_start++ = 0x00;
+
+ /*
+ * increment the data size
+ */
+ *bytes_in_data += num_pad_bytes;
+
+ /*
+ * now cbc encrypt the padded data
+ */
+ status = aes_cbc_encrypt(c, data, bytes_in_data);
+ if (status)
+ return status;
+
+ return err_status_ok;
+}
+
+
+err_status_t
+aes_cbc_nist_decrypt(aes_cbc_ctx_t *c,
+ unsigned char *data,
+ unsigned int *bytes_in_data) {
+ unsigned char *pad_end;
+ int num_pad_bytes;
+ err_status_t status;
+
+ /*
+ * cbc decrypt the padded data
+ */
+ status = aes_cbc_decrypt(c, data, bytes_in_data);
+ if (status)
+ return status;
+
+ /*
+ * determine the number of padding bytes in the decrypted plaintext
+ * - this value is always between 1 and 16, inclusive.
+ */
+ num_pad_bytes = 1;
+ pad_end = data + (*bytes_in_data - 1);
+ while (*pad_end != 0xa0) { /* note: should check padding correctness */
+ pad_end--;
+ num_pad_bytes++;
+ }
+
+ /* decrement data size */
+ *bytes_in_data -= num_pad_bytes;
+
+ return err_status_ok;
+}
+
+
+char
+aes_cbc_description[] = "aes cipher block chaining (cbc) mode";
+
+/*
+ * Test case 0 is derived from FIPS 197 Appendix A; it uses an
+ * all-zero IV, so that the first block encryption matches the test
+ * case in that appendix. This property provides a check of the base
+ * AES encryption and decryption algorithms; if CBC fails on some
+ * particular platform, then you should print out AES intermediate
+ * data and compare with the detailed info provided in that appendix.
+ *
+ */
+
+
+uint8_t aes_cbc_test_case_0_key[16] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+};
+
+uint8_t aes_cbc_test_case_0_plaintext[64] = {
+ 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+ 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
+};
+
+uint8_t aes_cbc_test_case_0_ciphertext[80] = {
+ 0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30,
+ 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a,
+ 0x03, 0x35, 0xed, 0x27, 0x67, 0xf2, 0x6d, 0xf1,
+ 0x64, 0x83, 0x2e, 0x23, 0x44, 0x38, 0x70, 0x8b
+
+};
+
+uint8_t aes_cbc_test_case_0_iv[16] = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+};
+
+
+cipher_test_case_t aes_cbc_test_case_0 = {
+ 16, /* octets in key */
+ aes_cbc_test_case_0_key, /* key */
+ aes_cbc_test_case_0_iv, /* initialization vector */
+ 16, /* octets in plaintext */
+ aes_cbc_test_case_0_plaintext, /* plaintext */
+ 32, /* octets in ciphertext */
+ aes_cbc_test_case_0_ciphertext, /* ciphertext */
+ NULL /* pointer to next testcase */
+};
+
+
+/*
+ * this test case is taken directly from Appendix F.2 of NIST Special
+ * Publication SP 800-38A
+ */
+
+uint8_t aes_cbc_test_case_1_key[16] = {
+ 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
+ 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
+};
+
+uint8_t aes_cbc_test_case_1_plaintext[64] = {
+ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
+ 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
+ 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
+ 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
+ 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
+ 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
+ 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
+};
+
+uint8_t aes_cbc_test_case_1_ciphertext[80] = {
+ 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46,
+ 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d,
+ 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee,
+ 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2,
+ 0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b,
+ 0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16,
+ 0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09,
+ 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7,
+ 0x39, 0x34, 0x07, 0x03, 0x36, 0xd0, 0x77, 0x99,
+ 0xe0, 0xc4, 0x2f, 0xdd, 0xa8, 0xdf, 0x4c, 0xa3
+};
+
+uint8_t aes_cbc_test_case_1_iv[16] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+};
+
+cipher_test_case_t aes_cbc_test_case_1 = {
+ 16, /* octets in key */
+ aes_cbc_test_case_1_key, /* key */
+ aes_cbc_test_case_1_iv, /* initialization vector */
+ 64, /* octets in plaintext */
+ aes_cbc_test_case_1_plaintext, /* plaintext */
+ 80, /* octets in ciphertext */
+ aes_cbc_test_case_1_ciphertext, /* ciphertext */
+ &aes_cbc_test_case_0 /* pointer to next testcase */
+};
+
+cipher_type_t aes_cbc = {
+ (cipher_alloc_func_t) aes_cbc_alloc,
+ (cipher_dealloc_func_t) aes_cbc_dealloc,
+ (cipher_init_func_t) aes_cbc_context_init,
+ (cipher_encrypt_func_t) aes_cbc_nist_encrypt,
+ (cipher_decrypt_func_t) aes_cbc_nist_decrypt,
+ (cipher_set_iv_func_t) aes_cbc_set_iv,
+ (char *) aes_cbc_description,
+ (int) 0, /* instance count */
+ (cipher_test_case_t *) &aes_cbc_test_case_0,
+ (debug_module_t *) &mod_aes_cbc
+};
+
+
diff --git a/srtp/crypto/cipher/aes_icm.c b/srtp/crypto/cipher/aes_icm.c
new file mode 100644
index 0000000..b466ca9
--- /dev/null
+++ b/srtp/crypto/cipher/aes_icm.c
@@ -0,0 +1,511 @@
+/*
+ * aes_icm.c
+ *
+ * AES Integer Counter Mode
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#define ALIGN_32 0
+
+#include "aes_icm.h"
+#include "alloc.h"
+
+
+debug_module_t mod_aes_icm = {
+ 0, /* debugging is off by default */
+ "aes icm" /* printable module name */
+};
+
+/*
+ * integer counter mode works as follows:
+ *
+ * 16 bits
+ * <----->
+ * +------+------+------+------+------+------+------+------+
+ * | nonce | pakcet index | ctr |---+
+ * +------+------+------+------+------+------+------+------+ |
+ * |
+ * +------+------+------+------+------+------+------+------+ v
+ * | salt |000000|->(+)
+ * +------+------+------+------+------+------+------+------+ |
+ * |
+ * +---------+
+ * | encrypt |
+ * +---------+
+ * |
+ * +------+------+------+------+------+------+------+------+ |
+ * | keystream block |<--+
+ * +------+------+------+------+------+------+------+------+
+ *
+ * All fields are big-endian
+ *
+ * ctr is the block counter, which increments from zero for
+ * each packet (16 bits wide)
+ *
+ * packet index is distinct for each packet (48 bits wide)
+ *
+ * nonce can be distinct across many uses of the same key, or
+ * can be a fixed value per key, or can be per-packet randomness
+ * (64 bits)
+ *
+ */
+
+err_status_t
+aes_icm_alloc_ismacryp(cipher_t **c, int key_len, int forIsmacryp) {
+ extern cipher_type_t aes_icm;
+ uint8_t *pointer;
+ int tmp;
+
+ debug_print(mod_aes_icm,
+ "allocating cipher with key length %d", key_len);
+
+ /*
+ * Ismacryp, for example, uses 16 byte key + 8 byte
+ * salt so this function is called with key_len = 24.
+ * The check for key_len = 30 does not apply. Our usage
+ * of aes functions with key_len = values other than 30
+ * has not broken anything. Don't know what would be the
+ * effect of skipping this check for srtp in general.
+ */
+ if (!forIsmacryp && key_len != 30)
+ return err_status_bad_param;
+
+ /* allocate memory a cipher of type aes_icm */
+ tmp = (sizeof(aes_icm_ctx_t) + sizeof(cipher_t));
+ pointer = (uint8_t*)crypto_alloc(tmp);
+ if (pointer == NULL)
+ return err_status_alloc_fail;
+
+ /* set pointers */
+ *c = (cipher_t *)pointer;
+ (*c)->type = &aes_icm;
+ (*c)->state = pointer + sizeof(cipher_t);
+
+ /* increment ref_count */
+ aes_icm.ref_count++;
+
+ /* set key size */
+ (*c)->key_len = key_len;
+
+ return err_status_ok;
+}
+
+err_status_t aes_icm_alloc(cipher_t **c, int key_len, int forIsmacryp) {
+ return aes_icm_alloc_ismacryp(c, key_len, 0);
+}
+
+err_status_t
+aes_icm_dealloc(cipher_t *c) {
+ extern cipher_type_t aes_icm;
+
+ /* zeroize entire state*/
+ octet_string_set_to_zero((uint8_t *)c,
+ sizeof(aes_icm_ctx_t) + sizeof(cipher_t));
+
+ /* free memory */
+ crypto_free(c);
+
+ /* decrement ref_count */
+ aes_icm.ref_count--;
+
+ return err_status_ok;
+}
+
+
+/*
+ * aes_icm_context_init(...) initializes the aes_icm_context
+ * using the value in key[].
+ *
+ * the key is the secret key
+ *
+ * the salt is unpredictable (but not necessarily secret) data which
+ * randomizes the starting point in the keystream
+ */
+
+err_status_t
+aes_icm_context_init(aes_icm_ctx_t *c, const uint8_t *key) {
+ v128_t tmp_key;
+
+ /* set counter and initial values to 'offset' value */
+ /* FIX!!! this assumes the salt is at key + 16, and thus that the */
+ /* FIX!!! cipher key length is 16! Also note this copies past the
+ end of the 'key' array by 2 bytes! */
+ v128_copy_octet_string(&c->counter, key + 16);
+ v128_copy_octet_string(&c->offset, key + 16);
+
+ /* force last two octets of the offset to zero (for srtp compatibility) */
+ c->offset.v8[14] = c->offset.v8[15] = 0;
+ c->counter.v8[14] = c->counter.v8[15] = 0;
+
+ /* set tmp_key (for alignment) */
+ v128_copy_octet_string(&tmp_key, key);
+
+ debug_print(mod_aes_icm,
+ "key: %s", v128_hex_string(&tmp_key));
+ debug_print(mod_aes_icm,
+ "offset: %s", v128_hex_string(&c->offset));
+
+ /* expand key */
+ aes_expand_encryption_key(&tmp_key, c->expanded_key);
+
+ /* indicate that the keystream_buffer is empty */
+ c->bytes_in_buffer = 0;
+
+ return err_status_ok;
+}
+
+/*
+ * aes_icm_set_octet(c, i) sets the counter of the context which it is
+ * passed so that the next octet of keystream that will be generated
+ * is the ith octet
+ */
+
+err_status_t
+aes_icm_set_octet(aes_icm_ctx_t *c,
+ uint64_t octet_num) {
+
+#ifdef NO_64BIT_MATH
+ int tail_num = low32(octet_num) & 0x0f;
+ /* 64-bit right-shift 4 */
+ uint64_t block_num = make64(high32(octet_num) >> 4,
+ ((high32(octet_num) & 0x0f)<<(32-4)) |
+ (low32(octet_num) >> 4));
+#else
+ int tail_num = octet_num % 16;
+ uint64_t block_num = octet_num / 16;
+#endif
+
+
+ /* set counter value */
+ /* FIX - There's no way this is correct */
+ c->counter.v64[0] = c->offset.v64[0];
+#ifdef NO_64BIT_MATH
+ c->counter.v64[0] = make64(high32(c->offset.v64[0]) ^ high32(block_num),
+ low32(c->offset.v64[0]) ^ low32(block_num));
+#else
+ c->counter.v64[0] = c->offset.v64[0] ^ block_num;
+#endif
+
+ debug_print(mod_aes_icm,
+ "set_octet: %s", v128_hex_string(&c->counter));
+
+ /* fill keystream buffer, if needed */
+ if (tail_num) {
+ v128_copy(&c->keystream_buffer, &c->counter);
+ aes_encrypt(&c->keystream_buffer, c->expanded_key);
+ c->bytes_in_buffer = sizeof(v128_t);
+
+ debug_print(mod_aes_icm, "counter: %s",
+ v128_hex_string(&c->counter));
+ debug_print(mod_aes_icm, "ciphertext: %s",
+ v128_hex_string(&c->keystream_buffer));
+
+ /* indicate number of bytes in keystream_buffer */
+ c->bytes_in_buffer = sizeof(v128_t) - tail_num;
+
+ } else {
+
+ /* indicate that keystream_buffer is empty */
+ c->bytes_in_buffer = 0;
+ }
+
+ return err_status_ok;
+}
+
+/*
+ * aes_icm_set_iv(c, iv) sets the counter value to the exor of iv with
+ * the offset
+ */
+
+err_status_t
+aes_icm_set_iv(aes_icm_ctx_t *c, void *iv) {
+ v128_t *nonce = (v128_t *) iv;
+
+ debug_print(mod_aes_icm,
+ "setting iv: %s", v128_hex_string(nonce));
+
+ v128_xor(&c->counter, &c->offset, nonce);
+
+ debug_print(mod_aes_icm,
+ "set_counter: %s", v128_hex_string(&c->counter));
+
+ /* indicate that the keystream_buffer is empty */
+ c->bytes_in_buffer = 0;
+
+ return err_status_ok;
+}
+
+
+
+/*
+ * aes_icm_advance(...) refills the keystream_buffer and
+ * advances the block index of the sicm_context forward by one
+ *
+ * this is an internal, hopefully inlined function
+ */
+
+inline void
+aes_icm_advance_ismacryp(aes_icm_ctx_t *c, uint8_t forIsmacryp) {
+ /* fill buffer with new keystream */
+ v128_copy(&c->keystream_buffer, &c->counter);
+ aes_encrypt(&c->keystream_buffer, c->expanded_key);
+ c->bytes_in_buffer = sizeof(v128_t);
+
+ debug_print(mod_aes_icm, "counter: %s",
+ v128_hex_string(&c->counter));
+ debug_print(mod_aes_icm, "ciphertext: %s",
+ v128_hex_string(&c->keystream_buffer));
+
+ /* clock counter forward */
+
+ if (forIsmacryp) {
+ uint32_t temp;
+ //alex's clock counter forward
+ temp = ntohl(c->counter.v32[3]);
+ c->counter.v32[3] = htonl(++temp);
+ } else {
+ if (!++(c->counter.v8[15]))
+ ++(c->counter.v8[14]);
+ }
+}
+
+inline void aes_icm_advance(aes_icm_ctx_t *c) {
+ aes_icm_advance_ismacryp(c, 0);
+}
+
+
+/*e
+ * icm_encrypt deals with the following cases:
+ *
+ * bytes_to_encr < bytes_in_buffer
+ * - add keystream into data
+ *
+ * bytes_to_encr > bytes_in_buffer
+ * - add keystream into data until keystream_buffer is depleted
+ * - loop over blocks, filling keystream_buffer and then
+ * adding keystream into data
+ * - fill buffer then add in remaining (< 16) bytes of keystream
+ */
+
+err_status_t
+aes_icm_encrypt_ismacryp(aes_icm_ctx_t *c,
+ unsigned char *buf, unsigned int *enc_len,
+ int forIsmacryp) {
+ unsigned int bytes_to_encr = *enc_len;
+ unsigned int i;
+ uint32_t *b;
+
+ /* check that there's enough segment left but not for ismacryp*/
+ if (!forIsmacryp && (bytes_to_encr + htons(c->counter.v16[7])) > 0xffff)
+ return err_status_terminus;
+
+ debug_print(mod_aes_icm, "block index: %d",
+ htons(c->counter.v16[7]));
+ if (bytes_to_encr <= (unsigned int)c->bytes_in_buffer) {
+
+ /* deal with odd case of small bytes_to_encr */
+ for (i = (sizeof(v128_t) - c->bytes_in_buffer);
+ i < (sizeof(v128_t) - c->bytes_in_buffer + bytes_to_encr); i++)
+ {
+ *buf++ ^= c->keystream_buffer.v8[i];
+ }
+
+ c->bytes_in_buffer -= bytes_to_encr;
+
+ /* return now to avoid the main loop */
+ return err_status_ok;
+
+ } else {
+
+ /* encrypt bytes until the remaining data is 16-byte aligned */
+ for (i=(sizeof(v128_t) - c->bytes_in_buffer); i < sizeof(v128_t); i++)
+ *buf++ ^= c->keystream_buffer.v8[i];
+
+ bytes_to_encr -= c->bytes_in_buffer;
+ c->bytes_in_buffer = 0;
+
+ }
+
+ /* now loop over entire 16-byte blocks of keystream */
+ for (i=0; i < (bytes_to_encr/sizeof(v128_t)); i++) {
+
+ /* fill buffer with new keystream */
+ aes_icm_advance_ismacryp(c, forIsmacryp);
+
+ /*
+ * add keystream into the data buffer (this would be a lot faster
+ * if we could assume 32-bit alignment!)
+ */
+
+#if ALIGN_32
+ b = (uint32_t *)buf;
+ *b++ ^= c->keystream_buffer.v32[0];
+ *b++ ^= c->keystream_buffer.v32[1];
+ *b++ ^= c->keystream_buffer.v32[2];
+ *b++ ^= c->keystream_buffer.v32[3];
+ buf = (uint8_t *)b;
+#else
+ if ((((unsigned long) buf) & 0x03) != 0) {
+ *buf++ ^= c->keystream_buffer.v8[0];
+ *buf++ ^= c->keystream_buffer.v8[1];
+ *buf++ ^= c->keystream_buffer.v8[2];
+ *buf++ ^= c->keystream_buffer.v8[3];
+ *buf++ ^= c->keystream_buffer.v8[4];
+ *buf++ ^= c->keystream_buffer.v8[5];
+ *buf++ ^= c->keystream_buffer.v8[6];
+ *buf++ ^= c->keystream_buffer.v8[7];
+ *buf++ ^= c->keystream_buffer.v8[8];
+ *buf++ ^= c->keystream_buffer.v8[9];
+ *buf++ ^= c->keystream_buffer.v8[10];
+ *buf++ ^= c->keystream_buffer.v8[11];
+ *buf++ ^= c->keystream_buffer.v8[12];
+ *buf++ ^= c->keystream_buffer.v8[13];
+ *buf++ ^= c->keystream_buffer.v8[14];
+ *buf++ ^= c->keystream_buffer.v8[15];
+ } else {
+ b = (uint32_t *)buf;
+ *b++ ^= c->keystream_buffer.v32[0];
+ *b++ ^= c->keystream_buffer.v32[1];
+ *b++ ^= c->keystream_buffer.v32[2];
+ *b++ ^= c->keystream_buffer.v32[3];
+ buf = (uint8_t *)b;
+ }
+#endif /* #if ALIGN_32 */
+
+ }
+
+ /* if there is a tail end of the data, process it */
+ if ((bytes_to_encr & 0xf) != 0) {
+
+ /* fill buffer with new keystream */
+ aes_icm_advance_ismacryp(c, forIsmacryp);
+
+ for (i=0; i < (bytes_to_encr & 0xf); i++)
+ *buf++ ^= c->keystream_buffer.v8[i];
+
+ /* reset the keystream buffer size to right value */
+ c->bytes_in_buffer = sizeof(v128_t) - i;
+ } else {
+
+ /* no tail, so just reset the keystream buffer size to zero */
+ c->bytes_in_buffer = 0;
+
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+aes_icm_encrypt(aes_icm_ctx_t *c, unsigned char *buf, unsigned int *enc_len) {
+ return aes_icm_encrypt_ismacryp(c, buf, enc_len, 0);
+}
+
+err_status_t
+aes_icm_output(aes_icm_ctx_t *c, uint8_t *buffer, int num_octets_to_output) {
+ unsigned int len = num_octets_to_output;
+
+ /* zeroize the buffer */
+ octet_string_set_to_zero(buffer, num_octets_to_output);
+
+ /* exor keystream into buffer */
+ return aes_icm_encrypt(c, buffer, &len);
+}
+
+
+char
+aes_icm_description[] = "aes integer counter mode";
+
+uint8_t aes_icm_test_case_0_key[30] = {
+ 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
+ 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
+ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+ 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
+};
+
+uint8_t aes_icm_test_case_0_nonce[16] = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+};
+
+uint8_t aes_icm_test_case_0_plaintext[32] = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+};
+
+uint8_t aes_icm_test_case_0_ciphertext[32] = {
+ 0xe0, 0x3e, 0xad, 0x09, 0x35, 0xc9, 0x5e, 0x80,
+ 0xe1, 0x66, 0xb1, 0x6d, 0xd9, 0x2b, 0x4e, 0xb4,
+ 0xd2, 0x35, 0x13, 0x16, 0x2b, 0x02, 0xd0, 0xf7,
+ 0x2a, 0x43, 0xa2, 0xfe, 0x4a, 0x5f, 0x97, 0xab
+};
+
+cipher_test_case_t aes_icm_test_case_0 = {
+ 30, /* octets in key */
+ aes_icm_test_case_0_key, /* key */
+ aes_icm_test_case_0_nonce, /* packet index */
+ 32, /* octets in plaintext */
+ aes_icm_test_case_0_plaintext, /* plaintext */
+ 32, /* octets in ciphertext */
+ aes_icm_test_case_0_ciphertext, /* ciphertext */
+ NULL /* pointer to next testcase */
+};
+
+
+/*
+ * note: the encrypt function is identical to the decrypt function
+ */
+
+cipher_type_t aes_icm = {
+ (cipher_alloc_func_t) aes_icm_alloc,
+ (cipher_dealloc_func_t) aes_icm_dealloc,
+ (cipher_init_func_t) aes_icm_context_init,
+ (cipher_encrypt_func_t) aes_icm_encrypt,
+ (cipher_decrypt_func_t) aes_icm_encrypt,
+ (cipher_set_iv_func_t) aes_icm_set_iv,
+ (char *) aes_icm_description,
+ (int) 0, /* instance count */
+ (cipher_test_case_t *) &aes_icm_test_case_0,
+ (debug_module_t *) &mod_aes_icm
+};
+
diff --git a/srtp/crypto/cipher/cipher.c b/srtp/crypto/cipher/cipher.c
new file mode 100644
index 0000000..573c5e2
--- /dev/null
+++ b/srtp/crypto/cipher/cipher.c
@@ -0,0 +1,407 @@
+/*
+ * cipher.c
+ *
+ * cipher meta-functions
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "cipher.h"
+#include "rand_source.h" /* used in invertibiltiy tests */
+#include "alloc.h" /* for crypto_alloc(), crypto_free() */
+
+debug_module_t mod_cipher = {
+ 0, /* debugging is off by default */
+ "cipher" /* printable module name */
+};
+
+err_status_t
+cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output) {
+
+ /* zeroize the buffer */
+ octet_string_set_to_zero(buffer, num_octets_to_output);
+
+ /* exor keystream into buffer */
+ return cipher_encrypt(c, buffer, (unsigned int *) &num_octets_to_output);
+}
+
+/* some bookkeeping functions */
+
+int
+cipher_get_key_length(const cipher_t *c) {
+ return c->key_len;
+}
+
+/*
+ * cipher_type_self_test(ct) tests a cipher of type ct against test cases
+ * provided in an array of values of key, salt, xtd_seq_num_t,
+ * plaintext, and ciphertext that is known to be good
+ */
+
+#define SELF_TEST_BUF_OCTETS 128
+#define NUM_RAND_TESTS 128
+#define MAX_KEY_LEN 64
+
+err_status_t
+cipher_type_self_test(const cipher_type_t *ct) {
+ const cipher_test_case_t *test_case = ct->test_data;
+ cipher_t *c;
+ err_status_t status;
+ uint8_t buffer[SELF_TEST_BUF_OCTETS];
+ uint8_t buffer2[SELF_TEST_BUF_OCTETS];
+ unsigned int len;
+ int i, j, case_num = 0;
+
+ debug_print(mod_cipher, "running self-test for cipher %s",
+ ct->description);
+
+ /*
+ * check to make sure that we have at least one test case, and
+ * return an error if we don't - we need to be paranoid here
+ */
+ if (test_case == NULL)
+ return err_status_cant_check;
+
+ /*
+ * loop over all test cases, perform known-answer tests of both the
+ * encryption and decryption functions
+ */
+ while (test_case != NULL) {
+
+ /* allocate cipher */
+ status = cipher_type_alloc(ct, &c, test_case->key_length_octets);
+ if (status)
+ return status;
+
+ /*
+ * test the encrypt function
+ */
+ debug_print(mod_cipher, "testing encryption", NULL);
+
+ /* initialize cipher */
+ status = cipher_init(c, test_case->key, direction_encrypt);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ /* copy plaintext into test buffer */
+ if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
+ cipher_dealloc(c);
+ return err_status_bad_param;
+ }
+ for (i=0; i < test_case->plaintext_length_octets; i++)
+ buffer[i] = test_case->plaintext[i];
+
+ debug_print(mod_cipher, "plaintext: %s",
+ octet_string_hex_string(buffer,
+ test_case->plaintext_length_octets));
+
+ /* set the initialization vector */
+ status = cipher_set_iv(c, test_case->idx);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ /* encrypt */
+ len = test_case->plaintext_length_octets;
+ status = cipher_encrypt(c, buffer, &len);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ debug_print(mod_cipher, "ciphertext: %s",
+ octet_string_hex_string(buffer,
+ test_case->ciphertext_length_octets));
+
+ /* compare the resulting ciphertext with that in the test case */
+ if (len != test_case->ciphertext_length_octets)
+ return err_status_algo_fail;
+ status = err_status_ok;
+ for (i=0; i < test_case->ciphertext_length_octets; i++)
+ if (buffer[i] != test_case->ciphertext[i]) {
+ status = err_status_algo_fail;
+ debug_print(mod_cipher, "test case %d failed", case_num);
+ debug_print(mod_cipher, "(failure at byte %d)", i);
+ break;
+ }
+ if (status) {
+
+ debug_print(mod_cipher, "c computed: %s",
+ octet_string_hex_string(buffer,
+ 2*test_case->plaintext_length_octets));
+ debug_print(mod_cipher, "c expected: %s",
+ octet_string_hex_string(test_case->ciphertext,
+ 2*test_case->plaintext_length_octets));
+
+ cipher_dealloc(c);
+ return err_status_algo_fail;
+ }
+
+ /*
+ * test the decrypt function
+ */
+ debug_print(mod_cipher, "testing decryption", NULL);
+
+ /* re-initialize cipher for decryption */
+ status = cipher_init(c, test_case->key, direction_decrypt);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ /* copy ciphertext into test buffer */
+ if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
+ cipher_dealloc(c);
+ return err_status_bad_param;
+ }
+ for (i=0; i < test_case->ciphertext_length_octets; i++)
+ buffer[i] = test_case->ciphertext[i];
+
+ debug_print(mod_cipher, "ciphertext: %s",
+ octet_string_hex_string(buffer,
+ test_case->plaintext_length_octets));
+
+ /* set the initialization vector */
+ status = cipher_set_iv(c, test_case->idx);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ /* decrypt */
+ len = test_case->ciphertext_length_octets;
+ status = cipher_decrypt(c, buffer, &len);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ debug_print(mod_cipher, "plaintext: %s",
+ octet_string_hex_string(buffer,
+ test_case->plaintext_length_octets));
+
+ /* compare the resulting plaintext with that in the test case */
+ if (len != test_case->plaintext_length_octets)
+ return err_status_algo_fail;
+ status = err_status_ok;
+ for (i=0; i < test_case->plaintext_length_octets; i++)
+ if (buffer[i] != test_case->plaintext[i]) {
+ status = err_status_algo_fail;
+ debug_print(mod_cipher, "test case %d failed", case_num);
+ debug_print(mod_cipher, "(failure at byte %d)", i);
+ }
+ if (status) {
+
+ debug_print(mod_cipher, "p computed: %s",
+ octet_string_hex_string(buffer,
+ 2*test_case->plaintext_length_octets));
+ debug_print(mod_cipher, "p expected: %s",
+ octet_string_hex_string(test_case->plaintext,
+ 2*test_case->plaintext_length_octets));
+
+ cipher_dealloc(c);
+ return err_status_algo_fail;
+ }
+
+ /* deallocate the cipher */
+ status = cipher_dealloc(c);
+ if (status)
+ return status;
+
+ /*
+ * the cipher passed the test case, so move on to the next test
+ * case in the list; if NULL, we'l proceed to the next test
+ */
+ test_case = test_case->next_test_case;
+ ++case_num;
+ }
+
+ /* now run some random invertibility tests */
+
+ /* allocate cipher, using paramaters from the first test case */
+ test_case = ct->test_data;
+ status = cipher_type_alloc(ct, &c, test_case->key_length_octets);
+ if (status)
+ return status;
+
+ rand_source_init();
+
+ for (j=0; j < NUM_RAND_TESTS; j++) {
+ unsigned length;
+ int plaintext_len;
+ uint8_t key[MAX_KEY_LEN];
+ uint8_t iv[MAX_KEY_LEN];
+
+ /* choose a length at random (leaving room for IV and padding) */
+ length = rand() % (SELF_TEST_BUF_OCTETS - 64);
+ debug_print(mod_cipher, "random plaintext length %d\n", length);
+ status = rand_source_get_octet_string(buffer, length);
+ if (status) return status;
+
+ debug_print(mod_cipher, "plaintext: %s",
+ octet_string_hex_string(buffer, length));
+
+ /* copy plaintext into second buffer */
+ for (i=0; (unsigned int)i < length; i++)
+ buffer2[i] = buffer[i];
+
+ /* choose a key at random */
+ if (test_case->key_length_octets > MAX_KEY_LEN)
+ return err_status_cant_check;
+ status = rand_source_get_octet_string(key, test_case->key_length_octets);
+ if (status) return status;
+
+ /* chose a random initialization vector */
+ status = rand_source_get_octet_string(iv, MAX_KEY_LEN);
+ if (status) return status;
+
+ /* initialize cipher */
+ status = cipher_init(c, key, direction_encrypt);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ /* set initialization vector */
+ status = cipher_set_iv(c, test_case->idx);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ /* encrypt buffer with cipher */
+ plaintext_len = length;
+ status = cipher_encrypt(c, buffer, &length);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+ debug_print(mod_cipher, "ciphertext: %s",
+ octet_string_hex_string(buffer, length));
+
+ /*
+ * re-initialize cipher for decryption, re-set the iv, then
+ * decrypt the ciphertext
+ */
+ status = cipher_init(c, key, direction_decrypt);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+ status = cipher_set_iv(c, test_case->idx);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+ status = cipher_decrypt(c, buffer, &length);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ debug_print(mod_cipher, "plaintext[2]: %s",
+ octet_string_hex_string(buffer, length));
+
+ /* compare the resulting plaintext with the original one */
+ if (length != plaintext_len)
+ return err_status_algo_fail;
+ status = err_status_ok;
+ for (i=0; i < plaintext_len; i++)
+ if (buffer[i] != buffer2[i]) {
+ status = err_status_algo_fail;
+ debug_print(mod_cipher, "random test case %d failed", case_num);
+ debug_print(mod_cipher, "(failure at byte %d)", i);
+ }
+ if (status) {
+ cipher_dealloc(c);
+ return err_status_algo_fail;
+ }
+
+ }
+
+ return err_status_ok;
+}
+
+
+/*
+ * cipher_bits_per_second(c, l, t) computes (an estimate of) the
+ * number of bits that a cipher implementation can encrypt in a second
+ *
+ * c is a cipher (which MUST be allocated and initialized already), l
+ * is the length in octets of the test data to be encrypted, and t is
+ * the number of trials
+ *
+ * if an error is encountered, the value 0 is returned
+ */
+
+uint64_t
+cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials) {
+ int i;
+ v128_t nonce;
+ clock_t timer;
+ unsigned char *enc_buf;
+ unsigned int len = octets_in_buffer;
+
+ enc_buf = (unsigned char*) crypto_alloc(octets_in_buffer);
+ if (enc_buf == NULL)
+ return 0; /* indicate bad parameters by returning null */
+
+ /* time repeated trials */
+ v128_set_to_zero(&nonce);
+ timer = clock();
+ for(i=0; i < num_trials; i++, nonce.v32[3] = i) {
+ cipher_set_iv(c, &nonce);
+ cipher_encrypt(c, enc_buf, &len);
+ }
+ timer = clock() - timer;
+
+ crypto_free(enc_buf);
+
+ if (timer == 0) {
+ /* Too fast! */
+ return 0;
+ }
+
+ return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
+}
diff --git a/srtp/crypto/cipher/null_cipher.c b/srtp/crypto/cipher/null_cipher.c
new file mode 100644
index 0000000..721f50c
--- /dev/null
+++ b/srtp/crypto/cipher/null_cipher.c
@@ -0,0 +1,152 @@
+/*
+ * null_cipher.c
+ *
+ * A null cipher implementation. This cipher leaves the plaintext
+ * unchanged.
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "datatypes.h"
+#include "null_cipher.h"
+#include "alloc.h"
+
+/* the null_cipher uses the cipher debug module */
+
+extern debug_module_t mod_cipher;
+
+err_status_t
+null_cipher_alloc(cipher_t **c, int key_len) {
+ extern cipher_type_t null_cipher;
+ uint8_t *pointer;
+
+ debug_print(mod_cipher,
+ "allocating cipher with key length %d", key_len);
+
+ /* allocate memory a cipher of type null_cipher */
+ pointer = (uint8_t*)crypto_alloc(sizeof(null_cipher_ctx_t) + sizeof(cipher_t));
+ if (pointer == NULL)
+ return err_status_alloc_fail;
+
+ /* set pointers */
+ *c = (cipher_t *)pointer;
+ (*c)->type = &null_cipher;
+ (*c)->state = pointer + sizeof(cipher_t);
+
+ /* set key size */
+ (*c)->key_len = key_len;
+
+ /* increment ref_count */
+ null_cipher.ref_count++;
+
+ return err_status_ok;
+
+}
+
+err_status_t
+null_cipher_dealloc(cipher_t *c) {
+ extern cipher_type_t null_cipher;
+
+ /* zeroize entire state*/
+ octet_string_set_to_zero((uint8_t *)c,
+ sizeof(null_cipher_ctx_t) + sizeof(cipher_t));
+
+ /* free memory of type null_cipher */
+ crypto_free(c);
+
+ /* decrement reference count */
+ null_cipher.ref_count--;
+
+ return err_status_ok;
+
+}
+
+err_status_t
+null_cipher_init(null_cipher_ctx_t *ctx, const uint8_t *key) {
+
+ debug_print(mod_cipher, "initializing null cipher", NULL);
+
+ return err_status_ok;
+}
+
+err_status_t
+null_cipher_set_iv(null_cipher_ctx_t *c, void *iv) {
+ return err_status_ok;
+}
+
+err_status_t
+null_cipher_encrypt(null_cipher_ctx_t *c,
+ unsigned char *buf, unsigned int *bytes_to_encr) {
+ return err_status_ok;
+}
+
+char
+null_cipher_description[] = "null cipher";
+
+cipher_test_case_t
+null_cipher_test_0 = {
+ 0, /* octets in key */
+ NULL, /* key */
+ 0, /* packet index */
+ 0, /* octets in plaintext */
+ NULL, /* plaintext */
+ 0, /* octets in plaintext */
+ NULL, /* ciphertext */
+ NULL /* pointer to next testcase */
+};
+
+
+/*
+ * note: the decrypt function is idential to the encrypt function
+ */
+
+cipher_type_t null_cipher = {
+ (cipher_alloc_func_t) null_cipher_alloc,
+ (cipher_dealloc_func_t) null_cipher_dealloc,
+ (cipher_init_func_t) null_cipher_init,
+ (cipher_encrypt_func_t) null_cipher_encrypt,
+ (cipher_decrypt_func_t) null_cipher_encrypt,
+ (cipher_set_iv_func_t) null_cipher_set_iv,
+ (char *) null_cipher_description,
+ (int) 0,
+ (cipher_test_case_t *) &null_cipher_test_0,
+ (debug_module_t *) NULL
+};
+
diff --git a/srtp/crypto/hash/CVS/Entries b/srtp/crypto/hash/CVS/Entries
new file mode 100644
index 0000000..f54bc44
--- /dev/null
+++ b/srtp/crypto/hash/CVS/Entries
@@ -0,0 +1,5 @@
+/auth.c/1.3/Thu Jun 8 17:00:26 2006//
+/hmac.c/1.8/Tue Jul 18 19:45:46 2006//
+/null_auth.c/1.4/Wed Jul 12 22:22:08 2006//
+/sha1.c/1.6/Thu Jun 8 17:00:27 2006//
+D
diff --git a/srtp/crypto/hash/CVS/Repository b/srtp/crypto/hash/CVS/Repository
new file mode 100644
index 0000000..ccc8664
--- /dev/null
+++ b/srtp/crypto/hash/CVS/Repository
@@ -0,0 +1 @@
+srtp/crypto/hash
diff --git a/srtp/crypto/hash/CVS/Root b/srtp/crypto/hash/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/crypto/hash/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/crypto/hash/auth.c b/srtp/crypto/hash/auth.c
new file mode 100644
index 0000000..8eb722d
--- /dev/null
+++ b/srtp/crypto/hash/auth.c
@@ -0,0 +1,173 @@
+/*
+ * auth.c
+ *
+ * some bookkeeping functions for authentication functions
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "auth.h"
+
+/* the debug module for authentiation */
+
+debug_module_t mod_auth = {
+ 0, /* debugging is off by default */
+ "auth func" /* printable name for module */
+};
+
+
+int
+auth_get_key_length(const auth_t *a) {
+ return a->key_len;
+}
+
+int
+auth_get_tag_length(const auth_t *a) {
+ return a->out_len;
+}
+
+int
+auth_get_prefix_length(const auth_t *a) {
+ return a->prefix_len;
+}
+
+int
+auth_type_get_ref_count(const auth_type_t *at) {
+ return at->ref_count;
+}
+
+/*
+ * auth_type_self_test() tests an auth function of type ct against
+ * test cases provided in an array of values of key, data, and tag
+ * that is known to be good
+ */
+
+/* should be big enough for most occasions */
+#define SELF_TEST_TAG_BUF_OCTETS 32
+
+err_status_t
+auth_type_self_test(const auth_type_t *at) {
+ auth_test_case_t *test_case = at->test_data;
+ auth_t *a;
+ err_status_t status;
+ uint8_t tag[SELF_TEST_TAG_BUF_OCTETS];
+ int i, case_num = 0;
+
+ debug_print(mod_auth, "running self-test for auth function %s",
+ at->description);
+
+ /*
+ * check to make sure that we have at least one test case, and
+ * return an error if we don't - we need to be paranoid here
+ */
+ if (test_case == NULL)
+ return err_status_cant_check;
+
+ /* loop over all test cases */
+ while (test_case != NULL) {
+
+ /* check test case parameters */
+ if (test_case->tag_length_octets > SELF_TEST_TAG_BUF_OCTETS)
+ return err_status_bad_param;
+
+ /* allocate auth */
+ status = auth_type_alloc(at, &a, test_case->key_length_octets,
+ test_case->tag_length_octets);
+ if (status)
+ return status;
+
+ /* initialize auth */
+ status = auth_init(a, test_case->key);
+ if (status) {
+ auth_dealloc(a);
+ return status;
+ }
+
+ /* zeroize tag then compute */
+ octet_string_set_to_zero(tag, test_case->tag_length_octets);
+ status = auth_compute(a, test_case->data,
+ test_case->data_length_octets, tag);
+ if (status) {
+ auth_dealloc(a);
+ return status;
+ }
+
+ debug_print(mod_auth, "key: %s",
+ octet_string_hex_string(test_case->key,
+ test_case->key_length_octets));
+ debug_print(mod_auth, "data: %s",
+ octet_string_hex_string(test_case->data,
+ test_case->data_length_octets));
+ debug_print(mod_auth, "tag computed: %s",
+ octet_string_hex_string(tag, test_case->tag_length_octets));
+ debug_print(mod_auth, "tag expected: %s",
+ octet_string_hex_string(test_case->tag,
+ test_case->tag_length_octets));
+
+ /* check the result */
+ status = err_status_ok;
+ for (i=0; i < test_case->tag_length_octets; i++)
+ if (tag[i] != test_case->tag[i]) {
+ status = err_status_algo_fail;
+ debug_print(mod_auth, "test case %d failed", case_num);
+ debug_print(mod_auth, " (mismatch at octet %d)", i);
+ }
+ if (status) {
+ auth_dealloc(a);
+ return err_status_algo_fail;
+ }
+
+ /* deallocate the auth function */
+ status = auth_dealloc(a);
+ if (status)
+ return status;
+
+ /*
+ * the auth function passed the test case, so move on to the next test
+ * case in the list; if NULL, we'll quit and return an OK
+ */
+ test_case = test_case->next_test_case;
+ ++case_num;
+ }
+
+ return err_status_ok;
+}
+
+
diff --git a/srtp/crypto/hash/hmac.c b/srtp/crypto/hash/hmac.c
new file mode 100644
index 0000000..4336cf0
--- /dev/null
+++ b/srtp/crypto/hash/hmac.c
@@ -0,0 +1,267 @@
+/*
+ * hmac.c
+ *
+ * implementation of hmac auth_type_t
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "hmac.h"
+#include "alloc.h"
+
+/* the debug module for authentiation */
+
+debug_module_t mod_hmac = {
+ 0, /* debugging is off by default */
+ "hmac sha-1" /* printable name for module */
+};
+
+
+err_status_t
+hmac_alloc(auth_t **a, int key_len, int out_len) {
+ extern auth_type_t hmac;
+ uint8_t *pointer;
+
+ debug_print(mod_hmac, "allocating auth func with key length %d", key_len);
+ debug_print(mod_hmac, " tag length %d", out_len);
+
+ /*
+ * check key length - note that we don't support keys larger
+ * than 20 bytes yet
+ */
+ if (key_len > 20)
+ return err_status_bad_param;
+
+ /* check output length - should be less than 20 bytes */
+ if (out_len > 20)
+ return err_status_bad_param;
+
+ /* allocate memory for auth and hmac_ctx_t structures */
+ pointer = (uint8_t*)crypto_alloc(sizeof(hmac_ctx_t) + sizeof(auth_t));
+ if (pointer == NULL)
+ return err_status_alloc_fail;
+
+ /* set pointers */
+ *a = (auth_t *)pointer;
+ (*a)->type = &hmac;
+ (*a)->state = pointer + sizeof(auth_t);
+ (*a)->out_len = out_len;
+ (*a)->key_len = key_len;
+ (*a)->prefix_len = 0;
+
+ /* increment global count of all hmac uses */
+ hmac.ref_count++;
+
+ return err_status_ok;
+}
+
+err_status_t
+hmac_dealloc(auth_t *a) {
+ extern auth_type_t hmac;
+
+ /* zeroize entire state*/
+ octet_string_set_to_zero((uint8_t *)a,
+ sizeof(hmac_ctx_t) + sizeof(auth_t));
+
+ /* free memory */
+ crypto_free(a);
+
+ /* decrement global count of all hmac uses */
+ hmac.ref_count--;
+
+ return err_status_ok;
+}
+
+err_status_t
+hmac_init(hmac_ctx_t *state, const uint8_t *key, int key_len) {
+ int i;
+ uint8_t ipad[64];
+
+ /*
+ * check key length - note that we don't support keys larger
+ * than 20 bytes yet
+ */
+ if (key_len > 20)
+ return err_status_bad_param;
+
+ /*
+ * set values of ipad and opad by exoring the key into the
+ * appropriate constant values
+ */
+ for (i=0; i < key_len; i++) {
+ ipad[i] = key[i] ^ 0x36;
+ state->opad[i] = key[i] ^ 0x5c;
+ }
+ /* set the rest of ipad, opad to constant values */
+ for ( ; i < 64; i++) {
+ ipad[i] = 0x36;
+ ((uint8_t *)state->opad)[i] = 0x5c;
+ }
+
+ debug_print(mod_hmac, "ipad: %s", octet_string_hex_string(ipad, 64));
+
+ /* initialize sha1 context */
+ sha1_init(&state->init_ctx);
+
+ /* hash ipad ^ key */
+ sha1_update(&state->init_ctx, ipad, 64);
+ memcpy(&state->ctx, &state->init_ctx, sizeof(sha1_ctx_t));
+
+ return err_status_ok;
+}
+
+err_status_t
+hmac_start(hmac_ctx_t *state) {
+
+ memcpy(&state->ctx, &state->init_ctx, sizeof(sha1_ctx_t));
+
+ return err_status_ok;
+}
+
+err_status_t
+hmac_update(hmac_ctx_t *state, const uint8_t *message, int msg_octets) {
+
+ debug_print(mod_hmac, "input: %s",
+ octet_string_hex_string(message, msg_octets));
+
+ /* hash message into sha1 context */
+ sha1_update(&state->ctx, message, msg_octets);
+
+ return err_status_ok;
+}
+
+err_status_t
+hmac_compute(hmac_ctx_t *state, const void *message,
+ int msg_octets, int tag_len, uint8_t *result) {
+ uint32_t hash_value[5];
+ uint32_t H[5];
+ int i;
+
+ /* check tag length, return error if we can't provide the value expected */
+ if (tag_len > 20)
+ return err_status_bad_param;
+
+ /* hash message, copy output into H */
+ hmac_update(state, (const uint8_t*)message, msg_octets);
+ sha1_final(&state->ctx, H);
+
+ /*
+ * note that we don't need to debug_print() the input, since the
+ * function hmac_update() already did that for us
+ */
+ debug_print(mod_hmac, "intermediate state: %s",
+ octet_string_hex_string((uint8_t *)H, 20));
+
+ /* re-initialize hash context */
+ sha1_init(&state->ctx);
+
+ /* hash opad ^ key */
+ sha1_update(&state->ctx, (uint8_t *)state->opad, 64);
+
+ /* hash the result of the inner hash */
+ sha1_update(&state->ctx, (uint8_t *)H, 20);
+
+ /* the result is returned in the array hash_value[] */
+ sha1_final(&state->ctx, hash_value);
+
+ /* copy hash_value to *result */
+ for (i=0; i < tag_len; i++)
+ result[i] = ((uint8_t *)hash_value)[i];
+
+ debug_print(mod_hmac, "output: %s",
+ octet_string_hex_string((uint8_t *)hash_value, tag_len));
+
+ return err_status_ok;
+}
+
+
+/* begin test case 0 */
+
+uint8_t
+hmac_test_case_0_key[20] = {
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b
+};
+
+uint8_t
+hmac_test_case_0_data[8] = {
+ 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 /* "Hi There" */
+};
+
+uint8_t
+hmac_test_case_0_tag[20] = {
+ 0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64,
+ 0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e,
+ 0xf1, 0x46, 0xbe, 0x00
+};
+
+auth_test_case_t
+hmac_test_case_0 = {
+ 20, /* octets in key */
+ hmac_test_case_0_key, /* key */
+ 8, /* octets in data */
+ hmac_test_case_0_data, /* data */
+ 20, /* octets in tag */
+ hmac_test_case_0_tag, /* tag */
+ NULL /* pointer to next testcase */
+};
+
+/* end test case 0 */
+
+char hmac_description[] = "hmac sha-1 authentication function";
+
+/*
+ * auth_type_t hmac is the hmac metaobject
+ */
+
+auth_type_t
+hmac = {
+ (auth_alloc_func) hmac_alloc,
+ (auth_dealloc_func) hmac_dealloc,
+ (auth_init_func) hmac_init,
+ (auth_compute_func) hmac_compute,
+ (auth_update_func) hmac_update,
+ (auth_start_func) hmac_start,
+ (char *) hmac_description,
+ (int) 0, /* instance count */
+ (auth_test_case_t *) &hmac_test_case_0,
+ (debug_module_t *) &mod_hmac
+};
+
diff --git a/srtp/crypto/hash/null_auth.c b/srtp/crypto/hash/null_auth.c
new file mode 100644
index 0000000..301348b
--- /dev/null
+++ b/srtp/crypto/hash/null_auth.c
@@ -0,0 +1,160 @@
+/*
+ * null_auth.c
+ *
+ * implements the do-nothing auth algorithm
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "null_auth.h"
+#include "alloc.h"
+
+/* null_auth uses the auth debug module */
+
+extern debug_module_t mod_auth;
+
+err_status_t
+null_auth_alloc(auth_t **a, int key_len, int out_len) {
+ extern auth_type_t null_auth;
+ uint8_t *pointer;
+
+ debug_print(mod_auth, "allocating auth func with key length %d", key_len);
+ debug_print(mod_auth, " tag length %d", out_len);
+
+ /* allocate memory for auth and null_auth_ctx_t structures */
+ pointer = (uint8_t*)crypto_alloc(sizeof(null_auth_ctx_t) + sizeof(auth_t));
+ if (pointer == NULL)
+ return err_status_alloc_fail;
+
+ /* set pointers */
+ *a = (auth_t *)pointer;
+ (*a)->type = &null_auth;
+ (*a)->state = pointer + sizeof (auth_t);
+ (*a)->out_len = out_len;
+ (*a)->prefix_len = out_len;
+ (*a)->key_len = key_len;
+
+ /* increment global count of all null_auth uses */
+ null_auth.ref_count++;
+
+ return err_status_ok;
+}
+
+err_status_t
+null_auth_dealloc(auth_t *a) {
+ extern auth_type_t null_auth;
+
+ /* zeroize entire state*/
+ octet_string_set_to_zero((uint8_t *)a,
+ sizeof(null_auth_ctx_t) + sizeof(auth_t));
+
+ /* free memory */
+ crypto_free(a);
+
+ /* decrement global count of all null_auth uses */
+ null_auth.ref_count--;
+
+ return err_status_ok;
+}
+
+err_status_t
+null_auth_init(null_auth_ctx_t *state, const uint8_t *key, int key_len) {
+
+ /* accept any length of key, and do nothing */
+
+ return err_status_ok;
+}
+
+err_status_t
+null_auth_compute(null_auth_ctx_t *state, uint8_t *message,
+ int msg_octets, int tag_len, uint8_t *result) {
+
+ return err_status_ok;
+}
+
+err_status_t
+null_auth_update(null_auth_ctx_t *state, uint8_t *message,
+ int msg_octets) {
+
+ return err_status_ok;
+}
+
+err_status_t
+null_auth_start(null_auth_ctx_t *state) {
+ return err_status_ok;
+}
+
+/*
+ * auth_type_t - defines description, test case, and null_auth
+ * metaobject
+ */
+
+/* begin test case 0 */
+
+auth_test_case_t
+null_auth_test_case_0 = {
+ 0, /* octets in key */
+ NULL, /* key */
+ 0, /* octets in data */
+ NULL, /* data */
+ 0, /* octets in tag */
+ NULL, /* tag */
+ NULL /* pointer to next testcase */
+};
+
+/* end test case 0 */
+
+char null_auth_description[] = "null authentication function";
+
+auth_type_t
+null_auth = {
+ (auth_alloc_func) null_auth_alloc,
+ (auth_dealloc_func) null_auth_dealloc,
+ (auth_init_func) null_auth_init,
+ (auth_compute_func) null_auth_compute,
+ (auth_update_func) null_auth_update,
+ (auth_start_func) null_auth_start,
+ (char *) null_auth_description,
+ (int) 0, /* instance count */
+ (auth_test_case_t *) &null_auth_test_case_0
+};
+
diff --git a/srtp/crypto/hash/sha1.c b/srtp/crypto/hash/sha1.c
new file mode 100644
index 0000000..566672d
--- /dev/null
+++ b/srtp/crypto/hash/sha1.c
@@ -0,0 +1,404 @@
+/*
+ * sha1.c
+ *
+ * an implementation of the Secure Hash Algorithm v.1 (SHA-1),
+ * specified in FIPS 180-1
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "sha1.h"
+
+debug_module_t mod_sha1 = {
+ 0, /* debugging is off by default */
+ "sha-1" /* printable module name */
+};
+
+/* SN == Rotate left N bits */
+#define S1(X) ((X << 1) | (X >> 31))
+#define S5(X) ((X << 5) | (X >> 27))
+#define S30(X) ((X << 30) | (X >> 2))
+
+#define f0(B,C,D) ((B & C) | (~B & D))
+#define f1(B,C,D) (B ^ C ^ D)
+#define f2(B,C,D) ((B & C) | (B & D) | (C & D))
+#define f3(B,C,D) (B ^ C ^ D)
+
+/*
+ * nota bene: the variable K0 appears in the curses library, so we
+ * give longer names to these variables to avoid spurious warnings
+ * on systems that uses curses
+ */
+
+uint32_t SHA_K0 = 0x5A827999; /* Kt for 0 <= t <= 19 */
+uint32_t SHA_K1 = 0x6ED9EBA1; /* Kt for 20 <= t <= 39 */
+uint32_t SHA_K2 = 0x8F1BBCDC; /* Kt for 40 <= t <= 59 */
+uint32_t SHA_K3 = 0xCA62C1D6; /* Kt for 60 <= t <= 79 */
+
+void
+sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) {
+ sha1_ctx_t ctx;
+
+ sha1_init(&ctx);
+ sha1_update(&ctx, msg, octets_in_msg);
+ sha1_final(&ctx, hash_value);
+
+}
+
+/*
+ * sha1_core(M, H) computes the core compression function, where M is
+ * the next part of the message (in network byte order) and H is the
+ * intermediate state { H0, H1, ...} (in host byte order)
+ *
+ * this function does not do any of the padding required in the
+ * complete SHA1 function
+ *
+ * this function is used in the SEAL 3.0 key setup routines
+ * (crypto/cipher/seal.c)
+ */
+
+void
+sha1_core(const uint32_t M[16], uint32_t hash_value[5]) {
+ uint32_t H0;
+ uint32_t H1;
+ uint32_t H2;
+ uint32_t H3;
+ uint32_t H4;
+ uint32_t W[80];
+ uint32_t A, B, C, D, E, TEMP;
+ int t;
+
+ /* copy hash_value into H0, H1, H2, H3, H4 */
+ H0 = hash_value[0];
+ H1 = hash_value[1];
+ H2 = hash_value[2];
+ H3 = hash_value[3];
+ H4 = hash_value[4];
+
+ /* copy/xor message into array */
+
+ W[0] = be32_to_cpu(M[0]);
+ W[1] = be32_to_cpu(M[1]);
+ W[2] = be32_to_cpu(M[2]);
+ W[3] = be32_to_cpu(M[3]);
+ W[4] = be32_to_cpu(M[4]);
+ W[5] = be32_to_cpu(M[5]);
+ W[6] = be32_to_cpu(M[6]);
+ W[7] = be32_to_cpu(M[7]);
+ W[8] = be32_to_cpu(M[8]);
+ W[9] = be32_to_cpu(M[9]);
+ W[10] = be32_to_cpu(M[10]);
+ W[11] = be32_to_cpu(M[11]);
+ W[12] = be32_to_cpu(M[12]);
+ W[13] = be32_to_cpu(M[13]);
+ W[14] = be32_to_cpu(M[14]);
+ W[15] = be32_to_cpu(M[15]);
+ TEMP = W[13] ^ W[8] ^ W[2] ^ W[0]; W[16] = S1(TEMP);
+ TEMP = W[14] ^ W[9] ^ W[3] ^ W[1]; W[17] = S1(TEMP);
+ TEMP = W[15] ^ W[10] ^ W[4] ^ W[2]; W[18] = S1(TEMP);
+ TEMP = W[16] ^ W[11] ^ W[5] ^ W[3]; W[19] = S1(TEMP);
+ TEMP = W[17] ^ W[12] ^ W[6] ^ W[4]; W[20] = S1(TEMP);
+ TEMP = W[18] ^ W[13] ^ W[7] ^ W[5]; W[21] = S1(TEMP);
+ TEMP = W[19] ^ W[14] ^ W[8] ^ W[6]; W[22] = S1(TEMP);
+ TEMP = W[20] ^ W[15] ^ W[9] ^ W[7]; W[23] = S1(TEMP);
+ TEMP = W[21] ^ W[16] ^ W[10] ^ W[8]; W[24] = S1(TEMP);
+ TEMP = W[22] ^ W[17] ^ W[11] ^ W[9]; W[25] = S1(TEMP);
+ TEMP = W[23] ^ W[18] ^ W[12] ^ W[10]; W[26] = S1(TEMP);
+ TEMP = W[24] ^ W[19] ^ W[13] ^ W[11]; W[27] = S1(TEMP);
+ TEMP = W[25] ^ W[20] ^ W[14] ^ W[12]; W[28] = S1(TEMP);
+ TEMP = W[26] ^ W[21] ^ W[15] ^ W[13]; W[29] = S1(TEMP);
+ TEMP = W[27] ^ W[22] ^ W[16] ^ W[14]; W[30] = S1(TEMP);
+ TEMP = W[28] ^ W[23] ^ W[17] ^ W[15]; W[31] = S1(TEMP);
+
+ /* process the remainder of the array */
+ for (t=32; t < 80; t++) {
+ TEMP = W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16];
+ W[t] = S1(TEMP);
+ }
+
+ A = H0; B = H1; C = H2; D = H3; E = H4;
+
+ for (t=0; t < 20; t++) {
+ TEMP = S5(A) + f0(B,C,D) + E + W[t] + SHA_K0;
+ E = D; D = C; C = S30(B); B = A; A = TEMP;
+ }
+ for ( ; t < 40; t++) {
+ TEMP = S5(A) + f1(B,C,D) + E + W[t] + SHA_K1;
+ E = D; D = C; C = S30(B); B = A; A = TEMP;
+ }
+ for ( ; t < 60; t++) {
+ TEMP = S5(A) + f2(B,C,D) + E + W[t] + SHA_K2;
+ E = D; D = C; C = S30(B); B = A; A = TEMP;
+ }
+ for ( ; t < 80; t++) {
+ TEMP = S5(A) + f3(B,C,D) + E + W[t] + SHA_K3;
+ E = D; D = C; C = S30(B); B = A; A = TEMP;
+ }
+
+ hash_value[0] = H0 + A;
+ hash_value[1] = H1 + B;
+ hash_value[2] = H2 + C;
+ hash_value[3] = H3 + D;
+ hash_value[4] = H4 + E;
+
+ return;
+}
+
+void
+sha1_init(sha1_ctx_t *ctx) {
+
+ /* initialize state vector */
+ ctx->H[0] = 0x67452301;
+ ctx->H[1] = 0xefcdab89;
+ ctx->H[2] = 0x98badcfe;
+ ctx->H[3] = 0x10325476;
+ ctx->H[4] = 0xc3d2e1f0;
+
+ /* indicate that message buffer is empty */
+ ctx->octets_in_buffer = 0;
+
+ /* reset message bit-count to zero */
+ ctx->num_bits_in_msg = 0;
+
+}
+
+void
+sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) {
+ int i;
+ uint8_t *buf = (uint8_t *)ctx->M;
+
+ /* update message bit-count */
+ ctx->num_bits_in_msg += octets_in_msg * 8;
+
+ /* loop over 16-word blocks of M */
+ while (octets_in_msg > 0) {
+
+ if (octets_in_msg + ctx->octets_in_buffer >= 64) {
+
+ /*
+ * copy words of M into msg buffer until that buffer is full,
+ * converting them into host byte order as needed
+ */
+ octets_in_msg -= (64 - ctx->octets_in_buffer);
+ for (i=ctx->octets_in_buffer; i < 64; i++)
+ buf[i] = *msg++;
+ ctx->octets_in_buffer = 0;
+
+ /* process a whole block */
+
+ debug_print(mod_sha1, "(update) running sha1_core()", NULL);
+
+ sha1_core(ctx->M, ctx->H);
+
+ } else {
+
+ debug_print(mod_sha1, "(update) not running sha1_core()", NULL);
+
+ for (i=ctx->octets_in_buffer;
+ i < (ctx->octets_in_buffer + octets_in_msg); i++)
+ buf[i] = *msg++;
+ ctx->octets_in_buffer += octets_in_msg;
+ octets_in_msg = 0;
+ }
+
+ }
+
+}
+
+/*
+ * sha1_final(ctx, output) computes the result for ctx and copies it
+ * into the twenty octets located at *output
+ */
+
+void
+sha1_final(sha1_ctx_t *ctx, uint32_t *output) {
+ uint32_t A, B, C, D, E, TEMP;
+ uint32_t W[80];
+ int i, t;
+
+ /*
+ * process the remaining octets_in_buffer, padding and terminating as
+ * necessary
+ */
+ {
+ int tail = ctx->octets_in_buffer % 4;
+
+ /* copy/xor message into array */
+ for (i=0; i < (ctx->octets_in_buffer+3)/4; i++)
+ W[i] = be32_to_cpu(ctx->M[i]);
+
+ /* set the high bit of the octet immediately following the message */
+ switch (tail) {
+ case (3):
+ W[i-1] = (be32_to_cpu(ctx->M[i-1]) & 0xffffff00) | 0x80;
+ W[i] = 0x0;
+ break;
+ case (2):
+ W[i-1] = (be32_to_cpu(ctx->M[i-1]) & 0xffff0000) | 0x8000;
+ W[i] = 0x0;
+ break;
+ case (1):
+ W[i-1] = (be32_to_cpu(ctx->M[i-1]) & 0xff000000) | 0x800000;
+ W[i] = 0x0;
+ break;
+ case (0):
+ W[i] = 0x80000000;
+ break;
+ }
+
+ /* zeroize remaining words */
+ for (i++ ; i < 15; i++)
+ W[i] = 0x0;
+
+ /*
+ * if there is room at the end of the word array, then set the
+ * last word to the bit-length of the message; otherwise, set that
+ * word to zero and then we need to do one more run of the
+ * compression algo.
+ */
+ if (ctx->octets_in_buffer < 56)
+ W[15] = ctx->num_bits_in_msg;
+ else if (ctx->octets_in_buffer < 60)
+ W[15] = 0x0;
+
+ /* process the word array */ for (t=16; t < 80; t++) {
+ TEMP = W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16];
+ W[t] = S1(TEMP);
+ }
+
+ A = ctx->H[0];
+ B = ctx->H[1];
+ C = ctx->H[2];
+ D = ctx->H[3];
+ E = ctx->H[4];
+
+ for (t=0; t < 20; t++) {
+ TEMP = S5(A) + f0(B,C,D) + E + W[t] + SHA_K0;
+ E = D; D = C; C = S30(B); B = A; A = TEMP;
+ }
+ for ( ; t < 40; t++) {
+ TEMP = S5(A) + f1(B,C,D) + E + W[t] + SHA_K1;
+ E = D; D = C; C = S30(B); B = A; A = TEMP;
+ }
+ for ( ; t < 60; t++) {
+ TEMP = S5(A) + f2(B,C,D) + E + W[t] + SHA_K2;
+ E = D; D = C; C = S30(B); B = A; A = TEMP;
+ }
+ for ( ; t < 80; t++) {
+ TEMP = S5(A) + f3(B,C,D) + E + W[t] + SHA_K3;
+ E = D; D = C; C = S30(B); B = A; A = TEMP;
+ }
+
+ ctx->H[0] += A;
+ ctx->H[1] += B;
+ ctx->H[2] += C;
+ ctx->H[3] += D;
+ ctx->H[4] += E;
+
+ }
+
+ debug_print(mod_sha1, "(final) running sha1_core()", NULL);
+
+ if (ctx->octets_in_buffer >= 56) {
+
+ debug_print(mod_sha1, "(final) running sha1_core() again", NULL);
+
+ /* we need to do one final run of the compression algo */
+
+ /*
+ * set initial part of word array to zeros, and set the
+ * final part to the number of bits in the message
+ */
+ for (i=0; i < 15; i++)
+ W[i] = 0x0;
+ W[15] = ctx->num_bits_in_msg;
+
+ /* process the word array */
+ for (t=16; t < 80; t++) {
+ TEMP = W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16];
+ W[t] = S1(TEMP);
+ }
+
+ A = ctx->H[0];
+ B = ctx->H[1];
+ C = ctx->H[2];
+ D = ctx->H[3];
+ E = ctx->H[4];
+
+ for (t=0; t < 20; t++) {
+ TEMP = S5(A) + f0(B,C,D) + E + W[t] + SHA_K0;
+ E = D; D = C; C = S30(B); B = A; A = TEMP;
+ }
+ for ( ; t < 40; t++) {
+ TEMP = S5(A) + f1(B,C,D) + E + W[t] + SHA_K1;
+ E = D; D = C; C = S30(B); B = A; A = TEMP;
+ }
+ for ( ; t < 60; t++) {
+ TEMP = S5(A) + f2(B,C,D) + E + W[t] + SHA_K2;
+ E = D; D = C; C = S30(B); B = A; A = TEMP;
+ }
+ for ( ; t < 80; t++) {
+ TEMP = S5(A) + f3(B,C,D) + E + W[t] + SHA_K3;
+ E = D; D = C; C = S30(B); B = A; A = TEMP;
+ }
+
+ ctx->H[0] += A;
+ ctx->H[1] += B;
+ ctx->H[2] += C;
+ ctx->H[3] += D;
+ ctx->H[4] += E;
+ }
+
+ /* copy result into output buffer */
+ output[0] = be32_to_cpu(ctx->H[0]);
+ output[1] = be32_to_cpu(ctx->H[1]);
+ output[2] = be32_to_cpu(ctx->H[2]);
+ output[3] = be32_to_cpu(ctx->H[3]);
+ output[4] = be32_to_cpu(ctx->H[4]);
+
+ /* indicate that message buffer in context is empty */
+ ctx->octets_in_buffer = 0;
+
+ return;
+}
+
+
+
diff --git a/srtp/crypto/include/.cvsignore b/srtp/crypto/include/.cvsignore
new file mode 100644
index 0000000..0e56cf2
--- /dev/null
+++ b/srtp/crypto/include/.cvsignore
@@ -0,0 +1 @@
+config.h
diff --git a/srtp/crypto/include/CVS/Entries b/srtp/crypto/include/CVS/Entries
new file mode 100644
index 0000000..8107491
--- /dev/null
+++ b/srtp/crypto/include/CVS/Entries
@@ -0,0 +1,29 @@
+/.cvsignore/1.1/Thu Sep 29 11:59:01 2005//
+/aes.h/1.5/Wed Jul 12 22:22:08 2006//
+/aes_cbc.h/1.2/Thu Sep 29 12:36:43 2005//
+/aes_icm.h/1.3/Fri Mar 17 21:00:46 2006//
+/alloc.h/1.4/Thu Jun 8 17:00:27 2006//
+/auth.h/1.3/Thu Jun 8 17:00:27 2006//
+/cipher.h/1.6/Wed Jul 12 22:22:08 2006//
+/crypto.h/1.2/Wed Jul 12 00:50:56 2006//
+/crypto_kernel.h/1.4/Wed Jul 12 00:50:56 2006//
+/crypto_math.h/1.4/Thu Jun 8 17:00:27 2006//
+/crypto_types.h/1.2/Thu Jun 8 17:00:27 2006//
+/cryptoalg.h/1.3/Thu Jun 8 17:00:27 2006//
+/datatypes.h/1.15/Wed Jul 12 22:41:57 2006//
+/err.h/1.11/Tue Jul 18 19:45:46 2006//
+/gf2_8.h/1.4/Thu Jun 8 17:00:27 2006//
+/hmac.h/1.5/Thu Jun 8 17:00:27 2006//
+/integers.h/1.8/Tue Jul 18 19:45:46 2006//
+/kernel_compat.h/1.3/Tue Oct 18 15:27:35 2005//
+/key.h/1.3/Thu Jun 8 18:51:27 2006//
+/null_auth.h/1.3/Thu Jun 8 17:00:27 2006//
+/null_cipher.h/1.3/Thu Jun 8 17:00:27 2006//
+/prng.h/1.5/Mon Oct 3 15:52:19 2005//
+/rand_source.h/1.4/Thu Jun 8 17:00:27 2006//
+/rdb.h/1.1/Mon Sep 26 20:41:14 2005//
+/rdbx.h/1.1.1.1/Wed Sep 21 22:51:40 2005//
+/sha1.h/1.4/Thu Jun 8 17:00:27 2006//
+/stat.h/1.4/Thu Jun 8 17:00:27 2006//
+/xfm.h/1.2/Wed Sep 28 14:23:06 2005//
+D
diff --git a/srtp/crypto/include/CVS/Repository b/srtp/crypto/include/CVS/Repository
new file mode 100644
index 0000000..c29d21a
--- /dev/null
+++ b/srtp/crypto/include/CVS/Repository
@@ -0,0 +1 @@
+srtp/crypto/include
diff --git a/srtp/crypto/include/CVS/Root b/srtp/crypto/include/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/crypto/include/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/crypto/include/aes.h b/srtp/crypto/include/aes.h
new file mode 100644
index 0000000..d965280
--- /dev/null
+++ b/srtp/crypto/include/aes.h
@@ -0,0 +1,84 @@
+/*
+ * aes.h
+ *
+ * header file for the AES block cipher
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef _AES_H
+#define _AES_H
+
+#include "config.h"
+
+#include "datatypes.h"
+#include "gf2_8.h"
+
+/* aes internals */
+
+typedef v128_t aes_expanded_key_t[11];
+
+void
+aes_expand_encryption_key(const v128_t *key,
+ aes_expanded_key_t expanded_key);
+
+void
+aes_expand_decryption_key(const v128_t *key,
+ aes_expanded_key_t expanded_key);
+
+void
+aes_encrypt(v128_t *plaintext, const aes_expanded_key_t exp_key);
+
+void
+aes_decrypt(v128_t *plaintext, const aes_expanded_key_t exp_key);
+
+#if 0
+/*
+ * internal functions
+ */
+
+void
+aes_init_sbox(void);
+
+void
+aes_compute_tables(void);
+#endif
+
+#endif /* _AES_H */
diff --git a/srtp/crypto/include/aes_cbc.h b/srtp/crypto/include/aes_cbc.h
new file mode 100644
index 0000000..9fb6682
--- /dev/null
+++ b/srtp/crypto/include/aes_cbc.h
@@ -0,0 +1,50 @@
+/*
+ * aes_cbc.h
+ *
+ * Header for AES Cipher Blobk Chaining Mode.
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ */
+
+#ifndef AES_CBC_H
+#define AES_CBC_H
+
+#include "aes.h"
+#include "cipher.h"
+
+typedef struct {
+ v128_t state; /* cipher chaining state */
+ v128_t previous; /* previous ciphertext block */
+ aes_expanded_key_t expanded_key; /* the cipher key */
+} aes_cbc_ctx_t;
+
+err_status_t
+aes_cbc_set_key(aes_cbc_ctx_t *c,
+ const unsigned char *key);
+
+err_status_t
+aes_cbc_encrypt(aes_cbc_ctx_t *c,
+ unsigned char *buf,
+ unsigned int *bytes_in_data);
+
+err_status_t
+aes_cbc_context_init(aes_cbc_ctx_t *c, const uint8_t *key,
+ cipher_direction_t dir);
+
+err_status_t
+aes_cbc_set_iv(aes_cbc_ctx_t *c, void *iv);
+
+err_status_t
+aes_cbc_nist_encrypt(aes_cbc_ctx_t *c,
+ unsigned char *data,
+ unsigned int *bytes_in_data);
+
+err_status_t
+aes_cbc_nist_decrypt(aes_cbc_ctx_t *c,
+ unsigned char *data,
+ unsigned int *bytes_in_data);
+
+#endif /* AES_CBC_H */
+
diff --git a/srtp/crypto/include/aes_icm.h b/srtp/crypto/include/aes_icm.h
new file mode 100644
index 0000000..17a1ddb
--- /dev/null
+++ b/srtp/crypto/include/aes_icm.h
@@ -0,0 +1,56 @@
+/*
+ * aes_icm.h
+ *
+ * Header for AES Integer Counter Mode.
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ */
+
+#ifndef AES_ICM_H
+#define AES_ICM_H
+
+#include "aes.h"
+#include "cipher.h"
+
+typedef struct {
+ v128_t counter; /* holds the counter value */
+ v128_t offset; /* initial offset value */
+ v128_t keystream_buffer; /* buffers bytes of keystream */
+ aes_expanded_key_t expanded_key; /* the cipher key */
+ int bytes_in_buffer; /* number of unused bytes in buffer */
+} aes_icm_ctx_t;
+
+
+err_status_t
+aes_icm_context_init(aes_icm_ctx_t *c,
+ const unsigned char *key);
+
+err_status_t
+aes_icm_set_iv(aes_icm_ctx_t *c, void *iv);
+
+err_status_t
+aes_icm_encrypt(aes_icm_ctx_t *c,
+ unsigned char *buf, unsigned int *bytes_to_encr);
+
+err_status_t
+aes_icm_output(aes_icm_ctx_t *c,
+ unsigned char *buf, int bytes_to_output);
+
+err_status_t
+aes_icm_dealloc(cipher_t *c);
+
+err_status_t
+aes_icm_encrypt_ismacryp(aes_icm_ctx_t *c,
+ unsigned char *buf,
+ unsigned int *enc_len,
+ int forIsmacryp);
+
+err_status_t
+aes_icm_alloc_ismacryp(cipher_t **c,
+ int key_len,
+ int forIsmacryp);
+
+#endif /* AES_ICM_H */
+
diff --git a/srtp/crypto/include/alloc.h b/srtp/crypto/include/alloc.h
new file mode 100644
index 0000000..5980eed
--- /dev/null
+++ b/srtp/crypto/include/alloc.h
@@ -0,0 +1,57 @@
+/*
+ * alloc.h
+ *
+ * interface to memory allocation and deallocation, with optional debugging
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef CRYPTO_ALLOC_H
+#define CRYPTO_ALLOC_H
+
+#include "datatypes.h"
+
+void *
+crypto_alloc(size_t size);
+
+void
+crypto_free(void *ptr);
+
+#endif /* CRYPTO_ALLOC_H */
diff --git a/srtp/crypto/include/auth.h b/srtp/crypto/include/auth.h
new file mode 100644
index 0000000..295b5f6
--- /dev/null
+++ b/srtp/crypto/include/auth.h
@@ -0,0 +1,159 @@
+/*
+ * auth.h
+ *
+ * common interface to authentication functions
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef AUTH_H
+#define AUTH_H
+
+#include "datatypes.h"
+#include "err.h" /* error codes */
+
+typedef struct auth_type_t *auth_type_pointer;
+typedef struct auth_t *auth_pointer_t;
+
+typedef err_status_t (*auth_alloc_func)
+ (auth_pointer_t *ap, int key_len, int out_len);
+
+typedef err_status_t (*auth_init_func)
+ (void *state, const uint8_t *key, int key_len);
+
+typedef err_status_t (*auth_dealloc_func)(auth_pointer_t ap);
+
+typedef err_status_t (*auth_compute_func)
+ (void *state, uint8_t *buffer, int octets_to_auth,
+ int tag_len, uint8_t *tag);
+
+typedef err_status_t (*auth_update_func)
+ (void *state, uint8_t *buffer, int octets_to_auth);
+
+typedef err_status_t (*auth_start_func)(void *state);
+
+/* some syntactic sugar on these function types */
+
+#define auth_type_alloc(at, a, klen, outlen) \
+ ((at)->alloc((a), (klen), (outlen)))
+
+#define auth_init(a, key) \
+ (((a)->type)->init((a)->state, (key), ((a)->key_len)))
+
+#define auth_compute(a, buf, len, res) \
+ (((a)->type)->compute((a)->state, (buf), (len), (a)->out_len, (res)))
+
+#define auth_update(a, buf, len) \
+ (((a)->type)->update((a)->state, (buf), (len)))
+
+#define auth_start(a)(((a)->type)->start((a)->state))
+
+#define auth_dealloc(c) (((c)->type)->dealloc(c))
+
+/* functions to get information about a particular auth_t */
+
+int
+auth_get_key_length(const struct auth_t *a);
+
+int
+auth_get_tag_length(const struct auth_t *a);
+
+int
+auth_get_prefix_length(const struct auth_t *a);
+
+/*
+ * auth_test_case_t is a (list of) key/message/tag values that are
+ * known to be correct for a particular cipher. this data can be used
+ * to test an implementation in an on-the-fly self test of the
+ * correcness of the implementation. (see the auth_type_self_test()
+ * function below)
+ */
+
+typedef struct auth_test_case_t {
+ int key_length_octets; /* octets in key */
+ uint8_t *key; /* key */
+ int data_length_octets; /* octets in data */
+ uint8_t *data; /* data */
+ int tag_length_octets; /* octets in tag */
+ uint8_t *tag; /* tag */
+ struct auth_test_case_t *next_test_case; /* pointer to next testcase */
+} auth_test_case_t;
+
+/* auth_type_t */
+
+typedef struct auth_type_t {
+ auth_alloc_func alloc;
+ auth_dealloc_func dealloc;
+ auth_init_func init;
+ auth_compute_func compute;
+ auth_update_func update;
+ auth_start_func start;
+ char *description;
+ int ref_count;
+ auth_test_case_t *test_data;
+ debug_module_t *debug;
+} auth_type_t;
+
+typedef struct auth_t {
+ auth_type_t *type;
+ void *state;
+ int out_len; /* length of output tag in octets */
+ int key_len; /* length of key in octets */
+ int prefix_len; /* length of keystream prefix */
+} auth_t;
+
+/*
+ * auth_type_self_test() tests an auth_type against test cases
+ * provided in an array of values of key/message/tag that is known to
+ * be good
+ */
+
+err_status_t
+auth_type_self_test(const auth_type_t *at);
+
+/*
+ * auth_type_get_ref_count(at) returns the reference count (the number
+ * of instantiations) of the auth_type_t at
+ */
+
+int
+auth_type_get_ref_count(const auth_type_t *at);
+
+#endif /* AUTH_H */
diff --git a/srtp/crypto/include/cipher.h b/srtp/crypto/include/cipher.h
new file mode 100644
index 0000000..96ee9dc
--- /dev/null
+++ b/srtp/crypto/include/cipher.h
@@ -0,0 +1,218 @@
+/*
+ * cipher.h
+ *
+ * common interface to ciphers
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef CIPHER_H
+#define CIPHER_H
+
+#include "datatypes.h"
+#include "rdbx.h" /* for xtd_seq_num_t */
+#include "err.h" /* for error codes */
+
+
+/**
+ * @brief cipher_direction_t defines a particular cipher operation.
+ *
+ * A cipher_direction_t is an enum that describes a particular cipher
+ * operation, i.e. encryption or decryption. For some ciphers, this
+ * distinction does not matter, but for others, it is essential.
+ */
+
+typedef enum {
+ direction_encrypt, /**< encryption (convert plaintext to ciphertext) */
+ direction_decrypt, /**< decryption (convert ciphertext to plaintext) */
+ direction_any /**< encryption or decryption */
+} cipher_direction_t;
+
+/*
+ * the cipher_pointer and cipher_type_pointer definitions are needed
+ * as cipher_t and cipher_type_t are not yet defined
+ */
+
+typedef struct cipher_type_t *cipher_type_pointer_t;
+typedef struct cipher_t *cipher_pointer_t;
+
+/*
+ * a cipher_alloc_func_t allocates (but does not initialize) a cipher_t
+ */
+
+typedef err_status_t (*cipher_alloc_func_t)
+ (cipher_pointer_t *cp, int key_len);
+
+/*
+ * a cipher_init_func_t [re-]initializes a cipher_t with a given key
+ * and direction (i.e., encrypt or decrypt)
+ */
+
+typedef err_status_t (*cipher_init_func_t)
+ (void *state, const uint8_t *key, cipher_direction_t dir);
+
+/* a cipher_dealloc_func_t de-allocates a cipher_t */
+
+typedef err_status_t (*cipher_dealloc_func_t)(cipher_pointer_t cp);
+
+/* a cipher_set_segment_func_t sets the segment index of a cipher_t */
+
+typedef err_status_t (*cipher_set_segment_func_t)
+ (void *state, xtd_seq_num_t idx);
+
+/* a cipher_encrypt_func_t encrypts data in-place */
+
+typedef err_status_t (*cipher_encrypt_func_t)
+ (void *state, uint8_t *buffer, unsigned int *octets_to_encrypt);
+
+/* a cipher_decrypt_func_t decrypts data in-place */
+
+typedef err_status_t (*cipher_decrypt_func_t)
+ (void *state, uint8_t *buffer, unsigned int *octets_to_decrypt);
+
+/*
+ * a cipher_set_nonce_seq_func_t function sets both the nonce
+ * and the extended sequence number
+ */
+
+typedef err_status_t (*cipher_set_iv_func_t)
+ (cipher_pointer_t cp, void *iv);
+
+/*
+ * cipher_test_case_t is a (list of) key, salt, xtd_seq_num_t,
+ * plaintext, and ciphertext values that are known to be correct for a
+ * particular cipher. this data can be used to test an implementation
+ * in an on-the-fly self test of the correcness of the implementation.
+ * (see the cipher_type_self_test() function below)
+ */
+
+typedef struct cipher_test_case_t {
+ int key_length_octets; /* octets in key */
+ uint8_t *key; /* key */
+ uint8_t *idx; /* packet index */
+ int plaintext_length_octets; /* octets in plaintext */
+ uint8_t *plaintext; /* plaintext */
+ int ciphertext_length_octets; /* octets in plaintext */
+ uint8_t *ciphertext; /* ciphertext */
+ struct cipher_test_case_t *next_test_case; /* pointer to next testcase */
+} cipher_test_case_t;
+
+/* cipher_type_t defines the 'metadata' for a particular cipher type */
+
+typedef struct cipher_type_t {
+ cipher_alloc_func_t alloc;
+ cipher_dealloc_func_t dealloc;
+ cipher_init_func_t init;
+ cipher_encrypt_func_t encrypt;
+ cipher_encrypt_func_t decrypt;
+ cipher_set_iv_func_t set_iv;
+ char *description;
+ int ref_count;
+ cipher_test_case_t *test_data;
+ debug_module_t *debug;
+} cipher_type_t;
+
+/*
+ * cipher_t defines an instantiation of a particular cipher, with fixed
+ * key length, key and salt values
+ */
+
+typedef struct cipher_t {
+ cipher_type_t *type;
+ void *state;
+ int key_len;
+#ifdef FORCE_64BIT_ALIGN
+ int pad;
+#endif
+} cipher_t;
+
+/* some syntactic sugar on these function types */
+
+#define cipher_type_alloc(ct, c, klen) ((ct)->alloc((c), (klen)))
+
+#define cipher_dealloc(c) (((c)->type)->dealloc(c))
+
+#define cipher_init(c, k, dir) (((c)->type)->init(((c)->state), (k), (dir)))
+
+#define cipher_encrypt(c, buf, len) \
+ (((c)->type)->encrypt(((c)->state), (buf), (len)))
+
+#define cipher_decrypt(c, buf, len) \
+ (((c)->type)->decrypt(((c)->state), (buf), (len)))
+
+#define cipher_set_iv(c, n) \
+ ((c) ? (((c)->type)->set_iv(((cipher_pointer_t)(c)->state), (n))) : \
+ err_status_no_such_op)
+
+err_status_t
+cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output);
+
+
+/* some bookkeeping functions */
+
+int
+cipher_get_key_length(const cipher_t *c);
+
+
+/*
+ * cipher_type_self_test() tests a cipher against test cases provided in
+ * an array of values of key/xtd_seq_num_t/plaintext/ciphertext
+ * that is known to be good
+ */
+
+err_status_t
+cipher_type_self_test(const cipher_type_t *ct);
+
+
+/*
+ * cipher_bits_per_second(c, l, t) computes (and estimate of) the
+ * number of bits that a cipher implementation can encrypt in a second
+ *
+ * c is a cipher (which MUST be allocated and initialized already), l
+ * is the length in octets of the test data to be encrypted, and t is
+ * the number of trials
+ *
+ * if an error is encountered, then the value 0 is returned
+ */
+
+uint64_t
+cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials);
+
+#endif /* CIPHER_H */
diff --git a/srtp/crypto/include/config.h b/srtp/crypto/include/config.h
new file mode 100644
index 0000000..bf039d9
--- /dev/null
+++ b/srtp/crypto/include/config.h
@@ -0,0 +1,171 @@
+/* crypto/include/config.h. Generated by configure. */
+/* config_in.h. Generated from configure.in by autoheader. */
+
+/* Define if building for a CISC machine (e.g. Intel). */
+#define CPU_CISC 1
+
+/* Define if building for a RISC machine (assume slow byte access). */
+/* #undef CPU_RISC */
+
+/* Path to random device */
+#define DEV_URANDOM "/dev/urandom"
+
+/* Define to compile in dynamic debugging system. */
+#define ENABLE_DEBUGGING 1
+
+/* Report errors to this file. */
+/* #undef ERR_REPORTING_FILE */
+
+/* Define to use logging to stdout. */
+#define ERR_REPORTING_STDOUT 1
+
+/* Define this to use ISMAcryp code. */
+/* #undef GENERIC_AESICM */
+
+/* Define to 1 if you have the <arpa/inet.h> header file. */
+#define HAVE_ARPA_INET_H 1
+
+/* Define to 1 if you have the <byteswap.h> header file. */
+#define HAVE_BYTESWAP_H 1
+
+/* Define to 1 if you have the `inet_aton' function. */
+#define HAVE_INET_ATON 1
+
+/* Define to 1 if the system has the type `int16_t'. */
+#define HAVE_INT16_T 1
+
+/* Define to 1 if the system has the type `int32_t'. */
+#define HAVE_INT32_T 1
+
+/* Define to 1 if the system has the type `int8_t'. */
+#define HAVE_INT8_T 1
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#define HAVE_INTTYPES_H 1
+
+/* Define to 1 if you have the `socket' library (-lsocket). */
+/* #undef HAVE_LIBSOCKET */
+
+/* Define to 1 if you have the <machine/types.h> header file. */
+/* #undef HAVE_MACHINE_TYPES_H */
+
+/* Define to 1 if you have the <memory.h> header file. */
+#define HAVE_MEMORY_H 1
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+#define HAVE_NETINET_IN_H 1
+
+/* Define to 1 if you have the `socket' function. */
+#define HAVE_SOCKET 1
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#define HAVE_STDINT_H 1
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#define HAVE_STDLIB_H 1
+
+/* Define to 1 if you have the <strings.h> header file. */
+#define HAVE_STRINGS_H 1
+
+/* Define to 1 if you have the <string.h> header file. */
+#define HAVE_STRING_H 1
+
+/* Define to 1 if you have the <syslog.h> header file. */
+#define HAVE_SYSLOG_H 1
+
+/* Define to 1 if you have the <sys/int_types.h> header file. */
+/* #undef HAVE_SYS_INT_TYPES_H */
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+#define HAVE_SYS_SOCKET_H 1
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#define HAVE_SYS_STAT_H 1
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#define HAVE_SYS_TYPES_H 1
+
+/* Define to 1 if you have the <sys/uio.h> header file. */
+#define HAVE_SYS_UIO_H 1
+
+/* Define to 1 if the system has the type `uint16_t'. */
+#define HAVE_UINT16_T 1
+
+/* Define to 1 if the system has the type `uint32_t'. */
+#define HAVE_UINT32_T 1
+
+/* Define to 1 if the system has the type `uint64_t'. */
+#define HAVE_UINT64_T 1
+
+/* Define to 1 if the system has the type `uint8_t'. */
+#define HAVE_UINT8_T 1
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#define HAVE_UNISTD_H 1
+
+/* Define to 1 if you have the `usleep' function. */
+#define HAVE_USLEEP 1
+
+/* Define to 1 if you have the <windows.h> header file. */
+/* #undef HAVE_WINDOWS_H */
+
+/* Define to 1 if you have the <winsock2.h> header file. */
+/* #undef HAVE_WINSOCK2_H */
+
+/* Define to use X86 inlined assembly code */
+#define HAVE_X86 1
+
+/* Define to the address where bug reports for this package should be sent. */
+#define PACKAGE_BUGREPORT ""
+
+/* Define to the full name of this package. */
+#define PACKAGE_NAME ""
+
+/* Define to the full name and version of this package. */
+#define PACKAGE_STRING ""
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME ""
+
+/* Define to the version of this package. */
+#define PACKAGE_VERSION ""
+
+/* The size of a `unsigned long', as computed by sizeof. */
+#define SIZEOF_UNSIGNED_LONG 4
+
+/* The size of a `unsigned long long', as computed by sizeof. */
+#define SIZEOF_UNSIGNED_LONG_LONG 8
+
+/* Define to use GDOI. */
+/* #undef SRTP_GDOI */
+
+/* Define to compile for kernel contexts. */
+/* #undef SRTP_KERNEL */
+
+/* Define to compile for Linux kernel context. */
+/* #undef SRTP_KERNEL_LINUX */
+
+/* Define to 1 if you have the ANSI C header files. */
+#define STDC_HEADERS 1
+
+/* Write errors to this file */
+/* #undef USE_ERR_REPORTING_FILE */
+
+/* Define to use syslog logging. */
+/* #undef USE_SYSLOG */
+
+/* Define to 1 if your processor stores words with the most significant byte
+ first (like Motorola and SPARC, unlike Intel and VAX). */
+/* #undef WORDS_BIGENDIAN */
+
+/* Define to empty if `const' does not conform to ANSI C. */
+/* #undef const */
+
+/* Define to `__inline__' or `__inline' if that's what the C compiler
+ calls it, or to nothing if 'inline' is not supported under any name. */
+#ifndef __cplusplus
+/* #undef inline */
+#endif
+
+/* Define to `unsigned' if <sys/types.h> does not define. */
+/* #undef size_t */
diff --git a/srtp/crypto/include/crypto.h b/srtp/crypto/include/crypto.h
new file mode 100644
index 0000000..0e9667d
--- /dev/null
+++ b/srtp/crypto/include/crypto.h
@@ -0,0 +1,43 @@
+/*
+ * crypto.h
+ *
+ * API for libcrypto
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+#ifndef CRYPTO_H
+#define CRYPTO_H
+
+/**
+ * @brief A cipher_type_id_t is an identifier for a particular cipher
+ * type.
+ *
+ * A cipher_type_id_t is an integer that represents a particular
+ * cipher type, e.g. the Advanced Encryption Standard (AES). A
+ * NULL_CIPHER is avaliable; this cipher leaves the data unchanged,
+ * and can be selected to indicate that no encryption is to take
+ * place.
+ *
+ * @ingroup Ciphers
+ */
+typedef uint32_t cipher_type_id_t;
+
+/**
+ * @brief An auth_type_id_t is an identifier for a particular authentication
+ * function.
+ *
+ * An auth_type_id_t is an integer that represents a particular
+ * authentication function type, e.g. HMAC-SHA1. A NULL_AUTH is
+ * avaliable; this authentication function performs no computation,
+ * and can be selected to indicate that no authentication is to take
+ * place.
+ *
+ * @ingroup Authentication
+ */
+typedef uint32_t auth_type_id_t;
+
+#endif /* CRYPTO_H */
+
+
diff --git a/srtp/crypto/include/crypto_kernel.h b/srtp/crypto/include/crypto_kernel.h
new file mode 100644
index 0000000..b8cd9be
--- /dev/null
+++ b/srtp/crypto/include/crypto_kernel.h
@@ -0,0 +1,258 @@
+/*
+ * crypto_kernel.h
+ *
+ * header for the cryptographic kernel
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef CRYPTO_KERNEL
+#define CRYPTO_KERNEL
+
+#include "rand_source.h"
+#include "prng.h"
+#include "cipher.h"
+#include "auth.h"
+#include "cryptoalg.h"
+#include "stat.h"
+#include "err.h"
+#include "crypto_types.h"
+#include "key.h"
+#include "crypto.h"
+
+/*
+ * crypto_kernel_state_t defines the possible states:
+ *
+ * insecure - not yet initialized
+ * secure - initialized and passed self-tests
+ */
+
+typedef enum {
+ crypto_kernel_state_insecure,
+ crypto_kernel_state_secure
+} crypto_kernel_state_t;
+
+/*
+ * linked list of cipher types
+ */
+
+typedef struct kernel_cipher_type {
+ cipher_type_id_t id;
+ cipher_type_t *cipher_type;
+ struct kernel_cipher_type *next;
+} kernel_cipher_type_t;
+
+/*
+ * linked list of auth types
+ */
+
+typedef struct kernel_auth_type {
+ auth_type_id_t id;
+ auth_type_t *auth_type;
+ struct kernel_auth_type *next;
+} kernel_auth_type_t;
+
+/*
+ * linked list of debug modules
+ */
+
+typedef struct kernel_debug_module {
+ debug_module_t *mod;
+ struct kernel_debug_module *next;
+} kernel_debug_module_t;
+
+
+/*
+ * crypto_kernel_t is the data structure for the crypto kernel
+ *
+ * note that there is *exactly one* instance of this data type,
+ * a global variable defined in crypto_kernel.c
+ */
+
+typedef struct {
+ crypto_kernel_state_t state; /* current state of kernel */
+ kernel_cipher_type_t *cipher_type_list; /* list of all cipher types */
+ kernel_auth_type_t *auth_type_list; /* list of all auth func types */
+ kernel_debug_module_t *debug_module_list; /* list of all debug modules */
+} crypto_kernel_t;
+
+
+/*
+ * crypto_kernel_t external api
+ */
+
+
+/*
+ * The function crypto_kernel_init() initialized the crypto kernel and
+ * runs the self-test operations on the random number generators and
+ * crypto algorithms. Possible return values are:
+ *
+ * err_status_ok initialization successful
+ * <other> init failure
+ *
+ * If any value other than err_status_ok is returned, the
+ * crypto_kernel MUST NOT be used.
+ */
+
+err_status_t
+crypto_kernel_init(void);
+
+
+/*
+ * The function crypto_kernel_shutdown() de-initializes the
+ * crypto_kernel, zeroizes keys and other cryptographic material, and
+ * deallocates any dynamically allocated memory. Possible return
+ * values are:
+ *
+ * err_status_ok shutdown successful
+ * <other> shutdown failure
+ *
+ */
+
+err_status_t
+crypto_kernel_shutdown(void);
+
+/*
+ * The function crypto_kernel_stats() checks the the crypto_kernel,
+ * running tests on the ciphers, auth funcs, and rng, and prints out a
+ * status report. Possible return values are:
+ *
+ * err_status_ok all tests were passed
+ * <other> a test failed
+ *
+ */
+
+err_status_t
+crypto_kernel_status(void);
+
+
+/*
+ * crypto_kernel_list_debug_modules() outputs a list of debugging modules
+ *
+ */
+
+err_status_t
+crypto_kernel_list_debug_modules(void);
+
+/*
+ * crypto_kernel_load_cipher_type()
+ *
+ */
+
+err_status_t
+crypto_kernel_load_cipher_type(cipher_type_t *ct, cipher_type_id_t id);
+
+err_status_t
+crypto_kernel_load_auth_type(auth_type_t *ct, auth_type_id_t id);
+
+err_status_t
+crypto_kernel_load_debug_module(debug_module_t *new_dm);
+
+/*
+ * crypto_kernel_alloc_cipher(id, cp, key_len);
+ *
+ * allocates a cipher of type id at location *cp, with key length
+ * key_len octets. Return values are:
+ *
+ * err_status_ok no problems
+ * err_status_alloc_fail an allocation failure occured
+ * err_status_fail couldn't find cipher with identifier 'id'
+ */
+
+err_status_t
+crypto_kernel_alloc_cipher(cipher_type_id_t id,
+ cipher_pointer_t *cp,
+ int key_len);
+
+/*
+ * crypto_kernel_alloc_auth(id, ap, key_len, tag_len);
+ *
+ * allocates an auth function of type id at location *ap, with key
+ * length key_len octets and output tag length of tag_len. Return
+ * values are:
+ *
+ * err_status_ok no problems
+ * err_status_alloc_fail an allocation failure occured
+ * err_status_fail couldn't find auth with identifier 'id'
+ */
+
+err_status_t
+crypto_kernel_alloc_auth(auth_type_id_t id,
+ auth_pointer_t *ap,
+ int key_len,
+ int tag_len);
+
+
+/*
+ * crypto_kernel_set_debug_module(mod_name, v)
+ *
+ * sets dynamic debugging to the value v (0 for off, 1 for on) for the
+ * debug module with the name mod_name
+ *
+ * returns err_status_ok on success, err_status_fail otherwise
+ */
+
+err_status_t
+crypto_kernel_set_debug_module(char *mod_name, int v);
+
+/**
+ * @brief writes a random octet string.
+ *
+ * The function call crypto_get_random(dest, len) writes len octets of
+ * random data to the location to which dest points, and returns an
+ * error code. This error code @b must be checked, and if a failure is
+ * reported, the data in the buffer @b must @b not be used.
+ *
+ * @warning If the return code is not checked, then non-random
+ * data may be in the buffer. This function will fail
+ * unless it is called after crypto_kernel_init().
+ *
+ * @return
+ * - err_status_ok if no problems occured.
+ * - [other] a problem occured, and no assumptions should
+ * be made about the contents of the destination
+ * buffer.
+ *
+ * @ingroup SRTP
+ */
+err_status_t
+crypto_get_random(unsigned char *buffer, unsigned int length);
+
+#endif /* CRYPTO_KERNEL */
diff --git a/srtp/crypto/include/crypto_math.h b/srtp/crypto/include/crypto_math.h
new file mode 100644
index 0000000..c3e7b76
--- /dev/null
+++ b/srtp/crypto/include/crypto_math.h
@@ -0,0 +1,273 @@
+/*
+ * math.h
+ *
+ * crypto math operations and data types
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef MATH_H
+#define MATH_H
+
+#include "datatypes.h"
+
+unsigned char
+v32_weight(v32_t a);
+
+unsigned char
+v32_distance(v32_t x, v32_t y);
+
+unsigned int
+v32_dot_product(v32_t a, v32_t b);
+
+char *
+v16_bit_string(v16_t x);
+
+char *
+v32_bit_string(v32_t x);
+
+char *
+v64_bit_string(const v64_t *x);
+
+char *
+octet_hex_string(uint8_t x);
+
+char *
+v16_hex_string(v16_t x);
+
+char *
+v32_hex_string(v32_t x);
+
+char *
+v64_hex_string(const v64_t *x);
+
+int
+hex_char_to_nibble(uint8_t c);
+
+int
+is_hex_string(char *s);
+
+v16_t
+hex_string_to_v16(char *s);
+
+v32_t
+hex_string_to_v32(char *s);
+
+v64_t
+hex_string_to_v64(char *s);
+
+/* the matrix A[] is stored in column format, i.e., A[i] is
+ the ith column of the matrix */
+
+uint8_t
+A_times_x_plus_b(uint8_t A[8], uint8_t x, uint8_t b);
+
+void
+v16_copy_octet_string(v16_t *x, const uint8_t s[2]);
+
+void
+v32_copy_octet_string(v32_t *x, const uint8_t s[4]);
+
+void
+v64_copy_octet_string(v64_t *x, const uint8_t s[8]);
+
+void
+v128_add(v128_t *z, v128_t *x, v128_t *y);
+
+int
+octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
+
+void
+octet_string_set_to_zero(uint8_t *s, int len);
+
+
+
+/*
+ * the matrix A[] is stored in column format, i.e., A[i] is the ith
+ * column of the matrix
+*/
+uint8_t
+A_times_x_plus_b(uint8_t A[8], uint8_t x, uint8_t b);
+
+
+#if 0
+#if WORDS_BIGENDIAN
+
+#define _v128_add(z, x, y) { \
+ uint64_t tmp; \
+ \
+ tmp = x->v32[3] + y->v32[3]; \
+ z->v32[3] = (uint32_t) tmp; \
+ \
+ tmp = x->v32[2] + y->v32[2] + (tmp >> 32); \
+ z->v32[2] = (uint32_t) tmp; \
+ \
+ tmp = x->v32[1] + y->v32[1] + (tmp >> 32); \
+ z->v32[1] = (uint32_t) tmp; \
+ \
+ tmp = x->v32[0] + y->v32[0] + (tmp >> 32); \
+ z->v32[0] = (uint32_t) tmp; \
+}
+
+#else /* assume little endian architecture */
+
+#define _v128_add(z, x, y) { \
+ uint64_t tmp; \
+ \
+ tmp = htonl(x->v32[3]) + htonl(y->v32[3]); \
+ z->v32[3] = ntohl((uint32_t) tmp); \
+ \
+ tmp = htonl(x->v32[2]) + htonl(y->v32[2]) \
+ + htonl(tmp >> 32); \
+ z->v32[2] = ntohl((uint32_t) tmp); \
+ \
+ tmp = htonl(x->v32[1]) + htonl(y->v32[1]) \
+ + htonl(tmp >> 32); \
+ z->v32[1] = ntohl((uint32_t) tmp); \
+ \
+ tmp = htonl(x->v32[0]) + htonl(y->v32[0]) \
+ + htonl(tmp >> 32); \
+ z->v32[0] = ntohl((uint32_t) tmp); \
+}
+
+#endif /* WORDS_BIGENDIAN */
+#endif
+
+#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
+
+#define v128_set_to_zero(z) _v128_set_to_zero(z)
+#define v128_copy(z, x) _v128_copy(z, x)
+#define v128_xor(z, x, y) _v128_xor(z, x, y)
+#define v128_and(z, x, y) _v128_and(z, x, y)
+#define v128_or(z, x, y) _v128_or(z, x, y)
+#define v128_complement(x) _v128_complement(x)
+#define v128_is_eq(x, y) _v128_is_eq(x, y)
+#define v128_xor_eq(x, y) _v128_xor_eq(x, y)
+#define v128_get_bit(x, i) _v128_get_bit(x, i)
+#define v128_set_bit(x, i) _v128_set_bit(x, i)
+#define v128_clear_bit(x, i) _v128_clear_bit(x, i)
+#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y)
+
+#else
+
+void
+v128_set_to_zero(v128_t *x);
+
+int
+v128_is_eq(const v128_t *x, const v128_t *y);
+
+void
+v128_copy(v128_t *x, const v128_t *y);
+
+void
+v128_xor(v128_t *z, v128_t *x, v128_t *y);
+
+void
+v128_and(v128_t *z, v128_t *x, v128_t *y);
+
+void
+v128_or(v128_t *z, v128_t *x, v128_t *y);
+
+void
+v128_complement(v128_t *x);
+
+int
+v128_get_bit(const v128_t *x, int i);
+
+void
+v128_set_bit(v128_t *x, int i) ;
+
+void
+v128_clear_bit(v128_t *x, int i);
+
+void
+v128_set_bit_to(v128_t *x, int i, int y);
+
+#endif /* DATATYPES_USE_MACROS */
+
+/*
+ * octet_string_is_eq(a,b, len) returns 1 if the length len strings a
+ * and b are not equal, returns 0 otherwise
+ */
+
+int
+octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
+
+void
+octet_string_set_to_zero(uint8_t *s, int len);
+
+
+/*
+ * functions manipulating bit_vector_t
+ *
+ * A bitvector_t consists of an array of words and an integer
+ * representing the number of significant bits stored in the array.
+ * The bits are packed as follows: the least significant bit is that
+ * of word[0], while the most significant bit is the nth most
+ * significant bit of word[m], where length = bits_per_word * m + n.
+ *
+ */
+
+#define bits_per_word 32
+#define bytes_per_word 4
+
+typedef struct {
+ uint32_t length;
+ uint32_t *word;
+} bitvector_t;
+
+int
+bitvector_alloc(bitvector_t *v, unsigned long length);
+
+void
+bitvector_set_bit(bitvector_t *v, int bit_index);
+
+int
+bitvector_get_bit(const bitvector_t *v, int bit_index);
+
+int
+bitvector_print_hex(const bitvector_t *v, FILE *stream);
+
+int
+bitvector_set_from_hex(bitvector_t *v, char *string);
+
+#endif /* MATH_H */
+
+
+
diff --git a/srtp/crypto/include/crypto_types.h b/srtp/crypto/include/crypto_types.h
new file mode 100644
index 0000000..0ce50f4
--- /dev/null
+++ b/srtp/crypto/include/crypto_types.h
@@ -0,0 +1,206 @@
+/*
+ * crypto_types.h
+ *
+ * constants for cipher types and auth func types
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef CRYPTO_TYPES_H
+#define CRYPTO_TYPES_H
+
+/**
+ * @defgroup Algos Cryptographic Algorithms
+ *
+ *
+ * This library provides several different cryptographic algorithms,
+ * each of which can be selected by using the cipher_type_id_t and
+ * auth_type_id_t. These algorithms are documented below.
+ *
+ * Authentication functions that use the Universal Security Transform
+ * (UST) must be used in conjunction with a cipher other than the null
+ * cipher. These functions require a per-message pseudorandom input
+ * that is generated by the cipher.
+ *
+ * The identifiers STRONGHOLD_AUTH and STRONGHOLD_CIPHER identify the
+ * strongest available authentication function and cipher,
+ * respectively. They are resolved at compile time to the strongest
+ * available algorithm. The stronghold algorithms can serve as did
+ * the keep of a medieval fortification; they provide the strongest
+ * defense (or the last refuge).
+ *
+ * @{
+ */
+
+/**
+ * @defgroup Ciphers Cipher Types
+ *
+ * @brief Each cipher type is identified by an unsigned integer. The
+ * cipher types available in this edition of libSRTP are given
+ * by the #defines below.
+ *
+ * A cipher_type_id_t is an identifier for a cipher_type; only values
+ * given by the #defines above (or those present in the file
+ * crypto_types.h) should be used.
+ *
+ * The identifier STRONGHOLD_CIPHER indicates the strongest available
+ * cipher, allowing an application to choose the strongest available
+ * algorithm without any advance knowledge about the avaliable
+ * algorithms.
+ *
+ * @{
+ */
+
+/**
+ * @brief The null cipher performs no encryption.
+ *
+ * The NULL_CIPHER leaves its inputs unaltered, during both the
+ * encryption and decryption operations. This cipher can be chosen
+ * to indicate that no encryption is to be performed.
+ */
+#define NULL_CIPHER 0
+
+/**
+ * @brief AES-128 Integer Counter Mode (AES ICM)
+ *
+ * AES-128 ICM is the variant of counter mode that is used by Secure RTP.
+ * This cipher uses a 16-octet key and a 30-octet offset (or salt) value.
+ */
+#define AES_128_ICM 1
+
+/**
+ * @brief SEAL 3.0
+ *
+ * SEAL is the Software-Optimized Encryption Algorithm of Coppersmith
+ * and Rogaway. Nota bene: this cipher is IBM proprietary.
+ */
+#define SEAL 2
+
+/**
+ * @brief AES-128 Integer Counter Mode (AES ICM)
+ *
+ * AES-128 ICM is the variant of counter mode that is used by Secure RTP.
+ * This cipher uses a 16-octet key and a 30-octet offset (or salt) value.
+ */
+#define AES_128_CBC 3
+
+/**
+ * @brief Strongest available cipher.
+ *
+ * This identifier resolves to the strongest cipher type available.
+ */
+#define STRONGHOLD_CIPHER AES_128_ICM
+
+/**
+ * @}
+ */
+
+
+
+/**
+ * @defgroup Authentication Authentication Function Types
+ *
+ * @brief Each authentication function type is identified by an
+ * unsigned integer. The authentication function types available in
+ * this edition of libSRTP are given by the #defines below.
+ *
+ * An auth_type_id_t is an identifier for an authentication function type;
+ * only values given by the #defines above (or those present in the
+ * file crypto_types.h) should be used.
+ *
+ * The identifier STRONGHOLD_AUTH indicates the strongest available
+ * authentication function, allowing an application to choose the
+ * strongest available algorithm without any advance knowledge about
+ * the avaliable algorithms. The stronghold algorithms can serve as
+ * did the keep of a medieval fortification; they provide the
+ * strongest defense (or the last refuge).
+ *
+ * @{
+ */
+
+/**
+ * @brief The null authentication function performs no authentication.
+ *
+ * The NULL_AUTH function does nothing, and can be selected to indicate
+ * that authentication should not be performed.
+ */
+#define NULL_AUTH 0
+
+/**
+ * @brief UST with TMMH Version 2
+ *
+ * UST_TMMHv2 implements the Truncated Multi-Modular Hash using
+ * UST. This function must be used in conjunction with a cipher other
+ * than the null cipher.
+ * with a cipher.
+ */
+#define UST_TMMHv2 1
+
+/**
+ * @brief (UST) AES-128 XORMAC
+ *
+ * UST_AES_128_XMAC implements AES-128 XORMAC, using UST. Nota bene:
+ * the XORMAC algorithm is IBM proprietary.
+ */
+#define UST_AES_128_XMAC 2
+
+/**
+ * @brief HMAC-SHA1
+ *
+ * HMAC_SHA1 implements the Hash-based MAC using the NIST Secure
+ * Hash Algorithm version 1 (SHA1).
+ */
+#define HMAC_SHA1 3
+
+/**
+ * @brief Strongest available authentication function.
+ *
+ * This identifier resolves to the strongest available authentication
+ * function.
+ */
+#define STRONGHOLD_AUTH HMAC_SHA1
+
+/**
+ * @}
+ */
+/**
+ * @}
+ */
+
+#endif /* CRYPTO_TYPES_H */
diff --git a/srtp/crypto/include/cryptoalg.h b/srtp/crypto/include/cryptoalg.h
new file mode 100644
index 0000000..d9f0441
--- /dev/null
+++ b/srtp/crypto/include/cryptoalg.h
@@ -0,0 +1,133 @@
+/*
+ * cryptoalg.h
+ *
+ * API for authenticated encryption crypto algorithms
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef CRYPTOALG_H
+#define CRYPTOALG_H
+
+#include "err.h"
+
+/**
+ * @defgroup Crypto Cryptography
+ *
+ * Zed uses a simple interface to a cryptographic transform.
+ *
+ * @{
+ */
+
+/**
+ * @brief applies a crypto algorithm
+ *
+ * The function pointer cryptoalg_func_t points to a function that
+ * implements a crypto transform, and provides a uniform API for
+ * accessing crypto mechanisms.
+ *
+ * @param key location of secret key
+ *
+ * @param clear data to be authenticated but not encrypted
+ *
+ * @param clear_len length of data to be authenticated but not encrypted
+ *
+ * @param iv location to write the Initialization Vector (IV)
+ *
+ * @param protect location of the data to be encrypted and
+ * authenticated (before the function call), and the ciphertext
+ * and authentication tag (after the call)
+ *
+ * @param protected_len location of the length of the data to be
+ * encrypted and authenticated (before the function call), and the
+ * length of the ciphertext (after the call)
+ *
+ */
+
+typedef err_status_t (*cryptoalg_func_t)
+ (void *key,
+ const void *clear,
+ unsigned clear_len,
+ void *iv,
+ void *protect,
+ unsigned *protected_len);
+
+typedef
+err_status_t (*cryptoalg_inv_t)
+ (void *key, /* location of secret key */
+ const void *clear, /* data to be authenticated only */
+ unsigned clear_len, /* length of data to be authenticated only */
+ void *iv, /* location of iv */
+ void *opaque, /* data to be decrypted and authenticated */
+ unsigned *opaque_len /* location of the length of data to be
+ * decrypted and authd (before and after)
+ */
+ );
+
+typedef struct cryptoalg_ctx_t {
+ cryptoalg_func_t enc;
+ cryptoalg_inv_t dec;
+ unsigned key_len;
+ unsigned iv_len;
+ unsigned auth_tag_len;
+ unsigned max_expansion;
+} cryptoalg_ctx_t;
+
+typedef cryptoalg_ctx_t *cryptoalg_t;
+
+#define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len)
+
+#define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len)
+
+#define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len)
+
+int
+cryptoalg_get_id(cryptoalg_t c);
+
+cryptoalg_t
+cryptoalg_find_by_id(int id);
+
+
+/**
+ * @}
+ */
+
+#endif /* CRYPTOALG_H */
+
+
diff --git a/srtp/crypto/include/datatypes.h b/srtp/crypto/include/datatypes.h
new file mode 100644
index 0000000..4f86b55
--- /dev/null
+++ b/srtp/crypto/include/datatypes.h
@@ -0,0 +1,427 @@
+/*
+ * datatypes.h
+ *
+ * data types for bit vectors and finite fields
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef _DATATYPES_H
+#define _DATATYPES_H
+
+#include "integers.h" /* definitions of uint32_t, et cetera */
+#include "alloc.h"
+
+#include <stdarg.h>
+
+#ifndef SRTP_KERNEL
+# include <stdio.h>
+# include <string.h>
+# include <time.h>
+# ifdef HAVE_NETINET_IN_H
+# include <netinet/in.h>
+# elif defined HAVE_WINSOCK2_H
+# include <winsock2.h>
+# endif
+#endif
+
+
+/* if DATATYPES_USE_MACROS is defined, then little functions are macros */
+#define DATATYPES_USE_MACROS
+
+typedef union {
+ uint8_t v8[2];
+ uint16_t value;
+} v16_t;
+
+typedef union {
+ uint8_t v8[4];
+ uint16_t v16[2];
+ uint32_t value;
+} v32_t;
+
+typedef union {
+ uint8_t v8[8];
+ uint16_t v16[4];
+ uint32_t v32[2];
+ uint64_t value;
+} v64_t;
+
+typedef union {
+ uint8_t v8[16];
+ uint16_t v16[8];
+ uint32_t v32[4];
+ uint64_t v64[2];
+} v128_t;
+
+
+
+/* some useful and simple math functions */
+
+#define pow_2(X) ( (unsigned int)1 << (X) ) /* 2^X */
+
+#define pow_minus_one(X) ( (X) ? -1 : 1 ) /* (-1)^X */
+
+
+/*
+ * octet_get_weight(x) returns the hamming weight (number of bits equal to
+ * one) in the octet x
+ */
+
+int
+octet_get_weight(uint8_t octet);
+
+char *
+octet_bit_string(uint8_t x);
+
+#define MAX_PRINT_STRING_LEN 1024
+
+char *
+octet_string_hex_string(const void *str, int length);
+
+char *
+v128_bit_string(v128_t *x);
+
+char *
+v128_hex_string(v128_t *x);
+
+uint8_t
+nibble_to_hex_char(uint8_t nibble);
+
+char *
+char_to_hex_string(char *x, int num_char);
+
+uint8_t
+hex_string_to_octet(char *s);
+
+/*
+ * hex_string_to_octet_string(raw, hex, len) converts the hexadecimal
+ * string at *hex (of length len octets) to the equivalent raw data
+ * and writes it to *raw.
+ *
+ * if a character in the hex string that is not a hexadeciaml digit
+ * (0123456789abcdefABCDEF) is encountered, the function stops writing
+ * data to *raw
+ *
+ * the number of hex digits copied (which is two times the number of
+ * octets in *raw) is returned
+ */
+
+int
+hex_string_to_octet_string(char *raw, char *hex, int len);
+
+v128_t
+hex_string_to_v128(char *s);
+
+void
+v128_copy_octet_string(v128_t *x, const uint8_t s[16]);
+
+void
+v128_left_shift(v128_t *x, int index);
+
+void
+v128_right_shift(v128_t *x, int index);
+
+/*
+ * the following macros define the data manipulation functions
+ *
+ * If DATATYPES_USE_MACROS is defined, then these macros are used
+ * directly (and function call overhead is avoided). Otherwise,
+ * the macros are used through the functions defined in datatypes.c
+ * (and the compiler provides better warnings).
+ */
+
+#define _v128_set_to_zero(x) \
+( \
+ (x)->v32[0] = 0, \
+ (x)->v32[1] = 0, \
+ (x)->v32[2] = 0, \
+ (x)->v32[3] = 0 \
+)
+
+#define _v128_copy(x, y) \
+( \
+ (x)->v32[0] = (y)->v32[0], \
+ (x)->v32[1] = (y)->v32[1], \
+ (x)->v32[2] = (y)->v32[2], \
+ (x)->v32[3] = (y)->v32[3] \
+)
+
+#define _v128_xor(z, x, y) \
+( \
+ (z)->v32[0] = (x)->v32[0] ^ (y)->v32[0], \
+ (z)->v32[1] = (x)->v32[1] ^ (y)->v32[1], \
+ (z)->v32[2] = (x)->v32[2] ^ (y)->v32[2], \
+ (z)->v32[3] = (x)->v32[3] ^ (y)->v32[3] \
+)
+
+#define _v128_and(z, x, y) \
+( \
+ (z)->v32[0] = (x)->v32[0] & (y)->v32[0], \
+ (z)->v32[1] = (x)->v32[1] & (y)->v32[1], \
+ (z)->v32[2] = (x)->v32[2] & (y)->v32[2], \
+ (z)->v32[3] = (x)->v32[3] & (y)->v32[3] \
+)
+
+#define _v128_or(z, x, y) \
+( \
+ (z)->v32[0] = (x)->v32[0] | (y)->v32[0], \
+ (z)->v32[1] = (x)->v32[1] | (y)->v32[1], \
+ (z)->v32[2] = (x)->v32[2] | (y)->v32[2], \
+ (z)->v32[3] = (x)->v32[3] | (y)->v32[3] \
+)
+
+#define _v128_complement(x) \
+( \
+ (x)->v32[0] = ~(x)->v32[0], \
+ (x)->v32[1] = ~(x)->v32[1], \
+ (x)->v32[2] = ~(x)->v32[2], \
+ (x)->v32[3] = ~(x)->v32[3] \
+)
+
+/* ok for NO_64BIT_MATH if it can compare uint64_t's (even as structures) */
+#define _v128_is_eq(x, y) \
+ (((x)->v64[0] == (y)->v64[0]) && ((x)->v64[1] == (y)->v64[1]))
+
+
+#ifdef NO_64BIT_MATH
+#define _v128_xor_eq(z, x) \
+( \
+ (z)->v32[0] ^= (x)->v32[0], \
+ (z)->v32[1] ^= (x)->v32[1], \
+ (z)->v32[2] ^= (x)->v32[2], \
+ (z)->v32[3] ^= (x)->v32[3] \
+)
+#else
+#define _v128_xor_eq(z, x) \
+( \
+ (z)->v64[0] ^= (x)->v64[0], \
+ (z)->v64[1] ^= (x)->v64[1] \
+)
+#endif
+
+/* NOTE! This assumes an odd ordering! */
+/* This will not be compatible directly with math on some processors */
+/* bit 0 is first 32-bit word, low order bit. in little-endian, that's
+ the first byte of the first 32-bit word. In big-endian, that's
+ the 3rd byte of the first 32-bit word */
+/* The get/set bit code is used by the replay code ONLY, and it doesn't
+ really care which bit is which. AES does care which bit is which, but
+ doesn't use the 128-bit get/set or 128-bit shifts */
+
+#define _v128_get_bit(x, bit) \
+( \
+ ((((x)->v32[(bit) >> 5]) >> ((bit) & 31)) & 1) \
+)
+
+#define _v128_set_bit(x, bit) \
+( \
+ (((x)->v32[(bit) >> 5]) |= ((uint32_t)1 << ((bit) & 31))) \
+)
+
+#define _v128_clear_bit(x, bit) \
+( \
+ (((x)->v32[(bit) >> 5]) &= ~((uint32_t)1 << ((bit) & 31))) \
+)
+
+#define _v128_set_bit_to(x, bit, value) \
+( \
+ (value) ? _v128_set_bit(x, bit) : \
+ _v128_clear_bit(x, bit) \
+)
+
+
+#if 0
+/* nothing uses this */
+#ifdef WORDS_BIGENDIAN
+
+#define _v128_add(z, x, y) { \
+ uint64_t tmp; \
+ \
+ tmp = x->v32[3] + y->v32[3]; \
+ z->v32[3] = (uint32_t) tmp; \
+ \
+ tmp = x->v32[2] + y->v32[2] + (tmp >> 32); \
+ z->v32[2] = (uint32_t) tmp; \
+ \
+ tmp = x->v32[1] + y->v32[1] + (tmp >> 32); \
+ z->v32[1] = (uint32_t) tmp; \
+ \
+ tmp = x->v32[0] + y->v32[0] + (tmp >> 32); \
+ z->v32[0] = (uint32_t) tmp; \
+}
+
+#else /* assume little endian architecture */
+
+#define _v128_add(z, x, y) { \
+ uint64_t tmp; \
+ \
+ tmp = htonl(x->v32[3]) + htonl(y->v32[3]); \
+ z->v32[3] = ntohl((uint32_t) tmp); \
+ \
+ tmp = htonl(x->v32[2]) + htonl(y->v32[2]) \
+ + htonl(tmp >> 32); \
+ z->v32[2] = ntohl((uint32_t) tmp); \
+ \
+ tmp = htonl(x->v32[1]) + htonl(y->v32[1]) \
+ + htonl(tmp >> 32); \
+ z->v32[1] = ntohl((uint32_t) tmp); \
+ \
+ tmp = htonl(x->v32[0]) + htonl(y->v32[0]) \
+ + htonl(tmp >> 32); \
+ z->v32[0] = ntohl((uint32_t) tmp); \
+}
+#endif /* WORDS_BIGENDIAN */
+#endif /* 0 */
+
+
+#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
+
+#define v128_set_to_zero(z) _v128_set_to_zero(z)
+#define v128_copy(z, x) _v128_copy(z, x)
+#define v128_xor(z, x, y) _v128_xor(z, x, y)
+#define v128_and(z, x, y) _v128_and(z, x, y)
+#define v128_or(z, x, y) _v128_or(z, x, y)
+#define v128_complement(x) _v128_complement(x)
+#define v128_is_eq(x, y) _v128_is_eq(x, y)
+#define v128_xor_eq(x, y) _v128_xor_eq(x, y)
+#define v128_get_bit(x, i) _v128_get_bit(x, i)
+#define v128_set_bit(x, i) _v128_set_bit(x, i)
+#define v128_clear_bit(x, i) _v128_clear_bit(x, i)
+#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y)
+
+#else
+
+void
+v128_set_to_zero(v128_t *x);
+
+int
+v128_is_eq(const v128_t *x, const v128_t *y);
+
+void
+v128_copy(v128_t *x, const v128_t *y);
+
+void
+v128_xor(v128_t *z, v128_t *x, v128_t *y);
+
+void
+v128_and(v128_t *z, v128_t *x, v128_t *y);
+
+void
+v128_or(v128_t *z, v128_t *x, v128_t *y);
+
+void
+v128_complement(v128_t *x);
+
+int
+v128_get_bit(const v128_t *x, int i);
+
+void
+v128_set_bit(v128_t *x, int i) ;
+
+void
+v128_clear_bit(v128_t *x, int i);
+
+void
+v128_set_bit_to(v128_t *x, int i, int y);
+
+#endif /* DATATYPES_USE_MACROS */
+
+/*
+ * octet_string_is_eq(a,b, len) returns 1 if the length len strings a
+ * and b are not equal, returns 0 otherwise
+ */
+
+int
+octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
+
+void
+octet_string_set_to_zero(uint8_t *s, int len);
+
+
+#ifndef SRTP_KERNEL_LINUX
+
+/*
+ * Convert big endian integers to CPU byte order.
+ */
+#ifdef WORDS_BIGENDIAN
+/* Nothing to do. */
+# define be32_to_cpu(x) (x)
+# define be64_to_cpu(x) (x)
+#elif defined(HAVE_BYTESWAP_H)
+/* We have (hopefully) optimized versions in byteswap.h */
+# include <byteswap.h>
+# define be32_to_cpu(x) bswap_32((x))
+# define be64_to_cpu(x) bswap_64((x))
+#else
+
+#if defined(__GNUC__) && defined(HAVE_X86)
+/* Fall back. */
+static inline uint32_t be32_to_cpu(uint32_t v) {
+ /* optimized for x86. */
+ asm("bswap %0" : "=r" (v) : "0" (v));
+ return v;
+}
+# else /* HAVE_X86 */
+# ifdef HAVE_NETINET_IN_H
+# include <netinet/in.h>
+# elif defined HAVE_WINSOCK2_H
+# include <winsock2.h>
+# endif
+# define be32_to_cpu(x) ntohl((x))
+# endif /* HAVE_X86 */
+
+static inline uint64_t be64_to_cpu(uint64_t v) {
+# ifdef NO_64BIT_MATH
+ /* use the make64 functions to do 64-bit math */
+ v = make64(htonl(low32(v)),htonl(high32(v)));
+# else
+ /* use the native 64-bit math */
+ v= (uint64_t)((be32_to_cpu((uint32_t)(v >> 32))) | (((uint64_t)be32_to_cpu((uint32_t)v)) << 32));
+# endif
+ return v;
+}
+
+#endif /* ! SRTP_KERNEL_LINUX */
+
+#endif /* WORDS_BIGENDIAN */
+
+#endif /* _DATATYPES_H */
diff --git a/srtp/crypto/include/err.h b/srtp/crypto/include/err.h
new file mode 100644
index 0000000..1a6e170
--- /dev/null
+++ b/srtp/crypto/include/err.h
@@ -0,0 +1,174 @@
+/*
+ * err.h
+ *
+ * error status codes
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef ERR_H
+#define ERR_H
+
+#include "datatypes.h"
+
+/**
+ * @defgroup Error Error Codes
+ *
+ * Error status codes are represented by the enumeration err_status_t.
+ *
+ * @{
+ */
+
+
+/*
+ * @brief err_status_t defines error codes.
+ *
+ * The enumeration err_status_t defines error codes. Note that the
+ * value of err_status_ok is equal to zero, which can simplify error
+ * checking somewhat.
+ *
+ */
+typedef enum {
+ err_status_ok = 0, /**< nothing to report */
+ err_status_fail = 1, /**< unspecified failure */
+ err_status_bad_param = 2, /**< unsupported parameter */
+ err_status_alloc_fail = 3, /**< couldn't allocate memory */
+ err_status_dealloc_fail = 4, /**< couldn't deallocate properly */
+ err_status_init_fail = 5, /**< couldn't initialize */
+ err_status_terminus = 6, /**< can't process as much data as requested */
+ err_status_auth_fail = 7, /**< authentication failure */
+ err_status_cipher_fail = 8, /**< cipher failure */
+ err_status_replay_fail = 9, /**< replay check failed (bad index) */
+ err_status_replay_old = 10, /**< replay check failed (index too old) */
+ err_status_algo_fail = 11, /**< algorithm failed test routine */
+ err_status_no_such_op = 12, /**< unsupported operation */
+ err_status_no_ctx = 13, /**< no appropriate context found */
+ err_status_cant_check = 14, /**< unable to perform desired validation */
+ err_status_key_expired = 15, /**< can't use key any more */
+ err_status_socket_err = 16, /**< error in use of socket */
+ err_status_signal_err = 17, /**< error in use POSIX signals */
+ err_status_nonce_bad = 18, /**< nonce check failed */
+ err_status_read_fail = 19, /**< couldn't read data */
+ err_status_write_fail = 20, /**< couldn't write data */
+ err_status_parse_err = 21, /**< error pasring data */
+ err_status_encode_err = 22, /**< error encoding data */
+ err_status_semaphore_err = 23,/**< error while using semaphores */
+ err_status_pfkey_err = 24 /**< error while using pfkey */
+} err_status_t;
+
+/**
+ * @}
+ */
+
+typedef enum {
+ err_level_emergency = 0,
+ err_level_alert,
+ err_level_critical,
+ err_level_error,
+ err_level_warning,
+ err_level_notice,
+ err_level_info,
+ err_level_debug,
+ err_level_none
+} err_reporting_level_t;
+
+/*
+ * err_reporting_init prepares the error system. If
+ * ERR_REPORTING_SYSLOG is defined, it will open syslog.
+ *
+ * The ident argument is a string that will be prepended to
+ * all syslog messages. It is conventionally argv[0].
+ */
+
+err_status_t
+err_reporting_init(char *ident);
+
+#ifdef SRTP_KERNEL_LINUX
+extern err_reporting_level_t err_level;
+#else
+
+/*
+ * keydaemon_report_error reports a 'printf' formatted error
+ * string, followed by a an arg list. The priority argument
+ * is equivalent to that defined for syslog.
+ *
+ * Errors will be reported to ERR_REPORTING_FILE, if defined, and to
+ * syslog, if ERR_REPORTING_SYSLOG is defined.
+ *
+ */
+
+void
+err_report(int priority, char *format, ...);
+#endif /* ! SRTP_KERNEL_LINUX */
+
+
+/*
+ * debug_module_t defines a debug module
+ */
+
+typedef struct {
+ int on; /* 1 if debugging is on, 0 if it is off */
+ char *name; /* printable name for debug module */
+} debug_module_t;
+
+#ifdef ENABLE_DEBUGGING
+
+#define debug_on(mod) (mod).on = 1
+
+#define debug_off(mod) (mod).on = 0
+
+/* use err_report() to report debug message */
+#define debug_print(mod, format, arg) \
+ if (mod.on) err_report(err_level_debug, ("%s: " format "\n"), mod.name, arg)
+#define debug_print2(mod, format, arg1,arg2) \
+ if (mod.on) err_report(err_level_debug, ("%s: " format "\n"), mod.name, arg1,arg2)
+
+#else
+
+/* define macros to do nothing */
+#define debug_print(mod, format, arg)
+
+#define debug_on(mod)
+
+#define debug_off(mod)
+
+#endif
+
+#endif /* ERR_H */
diff --git a/srtp/crypto/include/gf2_8.h b/srtp/crypto/include/gf2_8.h
new file mode 100644
index 0000000..098d37c
--- /dev/null
+++ b/srtp/crypto/include/gf2_8.h
@@ -0,0 +1,79 @@
+/*
+ * gf2_8.h
+ *
+ * GF(256) implementation
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef GF2_8_H
+#define GF2_8_H
+
+#include "datatypes.h" /* for uint8_t definition */
+
+typedef uint8_t gf2_8;
+
+#define gf2_8_field_polynomial 0x1B
+
+/*
+ * gf2_8_shift(x) returns
+ */
+
+/*
+ * gf2_8_shift(z) returns the result of the GF(2^8) 'multiply by x'
+ * operation, using the field representation from AES; that is, the
+ * next gf2_8 value in the cyclic representation of that field. The
+ * value z should be an uint8_t.
+ */
+
+#define gf2_8_shift(z) (((z) & 128) ? \
+ (((z) << 1) ^ gf2_8_field_polynomial) : ((z) << 1))
+
+gf2_8
+gf2_8_compute_inverse(gf2_8 x);
+
+void
+test_gf2_8(void);
+
+gf2_8
+gf2_8_multiply(gf2_8 x, gf2_8 y);
+
+#endif /* GF2_8_H */
diff --git a/srtp/crypto/include/hmac.h b/srtp/crypto/include/hmac.h
new file mode 100644
index 0000000..262c0e2
--- /dev/null
+++ b/srtp/crypto/include/hmac.h
@@ -0,0 +1,78 @@
+/*
+ * hmac.h
+ *
+ * interface to hmac auth_type_t
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef HMAC_H
+#define HMAC_H
+
+#include "auth.h"
+#include "sha1.h"
+
+typedef struct {
+ uint8_t opad[64];
+ sha1_ctx_t ctx;
+ sha1_ctx_t init_ctx;
+} hmac_ctx_t;
+
+err_status_t
+hmac_alloc(auth_t **a, int key_len, int out_len);
+
+err_status_t
+hmac_dealloc(auth_t *a);
+
+err_status_t
+hmac_init(hmac_ctx_t *state, const uint8_t *key, int key_len);
+
+err_status_t
+hmac_start(hmac_ctx_t *state);
+
+err_status_t
+hmac_update(hmac_ctx_t *state, const uint8_t *message, int msg_octets);
+
+err_status_t
+hmac_compute(hmac_ctx_t *state, const void *message,
+ int msg_octets, int tag_len, uint8_t *result);
+
+
+#endif /* HMAC_H */
diff --git a/srtp/crypto/include/integers.h b/srtp/crypto/include/integers.h
new file mode 100644
index 0000000..7010efd
--- /dev/null
+++ b/srtp/crypto/include/integers.h
@@ -0,0 +1,147 @@
+/*
+ * integers.h
+ *
+ * defines integer types (or refers to their definitions)
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef INTEGERS_H
+#define INTEGERS_H
+
+#include "config.h" /* configuration file, using autoconf */
+
+#ifdef SRTP_KERNEL
+
+#include "kernel_compat.h"
+
+#else /* SRTP_KERNEL */
+
+/* use standard integer definitions, if they're available */
+#ifdef HAVE_STDLIB_H
+# include <stdlib.h>
+#endif
+#ifdef HAVE_STDINT_H
+# include <stdint.h>
+#endif
+#ifdef HAVE_INTTYPES_H
+# include <inttypes.h>
+#endif
+#ifdef HAVE_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_INT_TYPES_H
+# include <sys/int_types.h> /* this exists on Sun OS */
+#endif
+#ifdef HAVE_MACHINE_TYPES_H
+# include <machine/types.h>
+#endif
+
+/* Can we do 64 bit integers? */
+#ifndef HAVE_UINT64_T
+# if SIZEOF_UNSIGNED_LONG == 8
+typedef unsigned long uint64_t;
+# elif SIZEOF_UNSIGNED_LONG_LONG == 8
+typedef unsigned long long uint64_t;
+# else
+# define NO_64BIT_MATH 1
+# endif
+#endif
+
+/* Reasonable defaults for 32 bit machines - you may need to
+ * edit these definitions for your own machine. */
+#ifndef HAVE_UINT8_T
+typedef unsigned char uint8_t;
+#endif
+#ifndef HAVE_UINT16_T
+typedef unsigned short int uint16_t;
+#endif
+#ifndef HAVE_UINT32_T
+typedef unsigned int uint32_t;
+#endif
+
+
+#ifdef NO_64BIT_MATH
+typedef double uint64_t;
+/* assert that sizeof(double) == 8 */
+extern uint64_t make64(uint32_t high, uint32_t low);
+extern uint32_t high32(uint64_t value);
+extern uint32_t low32(uint64_t value);
+#endif
+
+#endif /* SRTP_KERNEL */
+
+/* These macros are to load and store 32-bit values from un-aligned
+ addresses. This is required for processors that do not allow unaligned
+ loads. */
+#ifdef ALIGNMENT_32BIT_REQUIRED
+/* Note that if it's in a variable, you can memcpy it */
+#ifdef WORDS_BIGENDIAN
+#define PUT_32(addr,value) \
+ { \
+ ((unsigned char *) (addr))[0] = (value >> 24); \
+ ((unsigned char *) (addr))[1] = (value >> 16) & 0xff; \
+ ((unsigned char *) (addr))[2] = (value >> 8) & 0xff; \
+ ((unsigned char *) (addr))[3] = (value) & 0xff; \
+ }
+#define GET_32(addr) ((((unsigned char *) (addr))[0] << 24) | \
+ (((unsigned char *) (addr))[1] << 16) | \
+ (((unsigned char *) (addr))[2] << 8) | \
+ (((unsigned char *) (addr))[3]))
+#else
+#define PUT_32(addr,value) \
+ { \
+ ((unsigned char *) (addr))[3] = (value >> 24); \
+ ((unsigned char *) (addr))[2] = (value >> 16) & 0xff; \
+ ((unsigned char *) (addr))[1] = (value >> 8) & 0xff; \
+ ((unsigned char *) (addr))[0] = (value) & 0xff; \
+ }
+#define GET_32(addr) ((((unsigned char *) (addr))[3] << 24) | \
+ (((unsigned char *) (addr))[2] << 16) | \
+ (((unsigned char *) (addr))[1] << 8) | \
+ (((unsigned char *) (addr))[0]))
+#endif // WORDS_BIGENDIAN
+#else
+#define PUT_32(addr,value) *(((uint32_t *) (addr)) = (value)
+#define GET_32(addr) (*(((uint32_t *) (addr)))
+#endif
+
+#endif /* INTEGERS_H */
diff --git a/srtp/crypto/include/kernel_compat.h b/srtp/crypto/include/kernel_compat.h
new file mode 100644
index 0000000..59d1898
--- /dev/null
+++ b/srtp/crypto/include/kernel_compat.h
@@ -0,0 +1,84 @@
+/*
+ * kernel_compat.h
+ *
+ * Compatibility stuff for building in kernel context where standard
+ * C headers and library are not available.
+ *
+ * Marcus Sundberg
+ * Ingate Systems AB
+ */
+/*
+ *
+ * Copyright(c) 2005 Ingate Systems AB
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the author(s) nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef KERNEL_COMPAT_H
+#define KERNEL_COMPAT_H
+
+#ifdef SRTP_KERNEL_LINUX
+
+#include <linux/kernel.h>
+#include <linux/slab.h>
+#include <linux/sched.h>
+#include <linux/random.h>
+#include <linux/byteorder/generic.h>
+
+
+#define err_report(priority, ...) \
+ do {\
+ if (priority <= err_level) {\
+ printk(__VA_ARGS__);\
+ }\
+ }while(0)
+
+#define clock() (jiffies)
+#define time(x) (jiffies)
+
+/* rand() implementation. */
+#define RAND_MAX 32767
+
+static inline int rand(void)
+{
+ uint32_t temp;
+ get_random_bytes(&temp, sizeof(temp));
+ return temp % (RAND_MAX+1);
+}
+
+/* stdio/stdlib implementation. */
+#define printf(...) printk(__VA_ARGS__)
+#define exit(n) panic("%s:%d: exit(%d)\n", __FILE__, __LINE__, (n))
+
+#endif /* SRTP_KERNEL_LINUX */
+
+#endif /* KERNEL_COMPAT_H */
diff --git a/srtp/crypto/include/key.h b/srtp/crypto/include/key.h
new file mode 100644
index 0000000..e7e0744
--- /dev/null
+++ b/srtp/crypto/include/key.h
@@ -0,0 +1,82 @@
+/*
+ * key.h
+ *
+ * key usage limits enforcement
+ *
+ * David A. Mcgrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef KEY_H
+#define KEY_H
+
+#include "rdbx.h" /* for xtd_seq_num_t */
+#include "err.h"
+
+typedef struct key_limit_ctx_t *key_limit_t;
+
+typedef enum {
+ key_event_normal,
+ key_event_soft_limit,
+ key_event_hard_limit
+} key_event_t;
+
+err_status_t
+key_limit_set(key_limit_t key, const xtd_seq_num_t s);
+
+err_status_t
+key_limit_clone(key_limit_t original, key_limit_t *new_key);
+
+err_status_t
+key_limit_check(const key_limit_t key);
+
+key_event_t
+key_limit_update(key_limit_t key);
+
+typedef enum {
+ key_state_normal,
+ key_state_past_soft_limit,
+ key_state_expired
+} key_state_t;
+
+typedef struct key_limit_ctx_t {
+ xtd_seq_num_t num_left;
+ key_state_t state;
+} key_limit_ctx_t;
+
+#endif /* KEY_H */
diff --git a/srtp/crypto/include/null_auth.h b/srtp/crypto/include/null_auth.h
new file mode 100644
index 0000000..44f9a4a
--- /dev/null
+++ b/srtp/crypto/include/null_auth.h
@@ -0,0 +1,68 @@
+/*
+ * null-auth.h
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef NULL_AUTH_H
+#define NULL_AUTH_H
+
+#include "auth.h"
+
+typedef struct {
+ char foo;
+} null_auth_ctx_t;
+
+err_status_t
+null_auth_alloc(auth_t **a, int key_len, int out_len);
+
+err_status_t
+null_auth_dealloc(auth_t *a);
+
+err_status_t
+null_auth_init(null_auth_ctx_t *state, const uint8_t *key, int key_len);
+
+err_status_t
+null_auth_compute (null_auth_ctx_t *state, uint8_t *message,
+ int msg_octets, int tag_len, uint8_t *result);
+
+
+#endif /* NULL_AUTH_H */
diff --git a/srtp/crypto/include/null_cipher.h b/srtp/crypto/include/null_cipher.h
new file mode 100644
index 0000000..7d6bbdd
--- /dev/null
+++ b/srtp/crypto/include/null_cipher.h
@@ -0,0 +1,80 @@
+/*
+ * null-cipher.h
+ *
+ * header file for the null cipher
+ *
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef NULL_CIPHER_H
+#define NULL_CIPHER_H
+
+#include "datatypes.h"
+#include "cipher.h"
+
+typedef struct {
+ char foo ;/* empty, for now */
+} null_cipher_ctx_t;
+
+
+/*
+ * none of these functions do anything (though future versions may keep
+ * track of bytes encrypted, number of instances, and/or other info).
+ */
+
+err_status_t
+null_cipher_init(null_cipher_ctx_t *c, const uint8_t *key);
+
+err_status_t
+null_cipher_set_segment(null_cipher_ctx_t *c,
+ unsigned long index);
+
+err_status_t
+null_cipher_encrypt(null_cipher_ctx_t *c,
+ unsigned char *buf, unsigned int *bytes_to_encr);
+
+
+err_status_t
+null_cipher_encrypt_aligned(null_cipher_ctx_t *c,
+ unsigned char *buf, int bytes_to_encr);
+
+#endif /* NULL_CIPHER_H */
diff --git a/srtp/crypto/include/prng.h b/srtp/crypto/include/prng.h
new file mode 100644
index 0000000..fb96b5e
--- /dev/null
+++ b/srtp/crypto/include/prng.h
@@ -0,0 +1,54 @@
+/*
+ * prng.h
+ *
+ * pseudorandom source
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+#ifndef PRNG_H
+#define PRNG_H
+
+#include "rand_source.h" /* for rand_source_func_t definition */
+#include "aes.h" /* for aes */
+#include "aes_icm.h" /* for aes ctr */
+
+#define MAX_PRNG_OUT_LEN 0xffffffffU
+
+/*
+ * x917_prng is an ANSI X9.17-like AES-based PRNG
+ */
+
+typedef struct {
+ v128_t state; /* state data */
+ aes_expanded_key_t key; /* secret key */
+ uint32_t octet_count; /* number of octets output since last init */
+ rand_source_func_t rand; /* random source for re-initialization */
+} x917_prng_t;
+
+err_status_t
+x917_prng_init(rand_source_func_t random_source);
+
+err_status_t
+x917_prng_get_octet_string(uint8_t *dest, uint32_t len);
+
+
+/*
+ * ctr_prng is an AES-CTR based PRNG
+ */
+
+typedef struct {
+ uint32_t octet_count; /* number of octets output since last init */
+ aes_icm_ctx_t state; /* state data */
+ rand_source_func_t rand; /* random source for re-initialization */
+} ctr_prng_t;
+
+err_status_t
+ctr_prng_init(rand_source_func_t random_source);
+
+err_status_t
+ctr_prng_get_octet_string(void *dest, uint32_t len);
+
+
+#endif
diff --git a/srtp/crypto/include/rand_source.h b/srtp/crypto/include/rand_source.h
new file mode 100644
index 0000000..b4c2110
--- /dev/null
+++ b/srtp/crypto/include/rand_source.h
@@ -0,0 +1,91 @@
+/*
+ * rand_source.h
+ *
+ * implements a random source based on /dev/random
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef RAND_SOURCE
+#define RAND_SOURCE
+
+#include "err.h"
+#include "datatypes.h"
+
+err_status_t
+rand_source_init(void);
+
+/*
+ * rand_source_get_octet_string() writes a random octet string.
+ *
+ * The function call rand_source_get_octet_string(dest, len) writes
+ * len octets of random data to the location to which dest points,
+ * and returns an error code. This error code should be checked,
+ * and if a failure is reported, the data in the buffer MUST NOT
+ * be used.
+ *
+ * warning: If the return code is not checked, then non-random
+ * data may inadvertently be used.
+ *
+ * returns:
+ * - err_status_ok if no problems occured.
+ * - [other] a problem occured, and no assumptions should
+ * be made about the contents of the destination
+ * buffer.
+ */
+
+err_status_t
+rand_source_get_octet_string(void *dest, uint32_t length);
+
+err_status_t
+rand_source_deinit(void);
+
+/*
+ * function prototype for a random source function
+ *
+ * A rand_source_func_t writes num_octets at the location indicated by
+ * dest and returns err_status_ok. Any other return value indicates
+ * failure.
+ */
+
+typedef err_status_t (*rand_source_func_t)
+ (void *dest, uint32_t num_octets);
+
+#endif /* RAND_SOURCE */
diff --git a/srtp/crypto/include/rdb.h b/srtp/crypto/include/rdb.h
new file mode 100644
index 0000000..5a26c5e
--- /dev/null
+++ b/srtp/crypto/include/rdb.h
@@ -0,0 +1,94 @@
+/*
+ * replay-database.h
+ *
+ * interface for a replay database for packet security
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+
+#ifndef REPLAY_DB_H
+#define REPLAY_DB_H
+
+#include "integers.h" /* for uint32_t */
+#include "datatypes.h" /* for v128_t */
+#include "err.h" /* for err_status_t */
+
+/*
+ * if the ith least significant bit is one, then the packet index
+ * window_end-i is in the database
+ */
+
+typedef struct {
+ uint32_t window_start; /* packet index of the first bit in bitmask */
+ v128_t bitmask;
+} rdb_t;
+
+#define rdb_bits_in_bitmask (8*sizeof(v128_t))
+
+/*
+ * rdb init
+ *
+ * initalizes rdb
+ *
+ * returns err_status_ok on success, err_status_t_fail otherwise
+ */
+
+err_status_t
+rdb_init(rdb_t *rdb);
+
+
+/*
+ * rdb_check
+ *
+ * checks to see if index appears in rdb
+ *
+ * returns err_status_fail if the index already appears in rdb,
+ * returns err_status_ok otherwise
+ */
+
+err_status_t
+rdb_check(const rdb_t *rdb, uint32_t index);
+
+/*
+ * rdb_add_index
+ *
+ * adds index to rdb_t (and does *not* check if index appears in db)
+ *
+ * returns err_status_ok on success, err_status_fail otherwise
+ *
+ */
+
+err_status_t
+rdb_add_index(rdb_t *rdb, uint32_t index);
+
+/*
+ * the functions rdb_increment() and rdb_get_value() are for use by
+ * senders, not receivers - DO NOT use these functions on the same
+ * rdb_t upon which rdb_add_index is used!
+ */
+
+
+/*
+ * rdb_increment(db) increments the sequence number in db, if it is
+ * not too high
+ *
+ * return values:
+ *
+ * err_status_ok no problem
+ * err_status_key_expired sequence number too high
+ *
+ */
+err_status_t
+rdb_increment(rdb_t *rdb);
+
+/*
+ * rdb_get_value(db) returns the current sequence number of db
+ */
+
+uint32_t
+rdb_get_value(const rdb_t *rdb);
+
+
+#endif /* REPLAY_DB_H */
diff --git a/srtp/crypto/include/rdbx.h b/srtp/crypto/include/rdbx.h
new file mode 100644
index 0000000..ce9ecf6
--- /dev/null
+++ b/srtp/crypto/include/rdbx.h
@@ -0,0 +1,146 @@
+/*
+ * rdbx.h
+ *
+ * replay database with extended packet indices, using a rollover counter
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ */
+
+#ifndef RDBX_H
+#define RDBX_H
+
+#include "datatypes.h"
+#include "err.h"
+
+/* #define ROC_TEST */
+
+#ifndef ROC_TEST
+
+typedef uint16_t sequence_number_t; /* 16 bit sequence number */
+typedef uint32_t rollover_counter_t; /* 32 bit rollover counter */
+
+#else /* use small seq_num and roc datatypes for testing purposes */
+
+typedef unsigned char sequence_number_t; /* 8 bit sequence number */
+typedef uint16_t rollover_counter_t; /* 16 bit rollover counter */
+
+#endif
+
+#define seq_num_median (1 << (8*sizeof(sequence_number_t) - 1))
+#define seq_num_max (1 << (8*sizeof(sequence_number_t)))
+
+/*
+ * An xtd_seq_num_t is a 64-bit unsigned integer used as an 'extended'
+ * sequence number.
+ */
+
+typedef uint64_t xtd_seq_num_t;
+
+
+/*
+ * An rdbx_t is a replay database with extended range; it uses an
+ * xtd_seq_num_t and a bitmask of recently received indices.
+ */
+
+typedef struct {
+ xtd_seq_num_t index;
+ v128_t bitmask;
+} rdbx_t;
+
+
+/*
+ * rdbx_init(rdbx_ptr)
+ *
+ * initializes the rdbx pointed to by its argument, setting the
+ * rollover counter and sequence number to zero
+ */
+
+err_status_t
+rdbx_init(rdbx_t *rdbx);
+
+
+/*
+ * rdbx_estimate_index(rdbx, guess, s)
+ *
+ * given an rdbx and a sequence number s (from a newly arrived packet),
+ * sets the contents of *guess to contain the best guess of the packet
+ * index to which s corresponds, and returns the difference between
+ * *guess and the locally stored synch info
+ */
+
+int
+rdbx_estimate_index(const rdbx_t *rdbx,
+ xtd_seq_num_t *guess,
+ sequence_number_t s);
+
+/*
+ * rdbx_check(rdbx, delta);
+ *
+ * rdbx_check(&r, delta) checks to see if the xtd_seq_num_t
+ * which is at rdbx->window_start + delta is in the rdb
+ *
+ */
+
+err_status_t
+rdbx_check(const rdbx_t *rdbx, int difference);
+
+/*
+ * replay_add_index(rdbx, delta)
+ *
+ * adds the xtd_seq_num_t at rdbx->window_start + delta to replay_db
+ * (and does *not* check if that xtd_seq_num_t appears in db)
+ *
+ * this function should be called *only* after replay_check has
+ * indicated that the index does not appear in the rdbx, and a mutex
+ * should protect the rdbx between these calls if necessary.
+ */
+
+err_status_t
+rdbx_add_index(rdbx_t *rdbx, int delta);
+
+/*
+ * xtd_seq_num_t functions - these are *internal* functions of rdbx, and
+ * shouldn't be used to manipulate rdbx internal values. use the rdbx
+ * api instead!
+ */
+
+
+/* index_init(&pi) initializes a packet index pi (sets it to zero) */
+
+void
+index_init(xtd_seq_num_t *pi);
+
+/* index_advance(&pi, s) advances a xtd_seq_num_t forward by s */
+
+void
+index_advance(xtd_seq_num_t *pi, sequence_number_t s);
+
+
+/*
+ * index_guess(local, guess, s)
+ *
+ * given a xtd_seq_num_t local (which represents the highest
+ * known-to-be-good index) and a sequence number s (from a newly
+ * arrived packet), sets the contents of *guess to contain the best
+ * guess of the packet index to which s corresponds, and returns the
+ * difference between *guess and *local
+ */
+
+int
+index_guess(const xtd_seq_num_t *local,
+ xtd_seq_num_t *guess,
+ sequence_number_t s);
+
+
+#endif /* RDBX_H */
+
+
+
+
+
+
+
+
+
diff --git a/srtp/crypto/include/sha1.h b/srtp/crypto/include/sha1.h
new file mode 100644
index 0000000..e3af4d4
--- /dev/null
+++ b/srtp/crypto/include/sha1.h
@@ -0,0 +1,108 @@
+/*
+ * sha1.h
+ *
+ * interface to the Secure Hash Algorithm v.1 (SHA-1), specified in
+ * FIPS 180-1
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef SHA1_H
+#define SHA1_H
+
+#include "err.h"
+#include "datatypes.h"
+
+typedef struct {
+ uint32_t H[5]; /* state vector */
+ uint32_t M[16]; /* message buffer */
+ int octets_in_buffer; /* octets of message in buffer */
+ uint32_t num_bits_in_msg; /* total number of bits in message */
+} sha1_ctx_t;
+
+/*
+ * sha1(&ctx, msg, len, output) hashes the len octets starting at msg
+ * into the SHA1 context, then writes the result to the 20 octets at
+ * output
+ *
+ */
+
+void
+sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]);
+
+/*
+ * sha1_init(&ctx) initializes the SHA1 context ctx
+ *
+ * sha1_update(&ctx, msg, len) hashes the len octets starting at msg
+ * into the SHA1 context
+ *
+ * sha1_final(&ctx, output) performs the final processing of the SHA1
+ * context and writes the result to the 20 octets at output
+ *
+ */
+
+void
+sha1_init(sha1_ctx_t *ctx);
+
+void
+sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg);
+
+void
+sha1_final(sha1_ctx_t *ctx, uint32_t output[5]);
+
+/*
+ * The sha1_core function is INTERNAL to SHA-1, but it is declared
+ * here because it is also used by the cipher SEAL 3.0 in its key
+ * setup algorithm.
+ */
+
+/*
+ * sha1_core(M, H) computes the core sha1 compression function, where M is
+ * the next part of the message and H is the intermediate state {H0,
+ * H1, ...}
+ *
+ * this function does not do any of the padding required in the
+ * complete sha1 function
+ */
+
+void
+sha1_core(const uint32_t M[16], uint32_t hash_value[5]);
+
+#endif /* SHA1_H */
diff --git a/srtp/crypto/include/stat.h b/srtp/crypto/include/stat.h
new file mode 100644
index 0000000..e28b131
--- /dev/null
+++ b/srtp/crypto/include/stat.h
@@ -0,0 +1,69 @@
+/*
+ * stats.h
+ *
+ * interface to statistical test functions
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright(c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef STAT_H
+#define STAT_H
+
+#include "datatypes.h" /* for uint8_t */
+#include "err.h" /* for err_status_t */
+#include "rand_source.h" /* for rand_source_func_t definition */
+
+err_status_t
+stat_test_monobit(uint8_t *data);
+
+err_status_t
+stat_test_poker(uint8_t *data);
+
+err_status_t
+stat_test_runs(uint8_t *data);
+
+err_status_t
+stat_test_rand_source(rand_source_func_t rs);
+
+err_status_t
+stat_test_rand_source_with_repetition(rand_source_func_t source, unsigned num_trials);
+
+#endif /* STAT_H */
diff --git a/srtp/crypto/include/xfm.h b/srtp/crypto/include/xfm.h
new file mode 100644
index 0000000..5837149
--- /dev/null
+++ b/srtp/crypto/include/xfm.h
@@ -0,0 +1,139 @@
+/*
+ * xfm.h
+ *
+ * interface for abstract crypto transform
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+#ifndef XFM_H
+#define XFM_H
+
+#include "crypto_kernel.h"
+#include "err.h"
+
+/**
+ * @defgroup Crypto Cryptography
+ *
+ * A simple interface to an abstract cryptographic transform that
+ * provides both confidentiality and message authentication.
+ *
+ * @{
+ */
+
+/**
+ * @brief applies a crypto transform
+ *
+ * The function pointer xfm_func_t points to a function that
+ * implements a crypto transform, and provides a uniform API for
+ * accessing crypto mechanisms.
+ *
+ * @param key location of secret key
+ *
+ * @param clear data to be authenticated only
+ *
+ * @param clear_len length of data to be authenticated only
+ *
+ * @param iv location to write the Initialization Vector (IV)
+ *
+ * @param protect location of the data to be encrypted and
+ * authenticated (before the function call), and the ciphertext
+ * and authentication tag (after the call)
+ *
+ * @param protected_len location of the length of the data to be
+ * encrypted and authenticated (before the function call), and the
+ * length of the ciphertext (after the call)
+ *
+ * @param auth_tag location to write auth tag
+ */
+
+typedef err_status_t (*xfm_func_t)
+ (void *key,
+ void *clear,
+ unsigned clear_len,
+ void *iv,
+ void *protect,
+ unsigned *protected_len,
+ void *auth_tag
+ );
+
+typedef
+err_status_t (*xfm_inv_t)
+ (void *key, /* location of secret key */
+ void *clear, /* data to be authenticated only */
+ unsigned clear_len, /* length of data to be authenticated only */
+ void *iv, /* location of iv */
+ void *opaque, /* data to be decrypted and authenticated */
+ unsigned *opaque_len, /* location of the length of data to be
+ * decrypted and authd (before and after)
+ */
+ void *auth_tag /* location of auth tag */
+ );
+
+typedef struct xfm_ctx_t {
+ xfm_func_t func;
+ xfm_inv_t inv;
+ unsigned key_len;
+ unsigned iv_len;
+ unsigned auth_tag_len;
+} xfm_ctx_t;
+
+typedef xfm_ctx_t *xfm_t;
+
+#define xfm_get_key_len(xfm) ((xfm)->key_len)
+
+#define xfm_get_iv_len(xfm) ((xfm)->iv_len)
+
+#define xfm_get_auth_tag_len(xfm) ((xfm)->auth_tag_len)
+
+
+/* cryptoalgo - 5/28 */
+
+typedef err_status_t (*cryptoalg_func_t)
+ (void *key,
+ void *clear,
+ unsigned clear_len,
+ void *iv,
+ void *opaque,
+ unsigned *opaque_len
+ );
+
+typedef
+err_status_t (*cryptoalg_inv_t)
+ (void *key, /* location of secret key */
+ void *clear, /* data to be authenticated only */
+ unsigned clear_len, /* length of data to be authenticated only */
+ void *iv, /* location of iv */
+ void *opaque, /* data to be decrypted and authenticated */
+ unsigned *opaque_len /* location of the length of data to be
+ * decrypted and authd (before and after)
+ */
+ );
+
+typedef struct cryptoalg_ctx_t {
+ cryptoalg_func_t enc;
+ cryptoalg_inv_t dec;
+ unsigned key_len;
+ unsigned iv_len;
+ unsigned auth_tag_len;
+ unsigned max_expansion;
+} cryptoalg_ctx_t;
+
+typedef cryptoalg_ctx_t *cryptoalg_t;
+
+#define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len)
+
+#define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len)
+
+#define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len)
+
+
+
+/**
+ * @}
+ */
+
+#endif /* XFM_H */
+
+
diff --git a/srtp/crypto/kernel/CVS/Entries b/srtp/crypto/kernel/CVS/Entries
new file mode 100644
index 0000000..90057ec
--- /dev/null
+++ b/srtp/crypto/kernel/CVS/Entries
@@ -0,0 +1,5 @@
+/alloc.c/1.4/Thu Jun 8 17:00:28 2006//
+/crypto_kernel.c/1.7/Tue Jul 11 22:10:31 2006//
+/err.c/1.6/Thu Jun 8 17:00:28 2006//
+/key.c/1.7/Thu Jun 8 17:00:28 2006//
+D
diff --git a/srtp/crypto/kernel/CVS/Repository b/srtp/crypto/kernel/CVS/Repository
new file mode 100644
index 0000000..87ab491
--- /dev/null
+++ b/srtp/crypto/kernel/CVS/Repository
@@ -0,0 +1 @@
+srtp/crypto/kernel
diff --git a/srtp/crypto/kernel/CVS/Root b/srtp/crypto/kernel/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/crypto/kernel/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/crypto/kernel/alloc.c b/srtp/crypto/kernel/alloc.c
new file mode 100644
index 0000000..5dd0947
--- /dev/null
+++ b/srtp/crypto/kernel/alloc.c
@@ -0,0 +1,119 @@
+/*
+ * alloc.c
+ *
+ * memory allocation and deallocation
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "alloc.h"
+#include "crypto_kernel.h"
+
+/* the debug module for memory allocation */
+
+debug_module_t mod_alloc = {
+ 0, /* debugging is off by default */
+ "alloc" /* printable name for module */
+};
+
+/*
+ * Nota bene: the debugging statements for crypto_alloc() and
+ * crypto_free() have identical prefixes, which include the addresses
+ * of the memory locations on which they are operating. This fact can
+ * be used to locate memory leaks, by turning on memory debugging,
+ * grepping for 'alloc', then matching alloc and free calls by
+ * address.
+ */
+
+#ifdef SRTP_KERNEL_LINUX
+
+#include <linux/interrupt.h>
+
+void *
+crypto_alloc(size_t size) {
+ void *ptr;
+
+ ptr = kmalloc(size, in_interrupt() ? GFP_ATOMIC : GFP_KERNEL);
+
+ if (ptr) {
+ debug_print(mod_alloc, "(location: %p) allocated", ptr);
+ } else
+ debug_print(mod_alloc, "allocation failed (asked for %d bytes)\n", size);
+
+ return ptr;
+}
+
+void
+crypto_free(void *ptr) {
+
+ debug_print(mod_alloc, "(location: %p) freed", ptr);
+
+ kfree(ptr);
+}
+
+
+#elif defined(HAVE_STDLIB_H)
+
+void *
+crypto_alloc(size_t size) {
+ void *ptr;
+
+ ptr = malloc(size);
+
+ if (ptr) {
+ debug_print(mod_alloc, "(location: %p) allocated", ptr);
+ } else
+ debug_print(mod_alloc, "allocation failed (asked for %d bytes)\n", size);
+
+ return ptr;
+}
+
+void
+crypto_free(void *ptr) {
+
+ debug_print(mod_alloc, "(location: %p) freed", ptr);
+
+ free(ptr);
+}
+
+#else /* we need to define our own memory allocation routines */
+
+#error no memory allocation defined yet
+
+#endif
diff --git a/srtp/crypto/kernel/crypto_kernel.c b/srtp/crypto/kernel/crypto_kernel.c
new file mode 100644
index 0000000..230dda6
--- /dev/null
+++ b/srtp/crypto/kernel/crypto_kernel.c
@@ -0,0 +1,523 @@
+/*
+ * crypto_kernel.c
+ *
+ * header for the cryptographic kernel
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "alloc.h"
+
+#include "crypto_kernel.h"
+
+/* the debug module for the crypto_kernel */
+
+debug_module_t mod_crypto_kernel = {
+ 0, /* debugging is off by default */
+ "crypto kernel" /* printable name for module */
+};
+
+/*
+ * other debug modules that can be included in the kernel
+ */
+
+extern debug_module_t mod_auth;
+extern debug_module_t mod_cipher;
+extern debug_module_t mod_stat;
+extern debug_module_t mod_alloc;
+
+/*
+ * cipher types that can be included in the kernel
+ */
+
+extern cipher_type_t null_cipher;
+extern cipher_type_t aes_icm;
+extern cipher_type_t aes_cbc;
+
+
+/*
+ * auth func types that can be included in the kernel
+ */
+
+extern auth_type_t null_auth;
+extern auth_type_t hmac;
+
+/* crypto_kernel is a global variable, the only one of its datatype */
+
+crypto_kernel_t
+crypto_kernel = {
+ crypto_kernel_state_insecure, /* start off in insecure state */
+ NULL, /* no cipher types yet */
+ NULL, /* no auth types yet */
+ NULL /* no debug modules yet */
+};
+
+#define MAX_RNG_TRIALS 25
+
+err_status_t
+crypto_kernel_init() {
+ err_status_t status;
+
+ /* check the security state */
+ if (crypto_kernel.state == crypto_kernel_state_secure) {
+
+ /*
+ * we're already in the secure state, but we've been asked to
+ * re-initialize, so we just re-run the self-tests and then return
+ */
+ return crypto_kernel_status();
+ }
+
+ /* initialize error reporting system */
+ status = err_reporting_init("crypto");
+ if (status)
+ return status;
+
+ /* load debug modules */
+ status = crypto_kernel_load_debug_module(&mod_crypto_kernel);
+ if (status)
+ return status;
+ status = crypto_kernel_load_debug_module(&mod_auth);
+ if (status)
+ return status;
+ status = crypto_kernel_load_debug_module(&mod_cipher);
+ if (status)
+ return status;
+ status = crypto_kernel_load_debug_module(&mod_stat);
+ if (status)
+ return status;
+ status = crypto_kernel_load_debug_module(&mod_alloc);
+ if (status)
+ return status;
+
+ /* initialize random number generator */
+ status = rand_source_init();
+ if (status)
+ return status;
+
+ /* run FIPS-140 statistical tests on rand_source */
+ status = stat_test_rand_source_with_repetition(rand_source_get_octet_string, MAX_RNG_TRIALS);
+ if (status)
+ return status;
+
+ /* initialize pseudorandom number generator */
+ status = ctr_prng_init(rand_source_get_octet_string);
+ if (status)
+ return status;
+
+ /* run FIPS-140 statistical tests on ctr_prng */
+ status = stat_test_rand_source_with_repetition(ctr_prng_get_octet_string, MAX_RNG_TRIALS);
+ if (status)
+ return status;
+
+ /* load cipher types */
+ status = crypto_kernel_load_cipher_type(&null_cipher, NULL_CIPHER);
+ if (status)
+ return status;
+ status = crypto_kernel_load_cipher_type(&aes_icm, AES_128_ICM);
+ if (status)
+ return status;
+ status = crypto_kernel_load_cipher_type(&aes_cbc, AES_128_CBC);
+ if (status)
+ return status;
+
+ /* load auth func types */
+ status = crypto_kernel_load_auth_type(&null_auth, NULL_AUTH);
+ if (status)
+ return status;
+ status = crypto_kernel_load_auth_type(&hmac, HMAC_SHA1);
+ if (status)
+ return status;
+
+ /* change state to secure */
+ crypto_kernel.state = crypto_kernel_state_secure;
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_kernel_status() {
+ err_status_t status;
+ kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list;
+ kernel_auth_type_t *atype = crypto_kernel.auth_type_list;
+ kernel_debug_module_t *dm = crypto_kernel.debug_module_list;
+
+ /* run FIPS-140 statistical tests on rand_source */
+ printf("testing rand_source...");
+ status = stat_test_rand_source_with_repetition(rand_source_get_octet_string, MAX_RNG_TRIALS);
+ if (status) {
+ printf("failed\n");
+ crypto_kernel.state = crypto_kernel_state_insecure;
+ return status;
+ }
+ printf("passed\n");
+
+ /* for each cipher type, describe and test */
+ while(ctype != NULL) {
+ printf("cipher: %s\n", ctype->cipher_type->description);
+ printf(" instance count: %d\n", ctype->cipher_type->ref_count);
+ printf(" self-test: ");
+ status = cipher_type_self_test(ctype->cipher_type);
+ if (status) {
+ printf("failed with error code %d\n", status);
+ exit(status);
+ }
+ printf("passed\n");
+ ctype = ctype->next;
+ }
+
+ /* for each auth type, describe and test */
+ while(atype != NULL) {
+ printf("auth func: %s\n", atype->auth_type->description);
+ printf(" instance count: %d\n", atype->auth_type->ref_count);
+ printf(" self-test: ");
+ status = auth_type_self_test(atype->auth_type);
+ if (status) {
+ printf("failed with error code %d\n", status);
+ exit(status);
+ }
+ printf("passed\n");
+ atype = atype->next;
+ }
+
+ /* describe each debug module */
+ printf("debug modules loaded:\n");
+ while (dm != NULL) {
+ printf(" %s ", dm->mod->name);
+ if (dm->mod->on)
+ printf("(on)\n");
+ else
+ printf("(off)\n");
+ dm = dm->next;
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_kernel_list_debug_modules() {
+ kernel_debug_module_t *dm = crypto_kernel.debug_module_list;
+
+ /* describe each debug module */
+ printf("debug modules loaded:\n");
+ while (dm != NULL) {
+ printf(" %s ", dm->mod->name);
+ if (dm->mod->on)
+ printf("(on)\n");
+ else
+ printf("(off)\n");
+ dm = dm->next;
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_kernel_shutdown() {
+ err_status_t status;
+
+ /*
+ * free dynamic memory used in crypto_kernel at present
+ */
+
+ /* walk down cipher type list, freeing memory */
+ while (crypto_kernel.cipher_type_list != NULL) {
+ kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list;
+ crypto_kernel.cipher_type_list = ctype->next;
+ debug_print(mod_crypto_kernel,
+ "freeing memory for cipher %s",
+ ctype->cipher_type->description);
+ crypto_free(ctype);
+ }
+
+ /* walk down authetication module list, freeing memory */
+ while (crypto_kernel.auth_type_list != NULL) {
+ kernel_auth_type_t *atype = crypto_kernel.auth_type_list;
+ crypto_kernel.auth_type_list = atype->next;
+ debug_print(mod_crypto_kernel,
+ "freeing memory for authentication %s",
+ atype->auth_type->description);
+ crypto_free(atype);
+ }
+
+ /* walk down debug module list, freeing memory */
+ while (crypto_kernel.debug_module_list != NULL) {
+ kernel_debug_module_t *kdm = crypto_kernel.debug_module_list;
+ crypto_kernel.debug_module_list = kdm->next;
+ debug_print(mod_crypto_kernel,
+ "freeing memory for debug module %s",
+ kdm->mod->name);
+ crypto_free(kdm);
+ }
+
+ /* de-initialize random number generator */ status = rand_source_deinit();
+ if (status)
+ return status;
+
+ /* return to insecure state */
+ crypto_kernel.state = crypto_kernel_state_insecure;
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_kernel_load_cipher_type(cipher_type_t *new_ct, cipher_type_id_t id) {
+ kernel_cipher_type_t *ctype, *new_ctype;
+ err_status_t status;
+
+ /* defensive coding */
+ if (new_ct == NULL)
+ return err_status_bad_param;
+
+ /* check cipher type by running self-test */
+ status = cipher_type_self_test(new_ct);
+ if (status) {
+ return status;
+ }
+
+ /* walk down list, checking if this type is in the list already */
+ ctype = crypto_kernel.cipher_type_list;
+ while (ctype != NULL) {
+ if ((new_ct == ctype->cipher_type) || (id == ctype->id))
+ return err_status_bad_param;
+ ctype = ctype->next;
+ }
+
+ /* put new_ct at the head of the list */
+ /* allocate memory */
+ new_ctype = (kernel_cipher_type_t *) crypto_alloc(sizeof(kernel_cipher_type_t));
+ if (new_ctype == NULL)
+ return err_status_alloc_fail;
+
+ /* set fields */
+ new_ctype->cipher_type = new_ct;
+ new_ctype->id = id;
+ new_ctype->next = crypto_kernel.cipher_type_list;
+
+ /* set head of list to new cipher type */
+ crypto_kernel.cipher_type_list = new_ctype;
+
+ /* load debug module, if there is one present */
+ if (new_ct->debug != NULL)
+ crypto_kernel_load_debug_module(new_ct->debug);
+ /* we could check for errors here */
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_kernel_load_auth_type(auth_type_t *new_at, auth_type_id_t id) {
+ kernel_auth_type_t *atype, *new_atype;
+ err_status_t status;
+
+ /* defensive coding */
+ if (new_at == NULL)
+ return err_status_bad_param;
+
+ /* check auth type by running self-test */
+ status = auth_type_self_test(new_at);
+ if (status) {
+ return status;
+ }
+
+ /* walk down list, checking if this type is in the list already */
+ atype = crypto_kernel.auth_type_list;
+ while (atype != NULL) {
+ if ((new_at == atype->auth_type) || (id == atype->id))
+ return err_status_bad_param;
+ atype = atype->next;
+ }
+
+ /* put new_at at the head of the list */
+ /* allocate memory */
+ new_atype = (kernel_auth_type_t *)crypto_alloc(sizeof(kernel_auth_type_t));
+ if (new_atype == NULL)
+ return err_status_alloc_fail;
+
+ /* set fields */
+ new_atype->auth_type = new_at;
+ new_atype->id = id;
+ new_atype->next = crypto_kernel.auth_type_list;
+
+ /* set head of list to new auth type */
+ crypto_kernel.auth_type_list = new_atype;
+
+ /* load debug module, if there is one present */
+ if (new_at->debug != NULL)
+ crypto_kernel_load_debug_module(new_at->debug);
+ /* we could check for errors here */
+
+ return err_status_ok;
+
+}
+
+
+cipher_type_t *
+crypto_kernel_get_cipher_type(cipher_type_id_t id) {
+ kernel_cipher_type_t *ctype;
+
+ /* walk down list, looking for id */
+ ctype = crypto_kernel.cipher_type_list;
+ while (ctype != NULL) {
+ if (id == ctype->id)
+ return ctype->cipher_type;
+ ctype = ctype->next;
+ }
+
+ /* haven't found the right one, indicate failure by returning NULL */
+ return NULL;
+}
+
+
+err_status_t
+crypto_kernel_alloc_cipher(cipher_type_id_t id,
+ cipher_pointer_t *cp,
+ int key_len) {
+ cipher_type_t *ct;
+
+ /*
+ * if the crypto_kernel is not yet initialized, we refuse to allocate
+ * any ciphers - this is a bit extra-paranoid
+ */
+ if (crypto_kernel.state != crypto_kernel_state_secure)
+ return err_status_init_fail;
+
+ ct = crypto_kernel_get_cipher_type(id);
+ if (!ct)
+ return err_status_fail;
+
+ return ((ct)->alloc(cp, key_len));
+}
+
+
+
+auth_type_t *
+crypto_kernel_get_auth_type(auth_type_id_t id) {
+ kernel_auth_type_t *atype;
+
+ /* walk down list, looking for id */
+ atype = crypto_kernel.auth_type_list;
+ while (atype != NULL) {
+ if (id == atype->id)
+ return atype->auth_type;
+ atype = atype->next;
+ }
+
+ /* haven't found the right one, indicate failure by returning NULL */
+ return NULL;
+}
+
+err_status_t
+crypto_kernel_alloc_auth(auth_type_id_t id,
+ auth_pointer_t *ap,
+ int key_len,
+ int tag_len) {
+ auth_type_t *at;
+
+ /*
+ * if the crypto_kernel is not yet initialized, we refuse to allocate
+ * any auth functions - this is a bit extra-paranoid
+ */
+ if (crypto_kernel.state != crypto_kernel_state_secure)
+ return err_status_init_fail;
+
+ at = crypto_kernel_get_auth_type(id);
+ if (!at)
+ return err_status_fail;
+
+ return ((at)->alloc(ap, key_len, tag_len));
+}
+
+err_status_t
+crypto_kernel_load_debug_module(debug_module_t *new_dm) {
+ kernel_debug_module_t *kdm, *new;
+
+ /* defensive coding */
+ if (new_dm == NULL)
+ return err_status_bad_param;
+
+ /* walk down list, checking if this type is in the list already */
+ kdm = crypto_kernel.debug_module_list;
+ while (kdm != NULL) {
+ if (strncmp(new_dm->name, kdm->mod->name, 64) == 0)
+ return err_status_bad_param;
+ kdm = kdm->next;
+ }
+
+ /* put new_dm at the head of the list */
+ /* allocate memory */
+ new = (kernel_debug_module_t *)crypto_alloc(sizeof(kernel_debug_module_t));
+ if (new == NULL)
+ return err_status_alloc_fail;
+
+ /* set fields */
+ new->mod = new_dm;
+ new->next = crypto_kernel.debug_module_list;
+
+ /* set head of list to new cipher type */
+ crypto_kernel.debug_module_list = new;
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_kernel_set_debug_module(char *name, int on) {
+ kernel_debug_module_t *kdm;
+
+ /* walk down list, checking if this type is in the list already */
+ kdm = crypto_kernel.debug_module_list;
+ while (kdm != NULL) {
+ if (strncmp(name, kdm->mod->name, 64) == 0) {
+ kdm->mod->on = on;
+ return err_status_ok;
+ }
+ kdm = kdm->next;
+ }
+
+ return err_status_fail;
+}
+
+err_status_t
+crypto_get_random(unsigned char *buffer, unsigned int length) {
+ if (crypto_kernel.state == crypto_kernel_state_secure)
+ return ctr_prng_get_octet_string(buffer, length);
+ else
+ return err_status_fail;
+}
diff --git a/srtp/crypto/kernel/err.c b/srtp/crypto/kernel/err.c
new file mode 100644
index 0000000..4a3a858
--- /dev/null
+++ b/srtp/crypto/kernel/err.c
@@ -0,0 +1,148 @@
+/*
+ * err.c
+ *
+ * error status reporting functions
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "err.h"
+
+#ifdef ERR_REPORTING_SYSLOG
+# ifdef HAVE_SYSLOG_H
+# include <syslog.h>
+# endif
+#endif
+
+
+/* err_level reflects the level of errors that are reported */
+
+err_reporting_level_t err_level = err_level_none;
+
+#ifdef SRTP_KERNEL_LINUX
+err_status_t
+err_reporting_init(char *ident) {
+
+ return err_status_ok;
+}
+
+#else /* SRTP_KERNEL_LINUX */
+
+/* err_file is the FILE to which errors are reported */
+
+static FILE *err_file = NULL;
+
+err_status_t
+err_reporting_init(char *ident) {
+#ifdef ERR_REPORTING_SYSLOG
+ openlog(ident, LOG_PID, LOG_AUTHPRIV);
+#endif
+
+ /*
+ * Believe it or not, openlog doesn't return an error on failure.
+ * But then, neither does the syslog() call...
+ */
+
+#ifdef ERR_REPORTING_STDOUT
+ err_file = stdout;
+#elif defined(USE_ERR_REPORTING_FILE)
+ /* open file for error reporting */
+ err_file = fopen(ERR_REPORTING_FILE, "w");
+ if (err_file == NULL)
+ return err_status_init_fail;
+#endif
+
+ return err_status_ok;
+}
+
+void
+err_report(int priority, char *format, ...) {
+ va_list args;
+
+ if (priority <= err_level) {
+
+ va_start(args, format);
+ if (err_file != NULL) {
+ vfprintf(err_file, format, args);
+ /* fprintf(err_file, "\n"); */
+ }
+#ifdef ERR_REPORTING_SYSLOG
+ if (1) { /* FIXME: Make this a runtime option. */
+ int syslogpri;
+
+ switch (priority) {
+ case err_level_emergency:
+ syslogpri = LOG_EMERG;
+ break;
+ case err_level_alert:
+ syslogpri = LOG_ALERT;
+ break;
+ case err_level_critical:
+ syslogpri = LOG_CRIT;
+ break;
+ case err_level_error:
+ syslogpri = LOG_ERR;
+ break;
+ case err_level_warning:
+ syslogpri = LOG_WARNING;
+ break;
+ case err_level_notice:
+ syslogpri = LOG_NOTICE;
+ break;
+ case err_level_info:
+ syslogpri = LOG_INFO;
+ break;
+ case err_level_debug:
+ case err_level_none:
+ default:
+ syslogpri = LOG_DEBUG;
+ break;
+ }
+
+ vsyslog(syslogpri, format, args);
+#endif
+ va_end(args);
+ }
+}
+#endif /* SRTP_KERNEL_LINUX */
+
+void
+err_reporting_set_level(err_reporting_level_t lvl) {
+ err_level = lvl;
+}
diff --git a/srtp/crypto/kernel/key.c b/srtp/crypto/kernel/key.c
new file mode 100644
index 0000000..9f63b22
--- /dev/null
+++ b/srtp/crypto/kernel/key.c
@@ -0,0 +1,115 @@
+/*
+ * key.c
+ *
+ * key usage limits enforcement
+ *
+ * David A. Mcgrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "key.h"
+
+#define soft_limit 0x10000
+
+err_status_t
+key_limit_set(key_limit_t key, const xtd_seq_num_t s) {
+#ifdef NO_64BIT_MATH
+ if (high32(s) == 0 && low32(s) < soft_limit)
+ return err_status_bad_param;
+#else
+ if (s < soft_limit)
+ return err_status_bad_param;
+#endif
+ key->num_left = s;
+ key->state = key_state_normal;
+ return err_status_ok;
+}
+
+err_status_t
+key_limit_clone(key_limit_t original, key_limit_t *new_key) {
+ if (original == NULL)
+ return err_status_bad_param;
+ *new_key = original;
+ return err_status_ok;
+}
+
+err_status_t
+key_limit_check(const key_limit_t key) {
+ if (key->state == key_state_expired)
+ return err_status_key_expired;
+ return err_status_ok;
+}
+
+key_event_t
+key_limit_update(key_limit_t key) {
+#ifdef NO_64BIT_MATH
+ if (low32(key->num_left) == 0)
+ {
+ // carry
+ key->num_left = make64(high32(key->num_left)-1,low32(key->num_left) - 1);
+ }
+ else
+ {
+ // no carry
+ key->num_left = make64(high32(key->num_left),low32(key->num_left) - 1);
+ }
+ if (high32(key->num_left) != 0 || low32(key->num_left) >= soft_limit) {
+ return key_event_normal; /* we're above the soft limit */
+ }
+#else
+ key->num_left--;
+ if (key->num_left >= soft_limit) {
+ return key_event_normal; /* we're above the soft limit */
+ }
+#endif
+ if (key->state == key_state_normal) {
+ /* we just passed the soft limit, so change the state */
+ key->state = key_state_past_soft_limit;
+ }
+#ifdef NO_64BIT_MATH
+ if (low32(key->num_left) == 0 && high32(key->num_left == 0))
+#else
+ if (key->num_left < 1)
+#endif
+ { /* we just hit the hard limit */
+ key->state = key_state_expired;
+ return key_event_hard_limit;
+ }
+ return key_event_soft_limit;
+}
+
diff --git a/srtp/crypto/math/CVS/Entries b/srtp/crypto/math/CVS/Entries
new file mode 100644
index 0000000..292b955
--- /dev/null
+++ b/srtp/crypto/math/CVS/Entries
@@ -0,0 +1,5 @@
+/datatypes.c/1.9/Tue Jul 18 19:45:46 2006//
+/gf2_8.c/1.3/Thu Jun 8 17:00:28 2006//
+/math.c/1.6/Thu Jun 8 17:00:28 2006//
+/stat.c/1.7/Wed Jul 12 22:22:09 2006//
+D
diff --git a/srtp/crypto/math/CVS/Repository b/srtp/crypto/math/CVS/Repository
new file mode 100644
index 0000000..739b84b
--- /dev/null
+++ b/srtp/crypto/math/CVS/Repository
@@ -0,0 +1 @@
+srtp/crypto/math
diff --git a/srtp/crypto/math/CVS/Root b/srtp/crypto/math/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/crypto/math/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/crypto/math/datatypes.c b/srtp/crypto/math/datatypes.c
new file mode 100644
index 0000000..61bf34f
--- /dev/null
+++ b/srtp/crypto/math/datatypes.c
@@ -0,0 +1,600 @@
+/*
+ * datatypes.c
+ *
+ * data types for finite fields and functions for input, output, and
+ * manipulation
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "datatypes.h"
+
+int
+octet_weight[256] = {
+ 0, 1, 1, 2, 1, 2, 2, 3,
+ 1, 2, 2, 3, 2, 3, 3, 4,
+ 1, 2, 2, 3, 2, 3, 3, 4,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 1, 2, 2, 3, 2, 3, 3, 4,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 1, 2, 2, 3, 2, 3, 3, 4,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 4, 5, 5, 6, 5, 6, 6, 7,
+ 1, 2, 2, 3, 2, 3, 3, 4,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 4, 5, 5, 6, 5, 6, 6, 7,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 4, 5, 5, 6, 5, 6, 6, 7,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 4, 5, 5, 6, 5, 6, 6, 7,
+ 4, 5, 5, 6, 5, 6, 6, 7,
+ 5, 6, 6, 7, 6, 7, 7, 8
+};
+
+int
+octet_get_weight(uint8_t octet) {
+ extern int octet_weight[256];
+
+ return octet_weight[octet];
+}
+
+/*
+ * bit_string is a buffer that is used to hold output strings, e.g.
+ * for printing.
+ */
+
+/* the value MAX_PRINT_STRING_LEN is defined in datatypes.h */
+
+char bit_string[MAX_PRINT_STRING_LEN];
+
+uint8_t
+nibble_to_hex_char(uint8_t nibble) {
+ char buf[16] = {'0', '1', '2', '3', '4', '5', '6', '7',
+ '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
+ return buf[nibble & 0xF];
+}
+
+char *
+octet_string_hex_string(const void *s, int length) {
+ const uint8_t *str = (const uint8_t *)s;
+ int i;
+
+ /* double length, since one octet takes two hex characters */
+ length *= 2;
+
+ /* truncate string if it would be too long */
+ if (length > MAX_PRINT_STRING_LEN)
+ length = MAX_PRINT_STRING_LEN-1;
+
+ for (i=0; i < length; i+=2) {
+ bit_string[i] = nibble_to_hex_char(*str >> 4);
+ bit_string[i+1] = nibble_to_hex_char(*str++ & 0xF);
+ }
+ bit_string[i] = 0; /* null terminate string */
+ return bit_string;
+}
+
+inline int
+hex_char_to_nibble(uint8_t c) {
+ switch(c) {
+ case ('0'): return 0x0;
+ case ('1'): return 0x1;
+ case ('2'): return 0x2;
+ case ('3'): return 0x3;
+ case ('4'): return 0x4;
+ case ('5'): return 0x5;
+ case ('6'): return 0x6;
+ case ('7'): return 0x7;
+ case ('8'): return 0x8;
+ case ('9'): return 0x9;
+ case ('a'): return 0xa;
+ case ('A'): return 0xa;
+ case ('b'): return 0xb;
+ case ('B'): return 0xb;
+ case ('c'): return 0xc;
+ case ('C'): return 0xc;
+ case ('d'): return 0xd;
+ case ('D'): return 0xd;
+ case ('e'): return 0xe;
+ case ('E'): return 0xe;
+ case ('f'): return 0xf;
+ case ('F'): return 0xf;
+ default: return -1; /* this flags an error */
+ }
+ /* NOTREACHED */
+ return -1; /* this keeps compilers from complaining */
+}
+
+int
+is_hex_string(char *s) {
+ while(*s != 0)
+ if (hex_char_to_nibble(*s++) == -1)
+ return 0;
+ return 1;
+}
+
+/*
+ * hex_string_to_octet_string converts a hexadecimal string
+ * of length 2 * len to a raw octet string of length len
+ */
+
+int
+hex_string_to_octet_string(char *raw, char *hex, int len) {
+ uint8_t x;
+ int tmp;
+ int hex_len;
+
+ hex_len = 0;
+ while (hex_len < len) {
+ tmp = hex_char_to_nibble(hex[0]);
+ if (tmp == -1)
+ return hex_len;
+ x = (tmp << 4);
+ hex_len++;
+ tmp = hex_char_to_nibble(hex[1]);
+ if (tmp == -1)
+ return hex_len;
+ x |= (tmp & 0xff);
+ hex_len++;
+ *raw++ = x;
+ hex += 2;
+ }
+ return hex_len;
+}
+
+char *
+v128_hex_string(v128_t *x) {
+ int i, j;
+
+ for (i=j=0; i < 16; i++) {
+ bit_string[j++] = nibble_to_hex_char(x->v8[i] >> 4);
+ bit_string[j++] = nibble_to_hex_char(x->v8[i] & 0xF);
+ }
+
+ bit_string[j] = 0; /* null terminate string */
+ return bit_string;
+}
+
+char *
+v128_bit_string(v128_t *x) {
+ int j, index;
+ uint32_t mask;
+
+ for (j=index=0; j < 4; j++) {
+ for (mask=0x80000000; mask > 0; mask >>= 1) {
+ if (x->v32[j] & mask)
+ bit_string[index] = '1';
+ else
+ bit_string[index] = '0';
+ ++index;
+ }
+ }
+ bit_string[128] = 0; /* null terminate string */
+
+ return bit_string;
+}
+
+void
+v128_copy_octet_string(v128_t *x, const uint8_t s[16]) {
+#ifdef ALIGNMENT_32BIT_REQUIRED
+ if ((((uint32_t) &s[0]) & 0x3) != 0)
+#endif
+ {
+ x->v8[0] = s[0];
+ x->v8[1] = s[1];
+ x->v8[2] = s[2];
+ x->v8[3] = s[3];
+ x->v8[4] = s[4];
+ x->v8[5] = s[5];
+ x->v8[6] = s[6];
+ x->v8[7] = s[7];
+ x->v8[8] = s[8];
+ x->v8[9] = s[9];
+ x->v8[10] = s[10];
+ x->v8[11] = s[11];
+ x->v8[12] = s[12];
+ x->v8[13] = s[13];
+ x->v8[14] = s[14];
+ x->v8[15] = s[15];
+ }
+#ifdef ALIGNMENT_32BIT_REQUIRED
+ else
+ {
+ v128_t *v = (v128_t *) &s[0];
+
+ v128_copy(x,v);
+ }
+#endif
+}
+
+#ifndef DATATYPES_USE_MACROS /* little functions are not macros */
+
+void
+v128_set_to_zero(v128_t *x) {
+ _v128_set_to_zero(x);
+}
+
+void
+v128_copy(v128_t *x, const v128_t *y) {
+ _v128_copy(x, y);
+}
+
+void
+v128_xor(v128_t *z, v128_t *x, v128_t *y) {
+ _v128_xor(z, x, y);
+}
+
+void
+v128_and(v128_t *z, v128_t *x, v128_t *y) {
+ _v128_and(z, x, y);
+}
+
+void
+v128_or(v128_t *z, v128_t *x, v128_t *y) {
+ _v128_or(z, x, y);
+}
+
+void
+v128_complement(v128_t *x) {
+ _v128_complement(x);
+}
+
+int
+v128_is_eq(const v128_t *x, const v128_t *y) {
+ return _v128_is_eq(x, y);
+}
+
+int
+v128_xor_eq(v128_t *x, const v128_t *y) {
+ return _v128_xor_eq(x, y);
+}
+
+int
+v128_get_bit(const v128_t *x, int i) {
+ return _v128_get_bit(x, i);
+}
+
+void
+v128_set_bit(v128_t *x, int i) {
+ _v128_set_bit(x, i);
+}
+
+void
+v128_clear_bit(v128_t *x, int i){
+ _v128_clear_bit(x, i);
+}
+
+void
+v128_set_bit_to(v128_t *x, int i, int y){
+ _v128_set_bit_to(x, i, y);
+}
+
+
+#endif /* DATATYPES_USE_MACROS */
+
+void
+v128_right_shift(v128_t *x, int index) {
+ const int base_index = index >> 5;
+ const int bit_index = index & 31;
+ int i, from;
+ uint32_t b;
+
+ if (index > 127) {
+ v128_set_to_zero(x);
+ return;
+ }
+
+ if (bit_index == 0) {
+
+ /* copy each word from left size to right side */
+ x->v32[4-1] = x->v32[4-1-base_index];
+ for (i=4-1; i > base_index; i--)
+ x->v32[i-1] = x->v32[i-1-base_index];
+
+ } else {
+
+ /* set each word to the "or" of the two bit-shifted words */
+ for (i = 4; i > base_index; i--) {
+ from = i-1 - base_index;
+ b = x->v32[from] << bit_index;
+ if (from > 0)
+ b |= x->v32[from-1] >> (32-bit_index);
+ x->v32[i-1] = b;
+ }
+
+ }
+
+ /* now wrap up the final portion */
+ for (i=0; i < base_index; i++)
+ x->v32[i] = 0;
+
+}
+
+void
+v128_left_shift(v128_t *x, int index) {
+ int i;
+ const int base_index = index >> 5;
+ const int bit_index = index & 31;
+
+ if (index > 127) {
+ v128_set_to_zero(x);
+ return;
+ }
+
+ if (bit_index == 0) {
+ for (i=0; i < 4 - base_index; i++)
+ x->v32[i] = x->v32[i+base_index];
+ } else {
+ for (i=0; i < 4 - base_index - 1; i++)
+ x->v32[i] = (x->v32[i+base_index] >> bit_index) ^
+ (x->v32[i+base_index+1] << (32 - bit_index));
+ x->v32[4 - base_index-1] = x->v32[4-1] >> bit_index;
+ }
+
+ /* now wrap up the final portion */
+ for (i = 4 - base_index; i < 4; i++)
+ x->v32[i] = 0;
+
+}
+
+
+int
+octet_string_is_eq(uint8_t *a, uint8_t *b, int len) {
+ uint8_t *end = b + len;
+ while (b < end)
+ if (*a++ != *b++)
+ return 1;
+ return 0;
+}
+
+void
+octet_string_set_to_zero(uint8_t *s, int len) {
+ uint8_t *end = s + len;
+
+ do {
+ *s = 0;
+ } while (++s < end);
+
+}
+
+
+/*
+ * From RFC 1521: The Base64 Alphabet
+ *
+ * Value Encoding Value Encoding Value Encoding Value Encoding
+ * 0 A 17 R 34 i 51 z
+ * 1 B 18 S 35 j 52 0
+ * 2 C 19 T 36 k 53 1
+ * 3 D 20 U 37 l 54 2
+ * 4 E 21 V 38 m 55 3
+ * 5 F 22 W 39 n 56 4
+ * 6 G 23 X 40 o 57 5
+ * 7 H 24 Y 41 p 58 6
+ * 8 I 25 Z 42 q 59 7
+ * 9 J 26 a 43 r 60 8
+ * 10 K 27 b 44 s 61 9
+ * 11 L 28 c 45 t 62 +
+ * 12 M 29 d 46 u 63 /
+ * 13 N 30 e 47 v
+ * 14 O 31 f 48 w (pad) =
+ * 15 P 32 g 49 x
+ * 16 Q 33 h 50 y
+ */
+
+int
+base64_char_to_sextet(uint8_t c) {
+ switch(c) {
+ case 'A':
+ return 0;
+ case 'B':
+ return 1;
+ case 'C':
+ return 2;
+ case 'D':
+ return 3;
+ case 'E':
+ return 4;
+ case 'F':
+ return 5;
+ case 'G':
+ return 6;
+ case 'H':
+ return 7;
+ case 'I':
+ return 8;
+ case 'J':
+ return 9;
+ case 'K':
+ return 10;
+ case 'L':
+ return 11;
+ case 'M':
+ return 12;
+ case 'N':
+ return 13;
+ case 'O':
+ return 14;
+ case 'P':
+ return 15;
+ case 'Q':
+ return 16;
+ case 'R':
+ return 17;
+ case 'S':
+ return 18;
+ case 'T':
+ return 19;
+ case 'U':
+ return 20;
+ case 'V':
+ return 21;
+ case 'W':
+ return 22;
+ case 'X':
+ return 23;
+ case 'Y':
+ return 24;
+ case 'Z':
+ return 25;
+ case 'a':
+ return 26;
+ case 'b':
+ return 27;
+ case 'c':
+ return 28;
+ case 'd':
+ return 29;
+ case 'e':
+ return 30;
+ case 'f':
+ return 31;
+ case 'g':
+ return 32;
+ case 'h':
+ return 33;
+ case 'i':
+ return 34;
+ case 'j':
+ return 35;
+ case 'k':
+ return 36;
+ case 'l':
+ return 37;
+ case 'm':
+ return 38;
+ case 'n':
+ return 39;
+ case 'o':
+ return 40;
+ case 'p':
+ return 41;
+ case 'q':
+ return 42;
+ case 'r':
+ return 43;
+ case 's':
+ return 44;
+ case 't':
+ return 45;
+ case 'u':
+ return 46;
+ case 'v':
+ return 47;
+ case 'w':
+ return 48;
+ case 'x':
+ return 49;
+ case 'y':
+ return 50;
+ case 'z':
+ return 51;
+ case '0':
+ return 52;
+ case '1':
+ return 53;
+ case '2':
+ return 54;
+ case '3':
+ return 55;
+ case '4':
+ return 56;
+ case '5':
+ return 57;
+ case '6':
+ return 58;
+ case '7':
+ return 59;
+ case '8':
+ return 60;
+ case '9':
+ return 61;
+ case '+':
+ return 62;
+ case '/':
+ return 63;
+ case '=':
+ return 64;
+ default:
+ break;
+ }
+ return -1;
+}
+
+/*
+ * base64_string_to_octet_string converts a hexadecimal string
+ * of length 2 * len to a raw octet string of length len
+ */
+
+int
+base64_string_to_octet_string(char *raw, char *base64, int len) {
+ uint8_t x;
+ int tmp;
+ int base64_len;
+
+ base64_len = 0;
+ while (base64_len < len) {
+ tmp = base64_char_to_sextet(base64[0]);
+ if (tmp == -1)
+ return base64_len;
+ x = (tmp << 6);
+ base64_len++;
+ tmp = base64_char_to_sextet(base64[1]);
+ if (tmp == -1)
+ return base64_len;
+ x |= (tmp & 0xffff);
+ base64_len++;
+ *raw++ = x;
+ base64 += 2;
+ }
+ return base64_len;
+}
diff --git a/srtp/crypto/math/gf2_8.c b/srtp/crypto/math/gf2_8.c
new file mode 100644
index 0000000..8a112ba
--- /dev/null
+++ b/srtp/crypto/math/gf2_8.c
@@ -0,0 +1,83 @@
+/*
+ * gf2_8.c
+ *
+ * GF(256) finite field implementation, with the representation used
+ * in the AES cipher.
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "datatypes.h"
+#include "gf2_8.h"
+
+/* gf2_8_shift() moved to gf2_8.h as an inline function */
+
+inline gf2_8
+gf2_8_multiply(gf2_8 x, gf2_8 y) {
+ gf2_8 z = 0;
+
+ if (y & 1) z ^= x; x = gf2_8_shift(x);
+ if (y & 2) z ^= x; x = gf2_8_shift(x);
+ if (y & 4) z ^= x; x = gf2_8_shift(x);
+ if (y & 8) z ^= x; x = gf2_8_shift(x);
+ if (y & 16) z ^= x; x = gf2_8_shift(x);
+ if (y & 32) z ^= x; x = gf2_8_shift(x);
+ if (y & 64) z ^= x; x = gf2_8_shift(x);
+ if (y & 128) z ^= x;
+
+ return z;
+}
+
+
+/* this should use the euclidean algorithm */
+
+gf2_8
+gf2_8_compute_inverse(gf2_8 x) {
+ unsigned int i;
+
+ if (x == 0) return 0; /* zero is a special case */
+ for (i=0; i < 256; i++)
+ if (gf2_8_multiply((gf2_8) i, x) == 1)
+ return (gf2_8) i;
+
+ return 0;
+}
+
diff --git a/srtp/crypto/math/math.c b/srtp/crypto/math/math.c
new file mode 100644
index 0000000..3e61997
--- /dev/null
+++ b/srtp/crypto/math/math.c
@@ -0,0 +1,962 @@
+/*
+ * math.c
+ *
+ * crypto math operations and data types
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "crypto_math.h"
+#include <stdlib.h> /* malloc() used in bitvector_alloc */
+
+int
+octet_weight[256] = {
+ 0, 1, 1, 2, 1, 2, 2, 3,
+ 1, 2, 2, 3, 2, 3, 3, 4,
+ 1, 2, 2, 3, 2, 3, 3, 4,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 1, 2, 2, 3, 2, 3, 3, 4,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 1, 2, 2, 3, 2, 3, 3, 4,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 4, 5, 5, 6, 5, 6, 6, 7,
+ 1, 2, 2, 3, 2, 3, 3, 4,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 4, 5, 5, 6, 5, 6, 6, 7,
+ 2, 3, 3, 4, 3, 4, 4, 5,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 4, 5, 5, 6, 5, 6, 6, 7,
+ 3, 4, 4, 5, 4, 5, 5, 6,
+ 4, 5, 5, 6, 5, 6, 6, 7,
+ 4, 5, 5, 6, 5, 6, 6, 7,
+ 5, 6, 6, 7, 6, 7, 7, 8
+};
+
+int
+low_bit[256] = {
+ -1, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 4, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 5, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 4, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 6, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 4, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 5, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 4, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 7, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 4, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 5, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 4, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 6, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 4, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 5, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0,
+ 4, 0, 1, 0, 2, 0, 1, 0,
+ 3, 0, 1, 0, 2, 0, 1, 0
+};
+
+
+int
+high_bit[256] = {
+ -1, 0, 1, 1, 2, 2, 2, 2,
+ 3, 3, 3, 3, 3, 3, 3, 3,
+ 4, 4, 4, 4, 4, 4, 4, 4,
+ 4, 4, 4, 4, 4, 4, 4, 4,
+ 5, 5, 5, 5, 5, 5, 5, 5,
+ 5, 5, 5, 5, 5, 5, 5, 5,
+ 5, 5, 5, 5, 5, 5, 5, 5,
+ 5, 5, 5, 5, 5, 5, 5, 5,
+ 6, 6, 6, 6, 6, 6, 6, 6,
+ 6, 6, 6, 6, 6, 6, 6, 6,
+ 6, 6, 6, 6, 6, 6, 6, 6,
+ 6, 6, 6, 6, 6, 6, 6, 6,
+ 6, 6, 6, 6, 6, 6, 6, 6,
+ 6, 6, 6, 6, 6, 6, 6, 6,
+ 6, 6, 6, 6, 6, 6, 6, 6,
+ 6, 6, 6, 6, 6, 6, 6, 6,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7
+};
+
+int
+octet_get_weight(uint8_t octet) {
+ extern int octet_weight[256];
+
+ return octet_weight[octet];
+}
+
+unsigned char
+v32_weight(v32_t a) {
+ unsigned int wt = 0;
+
+ wt += octet_weight[a.v8[0]]; /* note: endian-ness makes no difference */
+ wt += octet_weight[a.v8[1]];
+ wt += octet_weight[a.v8[2]];
+ wt += octet_weight[a.v8[3]];
+
+ return wt;
+}
+
+inline unsigned char
+v32_distance(v32_t x, v32_t y) {
+ x.value ^= y.value;
+ return v32_weight(x);
+}
+
+unsigned int
+v32_dot_product(v32_t a, v32_t b) {
+ a.value &= b.value;
+ return v32_weight(a) & 1;
+}
+
+/*
+ * _bit_string returns a NULL-terminated character string suitable for
+ * printing
+ */
+
+#define MAX_STRING_LENGTH 1024
+
+char bit_string[MAX_STRING_LENGTH];
+
+char *
+octet_bit_string(uint8_t x) {
+ int mask, index;
+
+ for (mask = 1, index = 0; mask < 256; mask <<= 1)
+ if ((x & mask) == 0)
+ bit_string[index++] = '0';
+ else
+ bit_string[index++] = '1';
+
+ bit_string[index++] = 0; /* NULL terminate string */
+
+ return bit_string;
+}
+
+char *
+v16_bit_string(v16_t x) {
+ int i, mask, index;
+
+ for (i = index = 0; i < 2; i++) {
+ for (mask = 1; mask < 256; mask <<= 1)
+ if ((x.v8[i] & mask) == 0)
+ bit_string[index++] = '0';
+ else
+ bit_string[index++] = '1';
+ }
+ bit_string[index++] = 0; /* NULL terminate string */
+ return bit_string;
+}
+
+char *
+v32_bit_string(v32_t x) {
+ int i, mask, index;
+
+ for (i = index = 0; i < 4; i++) {
+ for (mask = 128; mask > 0; mask >>= 1)
+ if ((x.v8[i] & mask) == 0)
+ bit_string[index++] = '0';
+ else
+ bit_string[index++] = '1';
+ }
+ bit_string[index++] = 0; /* NULL terminate string */
+ return bit_string;
+}
+
+char *
+v64_bit_string(const v64_t *x) {
+ int i, mask, index;
+
+ for (i = index = 0; i < 8; i++) {
+ for (mask = 1; mask < 256; mask <<= 1)
+ if ((x->v8[i] & mask) == 0)
+ bit_string[index++] = '0';
+ else
+ bit_string[index++] = '1';
+ }
+ bit_string[index++] = 0; /* NULL terminate string */
+ return bit_string;
+}
+
+char *
+v128_bit_string(v128_t *x) {
+ int j, index;
+ uint32_t mask;
+
+ for (j=index=0; j < 4; j++) {
+ for (mask=0x80000000; mask > 0; mask >>= 1) {
+ if (x->v32[j] & mask)
+ bit_string[index] = '1';
+ else
+ bit_string[index] = '0';
+ ++index;
+ }
+ }
+ bit_string[128] = 0; /* null terminate string */
+
+ return bit_string;
+}
+
+uint8_t
+nibble_to_hex_char(uint8_t nibble) {
+ char buf[16] = {'0', '1', '2', '3', '4', '5', '6', '7',
+ '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
+ return buf[nibble & 0xF];
+}
+
+char *
+octet_hex_string(uint8_t x) {
+
+ bit_string[0] = nibble_to_hex_char(x >> 4);
+ bit_string[1] = nibble_to_hex_char(x & 0xF);
+
+ bit_string[2] = 0; /* null terminate string */
+ return bit_string;
+}
+
+char *
+octet_string_hex_string(const void *str, int length) {
+ const uint8_t *s = str;
+ int i;
+
+ /* double length, since one octet takes two hex characters */
+ length *= 2;
+
+ /* truncate string if it would be too long */
+ if (length > MAX_STRING_LENGTH)
+ length = MAX_STRING_LENGTH-1;
+
+ for (i=0; i < length; i+=2) {
+ bit_string[i] = nibble_to_hex_char(*s >> 4);
+ bit_string[i+1] = nibble_to_hex_char(*s++ & 0xF);
+ }
+ bit_string[i] = 0; /* null terminate string */
+ return bit_string;
+}
+
+char *
+v16_hex_string(v16_t x) {
+ int i, j;
+
+ for (i=j=0; i < 2; i++) {
+ bit_string[j++] = nibble_to_hex_char(x.v8[i] >> 4);
+ bit_string[j++] = nibble_to_hex_char(x.v8[i] & 0xF);
+ }
+
+ bit_string[j] = 0; /* null terminate string */
+ return bit_string;
+}
+
+char *
+v32_hex_string(v32_t x) {
+ int i, j;
+
+ for (i=j=0; i < 4; i++) {
+ bit_string[j++] = nibble_to_hex_char(x.v8[i] >> 4);
+ bit_string[j++] = nibble_to_hex_char(x.v8[i] & 0xF);
+ }
+
+ bit_string[j] = 0; /* null terminate string */
+ return bit_string;
+}
+
+char *
+v64_hex_string(const v64_t *x) {
+ int i, j;
+
+ for (i=j=0; i < 8; i++) {
+ bit_string[j++] = nibble_to_hex_char(x->v8[i] >> 4);
+ bit_string[j++] = nibble_to_hex_char(x->v8[i] & 0xF);
+ }
+
+ bit_string[j] = 0; /* null terminate string */
+ return bit_string;
+}
+
+char *
+v128_hex_string(v128_t *x) {
+ int i, j;
+
+ for (i=j=0; i < 16; i++) {
+ bit_string[j++] = nibble_to_hex_char(x->v8[i] >> 4);
+ bit_string[j++] = nibble_to_hex_char(x->v8[i] & 0xF);
+ }
+
+ bit_string[j] = 0; /* null terminate string */
+ return bit_string;
+}
+
+char *
+char_to_hex_string(char *x, int num_char) {
+ int i, j;
+
+ if (num_char >= 16)
+ num_char = 16;
+ for (i=j=0; i < num_char; i++) {
+ bit_string[j++] = nibble_to_hex_char(x[i] >> 4);
+ bit_string[j++] = nibble_to_hex_char(x[i] & 0xF);
+ }
+
+ bit_string[j] = 0; /* null terminate string */
+ return bit_string;
+}
+
+int
+hex_char_to_nibble(uint8_t c) {
+ switch(c) {
+ case ('0'): return 0x0;
+ case ('1'): return 0x1;
+ case ('2'): return 0x2;
+ case ('3'): return 0x3;
+ case ('4'): return 0x4;
+ case ('5'): return 0x5;
+ case ('6'): return 0x6;
+ case ('7'): return 0x7;
+ case ('8'): return 0x8;
+ case ('9'): return 0x9;
+ case ('a'): return 0xa;
+ case ('A'): return 0xa;
+ case ('b'): return 0xb;
+ case ('B'): return 0xb;
+ case ('c'): return 0xc;
+ case ('C'): return 0xc;
+ case ('d'): return 0xd;
+ case ('D'): return 0xd;
+ case ('e'): return 0xe;
+ case ('E'): return 0xe;
+ case ('f'): return 0xf;
+ case ('F'): return 0xf;
+ default: return -1; /* this flags an error */
+ }
+ /* NOTREACHED */
+ return -1; /* this keeps compilers from complaining */
+}
+
+int
+is_hex_string(char *s) {
+ while(*s != 0)
+ if (hex_char_to_nibble(*s++) == -1)
+ return 0;
+ return 1;
+}
+
+uint8_t
+hex_string_to_octet(char *s) {
+ uint8_t x;
+
+ x = (hex_char_to_nibble(s[0]) << 4)
+ | hex_char_to_nibble(s[1] & 0xFF);
+
+ return x;
+}
+
+/*
+ * hex_string_to_octet_string converts a hexadecimal string
+ * of length 2 * len to a raw octet string of length len
+ */
+
+int
+hex_string_to_octet_string(char *raw, char *hex, int len) {
+ uint8_t x;
+ int tmp;
+ int hex_len;
+
+ hex_len = 0;
+ while (hex_len < len) {
+ tmp = hex_char_to_nibble(hex[0]);
+ if (tmp == -1)
+ return hex_len;
+ x = (tmp << 4);
+ hex_len++;
+ tmp = hex_char_to_nibble(hex[1]);
+ if (tmp == -1)
+ return hex_len;
+ x |= (tmp & 0xff);
+ hex_len++;
+ *raw++ = x;
+ hex += 2;
+ }
+ return hex_len;
+}
+
+v16_t
+hex_string_to_v16(char *s) {
+ v16_t x;
+ int i, j;
+
+ for (i=j=0; i < 4; i += 2, j++) {
+ x.v8[j] = (hex_char_to_nibble(s[i]) << 4)
+ | hex_char_to_nibble(s[i+1] & 0xFF);
+ }
+ return x;
+}
+
+v32_t
+hex_string_to_v32(char *s) {
+ v32_t x;
+ int i, j;
+
+ for (i=j=0; i < 8; i += 2, j++) {
+ x.v8[j] = (hex_char_to_nibble(s[i]) << 4)
+ | hex_char_to_nibble(s[i+1] & 0xFF);
+ }
+ return x;
+}
+
+v64_t
+hex_string_to_v64(char *s) {
+ v64_t x;
+ int i, j;
+
+ for (i=j=0; i < 16; i += 2, j++) {
+ x.v8[j] = (hex_char_to_nibble(s[i]) << 4)
+ | hex_char_to_nibble(s[i+1] & 0xFF);
+ }
+ return x;
+}
+
+v128_t
+hex_string_to_v128(char *s) {
+ v128_t x;
+ int i, j;
+
+ for (i=j=0; i < 32; i += 2, j++) {
+ x.v8[j] = (hex_char_to_nibble(s[i]) << 4)
+ | hex_char_to_nibble(s[i+1] & 0xFF);
+ }
+ return x;
+}
+
+
+
+/*
+ * the matrix A[] is stored in column format, i.e., A[i] is the ith
+ * column of the matrix
+ */
+
+uint8_t
+A_times_x_plus_b(uint8_t A[8], uint8_t x, uint8_t b) {
+ int index = 0;
+ unsigned mask;
+
+ for (mask=1; mask < 256; mask *= 2) {
+ if (x & mask)
+ b^= A[index];
+ ++index;
+ }
+
+ return b;
+}
+
+inline void
+v16_copy_octet_string(v16_t *x, const uint8_t s[2]) {
+ x->v8[0] = s[0];
+ x->v8[1] = s[1];
+}
+
+inline void
+v32_copy_octet_string(v32_t *x, const uint8_t s[4]) {
+ x->v8[0] = s[0];
+ x->v8[1] = s[1];
+ x->v8[2] = s[2];
+ x->v8[3] = s[3];
+}
+
+inline void
+v64_copy_octet_string(v64_t *x, const uint8_t s[8]) {
+ x->v8[0] = s[0];
+ x->v8[1] = s[1];
+ x->v8[2] = s[2];
+ x->v8[3] = s[3];
+ x->v8[4] = s[4];
+ x->v8[5] = s[5];
+ x->v8[6] = s[6];
+ x->v8[7] = s[7];
+}
+
+void
+v128_copy_octet_string(v128_t *x, const uint8_t s[16]) {
+ x->v8[0] = s[0];
+ x->v8[1] = s[1];
+ x->v8[2] = s[2];
+ x->v8[3] = s[3];
+ x->v8[4] = s[4];
+ x->v8[5] = s[5];
+ x->v8[6] = s[6];
+ x->v8[7] = s[7];
+ x->v8[8] = s[8];
+ x->v8[9] = s[9];
+ x->v8[10] = s[10];
+ x->v8[11] = s[11];
+ x->v8[12] = s[12];
+ x->v8[13] = s[13];
+ x->v8[14] = s[14];
+ x->v8[15] = s[15];
+
+}
+
+#ifndef DATATYPES_USE_MACROS /* little functions are not macros */
+
+void
+v128_set_to_zero(v128_t *x) {
+ _v128_set_to_zero(x);
+}
+
+void
+v128_copy(v128_t *x, const v128_t *y) {
+ _v128_copy(x, y);
+}
+
+void
+v128_xor(v128_t *z, v128_t *x, v128_t *y) {
+ _v128_xor(z, x, y);
+}
+
+void
+v128_and(v128_t *z, v128_t *x, v128_t *y) {
+ _v128_and(z, x, y);
+}
+
+void
+v128_or(v128_t *z, v128_t *x, v128_t *y) {
+ _v128_or(z, x, y);
+}
+
+void
+v128_complement(v128_t *x) {
+ _v128_complement(x);
+}
+
+int
+v128_is_eq(const v128_t *x, const v128_t *y) {
+ return _v128_is_eq(x, y);
+}
+
+int
+v128_get_bit(const v128_t *x, int i) {
+ return _v128_get_bit(x, i);
+}
+
+void
+v128_set_bit(v128_t *x, int i) {
+ _v128_set_bit(x, i);
+}
+
+void
+v128_clear_bit(v128_t *x, int i){
+ _v128_clear_bit(x, i);
+}
+
+void
+v128_set_bit_to(v128_t *x, int i, int y){
+ _v128_set_bit_to(x, i, y);
+}
+
+
+#endif /* DATATYPES_USE_MACROS */
+
+
+inline void
+v128_left_shift2(v128_t *x, int num_bits) {
+ int i;
+ int word_shift = num_bits >> 5;
+ int bit_shift = num_bits & 31;
+
+ for (i=0; i < (4-word_shift); i++) {
+ x->v32[i] = x->v32[i+word_shift] << bit_shift;
+ }
+
+ for ( ; i < word_shift; i++) {
+ x->v32[i] = 0;
+ }
+
+}
+
+void
+v128_right_shift(v128_t *x, int index) {
+ const int base_index = index >> 5;
+ const int bit_index = index & 31;
+ int i, from;
+ uint32_t b;
+
+ if (index > 127) {
+ v128_set_to_zero(x);
+ return;
+ }
+
+ if (bit_index == 0) {
+
+ /* copy each word from left size to right side */
+ x->v32[4-1] = x->v32[4-1-base_index];
+ for (i=4-1; i > base_index; i--)
+ x->v32[i-1] = x->v32[i-1-base_index];
+
+ } else {
+
+ /* set each word to the "or" of the two bit-shifted words */
+ for (i = 4; i > base_index; i--) {
+ from = i-1 - base_index;
+ b = x->v32[from] << bit_index;
+ if (from > 0)
+ b |= x->v32[from-1] >> (32-bit_index);
+ x->v32[i-1] = b;
+ }
+
+ }
+
+ /* now wrap up the final portion */
+ for (i=0; i < base_index; i++)
+ x->v32[i] = 0;
+
+}
+
+void
+v128_left_shift(v128_t *x, int index) {
+ int i;
+ const int base_index = index >> 5;
+ const int bit_index = index & 31;
+
+ if (index > 127) {
+ v128_set_to_zero(x);
+ return;
+ }
+
+ if (bit_index == 0) {
+ for (i=0; i < 4 - base_index; i++)
+ x->v32[i] = x->v32[i+base_index];
+ } else {
+ for (i=0; i < 4 - base_index - 1; i++)
+ x->v32[i] = (x->v32[i+base_index] << bit_index) ^
+ (x->v32[i+base_index+1] >> (32 - bit_index));
+ x->v32[4 - base_index-1] = x->v32[4-1] << bit_index;
+ }
+
+ /* now wrap up the final portion */
+ for (i = 4 - base_index; i < 4; i++)
+ x->v32[i] = 0;
+
+}
+
+
+#if 0
+void
+v128_add(v128_t *z, v128_t *x, v128_t *y) {
+ /* integer addition modulo 2^128 */
+
+#ifdef WORDS_BIGENDIAN
+ uint64_t tmp;
+
+ tmp = x->v32[3] + y->v32[3];
+ z->v32[3] = (uint32_t) tmp;
+
+ tmp = x->v32[2] + y->v32[2] + (tmp >> 32);
+ z->v32[2] = (uint32_t) tmp;
+
+ tmp = x->v32[1] + y->v32[1] + (tmp >> 32);
+ z->v32[1] = (uint32_t) tmp;
+
+ tmp = x->v32[0] + y->v32[0] + (tmp >> 32);
+ z->v32[0] = (uint32_t) tmp;
+
+#else /* assume little endian architecture */
+ uint64_t tmp;
+
+ tmp = htonl(x->v32[3]) + htonl(y->v32[3]);
+ z->v32[3] = ntohl((uint32_t) tmp);
+
+ tmp = htonl(x->v32[2]) + htonl(y->v32[2]) + htonl(tmp >> 32);
+ z->v32[2] = ntohl((uint32_t) tmp);
+
+ tmp = htonl(x->v32[1]) + htonl(y->v32[1]) + htonl(tmp >> 32);
+ z->v32[1] = ntohl((uint32_t) tmp);
+
+ tmp = htonl(x->v32[0]) + htonl(y->v32[0]) + htonl(tmp >> 32);
+ z->v32[0] = ntohl((uint32_t) tmp);
+
+#endif /* WORDS_BIGENDIAN */
+
+}
+#endif
+
+int
+octet_string_is_eq(uint8_t *a, uint8_t *b, int len) {
+ uint8_t *end = b + len;
+ while (b < end)
+ if (*a++ != *b++)
+ return 1;
+ return 0;
+}
+
+void
+octet_string_set_to_zero(uint8_t *s, int len) {
+ uint8_t *end = s + len;
+
+ do {
+ *s = 0;
+ } while (++s < end);
+
+}
+
+/* functions manipulating bit_vector_t */
+
+#define BITVECTOR_MAX_WORDS 5
+
+int
+bitvector_alloc(bitvector_t *v, unsigned long length) {
+ unsigned long l = (length + bytes_per_word - 1) / bytes_per_word;
+ int i;
+
+ /* allocate memory, then set parameters */
+ if (l > BITVECTOR_MAX_WORDS)
+ return -1;
+ else
+ l = BITVECTOR_MAX_WORDS;
+ v->word = malloc(l);
+ if (v->word == NULL)
+ return -1;
+ v->length = length;
+
+ /* initialize bitvector to zero */
+ for (i=0; i < (length >> 5); i++) {
+ v->word = 0;
+ }
+
+ return 0;
+}
+
+void
+bitvector_set_bit(bitvector_t *v, int bit_index) {
+
+ v->word[(bit_index >> 5)] |= (1 << (bit_index & 31));
+
+}
+
+int
+bitvector_get_bit(const bitvector_t *v, int bit_index) {
+
+ return ((v->word[(bit_index >> 5)]) >> (bit_index & 31)) & 1;
+
+}
+
+#include <stdio.h>
+
+int
+bitvector_print_hex(const bitvector_t *v, FILE *stream) {
+ int i;
+ int m = v->length >> 5;
+ int n = v->length & 31;
+ char string[9];
+ uint32_t tmp;
+
+ /* if length isn't a multiple of four, we can't hex_print */
+ if (n & 3)
+ return -1;
+
+ /* if the length is zero, do nothing */
+ if (v->length == 0)
+ return 0;
+
+ /*
+ * loop over words from most significant to least significant -
+ */
+
+ for (i=m; i > 0; i++) {
+ char *str = string + 7;
+ tmp = v->word[i];
+
+ /* null terminate string */
+ string[8] = 0;
+
+ /* loop over nibbles */
+ *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
+ *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
+ *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
+ *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
+ *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
+ *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
+ *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
+ *str-- = nibble_to_hex_char(tmp & 0xf);
+
+ /* now print stream */
+ fprintf(stream, string);
+ }
+
+ return 0;
+
+}
+
+
+int
+hex_string_length(char *s) {
+ int count = 0;
+
+ /* ignore leading zeros */
+ while ((*s != 0) && *s == '0')
+ s++;
+
+ /* count remaining characters */
+ while (*s != 0) {
+ if (hex_char_to_nibble(*s++) == -1)
+ return -1;
+ count++;
+ }
+
+ return count;
+}
+
+int
+bitvector_set_from_hex(bitvector_t *v, char *string) {
+ int num_hex_chars, m, n, i, j;
+ uint32_t tmp;
+
+ num_hex_chars = hex_string_length(string);
+ if (num_hex_chars == -1)
+ return -1;
+
+ /* set length */
+ v->length = num_hex_chars * 4;
+ /*
+ * at this point, we should subtract away a bit if the high
+ * bit of the first character is zero, but we ignore that
+ * for now and assume that we're four-bit aligned - DAM
+ */
+
+
+ m = num_hex_chars / 8; /* number of words */
+ n = num_hex_chars % 8; /* number of nibbles in last word */
+
+ /* if the length is greater than the bitvector, return an error */
+ if (m > BITVECTOR_MAX_WORDS)
+ return -1;
+
+ /*
+ * loop over words from most significant - first word is a special
+ * case
+ */
+
+ if (n) {
+ tmp = 0;
+ for (i=0; i < n; i++) {
+ tmp = hex_char_to_nibble(*string++);
+ tmp <<= 4;
+ }
+ v->word[m] = tmp;
+ }
+
+ /* now loop over the rest of the words */
+ for (i=m-1; i >= 0; i--) {
+ tmp = 0;
+ for (j=0; j < 8; j++) {
+ tmp = hex_char_to_nibble(*string++);
+ tmp <<= 4;
+ }
+ v->word[i] = tmp;
+ }
+
+ return 0;
+}
+
+
+/* functions below not yet tested! */
+
+int
+v32_low_bit(v32_t *w) {
+ int value;
+
+ value = low_bit[w->v8[0]];
+ if (value != -1)
+ return value;
+ value = low_bit[w->v8[1]];
+ if (value != -1)
+ return value + 8;
+ value = low_bit[w->v8[2]];
+ if (value != -1)
+ return value + 16;
+ value = low_bit[w->v8[3]];
+ if (value == -1)
+ return -1;
+ return value + 24;
+}
+
+/* high_bit not done yet */
+
+
+
+
+
diff --git a/srtp/crypto/math/stat.c b/srtp/crypto/math/stat.c
new file mode 100644
index 0000000..5e46c20
--- /dev/null
+++ b/srtp/crypto/math/stat.c
@@ -0,0 +1,367 @@
+/*
+ * stats.c
+ *
+ * statistical tests for randomness (FIPS 140-2, Section 4.9)
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+#include "stat.h"
+
+debug_module_t mod_stat = {
+ 0, /* debugging is off by default */
+ (char *)"stat test" /* printable module name */
+};
+
+/*
+ * each test assumes that 20,000 bits (2500 octets) of data is
+ * provided as input
+ */
+
+#define STAT_TEST_DATA_LEN 2500
+
+err_status_t
+stat_test_monobit(uint8_t *data) {
+ uint8_t *data_end = data + STAT_TEST_DATA_LEN;
+ uint16_t ones_count;
+
+ ones_count = 0;
+ while (data < data_end) {
+ ones_count += octet_get_weight(*data);
+ data++;
+ }
+
+ debug_print(mod_stat, "bit count: %d", ones_count);
+
+ if ((ones_count < 9725) || (ones_count > 10275))
+ return err_status_algo_fail;
+
+ return err_status_ok;
+}
+
+err_status_t
+stat_test_poker(uint8_t *data) {
+ int i;
+ uint8_t *data_end = data + STAT_TEST_DATA_LEN;
+ double poker;
+ uint16_t f[16] = {
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0
+ };
+
+ while (data < data_end) {
+ f[*data & 0x0f]++; /* increment freq. count for low nibble */
+ f[(*data) >> 4]++; /* increment freq. count for high nibble */
+ data++;
+ }
+
+ poker = 0.0;
+ for (i=0; i < 16; i++)
+ poker += (double) f[i] * f[i];
+
+ poker *= (16.0 / 5000.0);
+ poker -= 5000.0;
+
+ debug_print(mod_stat, "poker test: %f\n", poker);
+
+ if ((poker < 2.16) || (poker > 46.17))
+ return err_status_algo_fail;
+
+ return err_status_ok;
+}
+
+
+/*
+ * runs[i] holds the number of runs of size (i-1)
+ */
+
+err_status_t
+stat_test_runs(uint8_t *data) {
+ uint8_t *data_end = data + STAT_TEST_DATA_LEN;
+ uint16_t runs[6] = { 0, 0, 0, 0, 0, 0 };
+ uint16_t gaps[6] = { 0, 0, 0, 0, 0, 0 };
+ uint16_t lo_value[6] = { 2315, 1114, 527, 240, 103, 103 };
+ uint16_t hi_value[6] = { 2685, 1386, 723, 384, 209, 209 };
+ int state = 0;
+ uint16_t mask;
+ int i;
+
+ /*
+ * the state variable holds the number of bits in the
+ * current run (or gap, if negative)
+ */
+
+ while (data < data_end) {
+
+ /* loop over the bits of this byte */
+ for (mask = 1; mask < 256; mask <<= 1) {
+ if (*data & mask) {
+
+ /* next bit is a one */
+ if (state > 0) {
+
+ /* prefix is a run, so increment the run-count */
+ state++;
+
+ /* check for long runs */
+ if (state > 25) {
+ debug_print(mod_stat, ">25 runs: %d", state);
+ return err_status_algo_fail;
+ }
+
+ } else if (state < 0) {
+
+ /* prefix is a gap */
+ if (state < -25) {
+ debug_print(mod_stat, ">25 gaps: %d", state);
+ return err_status_algo_fail; /* long-runs test failed */
+ }
+ if (state < -6) {
+ state = -6; /* group together gaps > 5 */
+ }
+ gaps[-1-state]++; /* increment gap count */
+ state = 1; /* set state at one set bit */
+ } else {
+
+ /* state is zero; this happens only at initialization */
+ state = 1;
+ }
+ } else {
+
+ /* next bit is a zero */
+ if (state > 0) {
+
+ /* prefix is a run */
+ if (state > 25) {
+ debug_print(mod_stat, ">25 runs (2): %d", state);
+ return err_status_algo_fail; /* long-runs test failed */
+ }
+ if (state > 6) {
+ state = 6; /* group together runs > 5 */
+ }
+ runs[state-1]++; /* increment run count */
+ state = -1; /* set state at one zero bit */
+ } else if (state < 0) {
+
+ /* prefix is a gap, so increment gap-count (decrement state) */
+ state--;
+
+ /* check for long gaps */
+ if (state < -25) {
+ debug_print(mod_stat, ">25 gaps (2): %d", state);
+ return err_status_algo_fail;
+ }
+
+ } else {
+
+ /* state is zero; this happens only at initialization */
+ state = -1;
+ }
+ }
+ }
+
+ /* move along to next octet */
+ data++;
+ }
+
+ if (mod_stat.on) {
+ debug_print(mod_stat, "runs test", NULL);
+ for (i=0; i < 6; i++)
+ debug_print(mod_stat, " runs[]: %d", runs[i]);
+ for (i=0; i < 6; i++)
+ debug_print(mod_stat, " gaps[]: %d", gaps[i]);
+ }
+
+ /* check run and gap counts against the fixed limits */
+ for (i=0; i < 6; i++)
+ if ( (runs[i] < lo_value[i] ) || (runs[i] > hi_value[i])
+ || (gaps[i] < lo_value[i] ) || (gaps[i] > hi_value[i]))
+ return err_status_algo_fail;
+
+
+ return err_status_ok;
+}
+
+
+/*
+ * the function stat_test_rand_source applys the FIPS-140-2 statistical
+ * tests to the random source defined by rs
+ *
+ */
+
+#define RAND_SRC_BUF_OCTETS 50 /* this value MUST divide 2500! */
+
+err_status_t
+stat_test_rand_source(rand_source_func_t get_rand_bytes) {
+ int i;
+ double poker;
+ uint8_t *data, *data_end;
+ uint16_t f[16] = {
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0
+ };
+ uint8_t buffer[RAND_SRC_BUF_OCTETS];
+ err_status_t status;
+ int ones_count = 0;
+ uint16_t runs[6] = { 0, 0, 0, 0, 0, 0 };
+ uint16_t gaps[6] = { 0, 0, 0, 0, 0, 0 };
+ uint16_t lo_value[6] = { 2315, 1114, 527, 240, 103, 103 };
+ uint16_t hi_value[6] = { 2685, 1386, 723, 384, 209, 209 };
+ int state = 0;
+ uint16_t mask;
+
+ /* counters for monobit, poker, and runs tests are initialized above */
+
+ /* main loop: fill buffer, update counters for stat tests */
+ for (i=0; i < 2500; i+=RAND_SRC_BUF_OCTETS) {
+
+ /* fill data buffer */
+ status = get_rand_bytes(buffer, RAND_SRC_BUF_OCTETS);
+ if (status) {
+ debug_print(mod_stat, "couldn't get rand bytes: %d",status);
+ return status;
+ }
+
+#if 0
+ debug_print(mod_stat, "%s",
+ octet_string_hex_string(buffer, RAND_SRC_BUF_OCTETS));
+#endif
+
+ data = buffer;
+ data_end = data + RAND_SRC_BUF_OCTETS;
+ while (data < data_end) {
+
+ /* update monobit test counter */
+ ones_count += octet_get_weight(*data);
+
+ /* update poker test counters */
+ f[*data & 0x0f]++; /* increment freq. count for low nibble */
+ f[(*data) >> 4]++; /* increment freq. count for high nibble */
+
+ /* update runs test counters */
+ /* loop over the bits of this byte */
+ for (mask = 1; mask < 256; mask <<= 1) {
+ if (*data & mask) {
+
+ /* next bit is a one */
+ if (state > 0) {
+
+ /* prefix is a run, so increment the run-count */
+ state++;
+
+ /* check for long runs */
+ if (state > 25) {
+ debug_print(mod_stat, ">25 runs (3): %d", state);
+ return err_status_algo_fail;
+ }
+
+ } else if (state < 0) {
+
+ /* prefix is a gap */
+ if (state < -25) {
+ debug_print(mod_stat, ">25 gaps (3): %d", state);
+ return err_status_algo_fail; /* long-runs test failed */
+ }
+ if (state < -6) {
+ state = -6; /* group together gaps > 5 */
+ }
+ gaps[-1-state]++; /* increment gap count */
+ state = 1; /* set state at one set bit */
+ } else {
+
+ /* state is zero; this happens only at initialization */
+ state = 1;
+ }
+ } else {
+
+ /* next bit is a zero */
+ if (state > 0) {
+
+ /* prefix is a run */
+ if (state > 25) {
+ debug_print(mod_stat, ">25 runs (4): %d", state);
+ return err_status_algo_fail; /* long-runs test failed */
+ }
+ if (state > 6) {
+ state = 6; /* group together runs > 5 */
+ }
+ runs[state-1]++; /* increment run count */
+ state = -1; /* set state at one zero bit */
+ } else if (state < 0) {
+
+ /* prefix is a gap, so increment gap-count (decrement state) */
+ state--;
+
+ /* check for long gaps */
+ if (state < -25) {
+ debug_print(mod_stat, ">25 gaps (4): %d", state);
+ return err_status_algo_fail;
+ }
+
+ } else {
+
+ /* state is zero; this happens only at initialization */
+ state = -1;
+ }
+ }
+ }
+
+ /* advance data pointer */
+ data++;
+ }
+ }
+
+ /* check to see if test data is within bounds */
+
+ /* check monobit test data */
+
+ debug_print(mod_stat, "stat: bit count: %d", ones_count);
+
+ if ((ones_count < 9725) || (ones_count > 10275)) {
+ debug_print(mod_stat, "stat: failed monobit test %d", ones_count);
+ return err_status_algo_fail;
+ }
+
+ /* check poker test data */
+ poker = 0.0;
+ for (i=0; i < 16; i++)
+ poker += (double) f[i] * f[i];
+
+ poker *= (16.0 / 5000.0);
+ poker -= 5000.0;
+
+ debug_print(mod_stat, "stat: poker test: %f", poker);
+
+ if ((poker < 2.16) || (poker > 46.17)) {
+ debug_print(mod_stat, "stat: failed poker test", NULL);
+ return err_status_algo_fail;
+ }
+
+ /* check run and gap counts against the fixed limits */
+ for (i=0; i < 6; i++)
+ if ((runs[i] < lo_value[i] ) || (runs[i] > hi_value[i])
+ || (gaps[i] < lo_value[i] ) || (gaps[i] > hi_value[i])) {
+ debug_print(mod_stat, "stat: failed run/gap test", NULL);
+ return err_status_algo_fail;
+ }
+
+ debug_print(mod_stat, "passed random stat test", NULL);
+ return err_status_ok;
+}
+
+err_status_t
+stat_test_rand_source_with_repetition(rand_source_func_t source, unsigned num_trials) {
+ unsigned int i;
+ err_status_t err = err_status_algo_fail;
+
+ for (i=0; i < num_trials; i++) {
+ err = stat_test_rand_source(source);
+ if (err == err_status_ok) {
+ return err_status_ok;
+ }
+ debug_print(mod_stat, "failed stat test (try number %d)\n", i);
+ }
+
+ return err;
+}
diff --git a/srtp/crypto/replay/CVS/Entries b/srtp/crypto/replay/CVS/Entries
new file mode 100644
index 0000000..5201253
--- /dev/null
+++ b/srtp/crypto/replay/CVS/Entries
@@ -0,0 +1,4 @@
+/rdb.c/1.4/Thu Jun 8 17:00:28 2006//
+/rdbx.c/1.4/Thu Jun 8 17:00:28 2006//
+/ut_sim.c/1.3/Thu Jun 8 17:00:28 2006//
+D
diff --git a/srtp/crypto/replay/CVS/Repository b/srtp/crypto/replay/CVS/Repository
new file mode 100644
index 0000000..f4ad54d
--- /dev/null
+++ b/srtp/crypto/replay/CVS/Repository
@@ -0,0 +1 @@
+srtp/crypto/replay
diff --git a/srtp/crypto/replay/CVS/Root b/srtp/crypto/replay/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/crypto/replay/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/crypto/replay/rdb.c b/srtp/crypto/replay/rdb.c
new file mode 100644
index 0000000..9f2ea87
--- /dev/null
+++ b/srtp/crypto/replay/rdb.c
@@ -0,0 +1,137 @@
+/*
+ * rdb.c
+ *
+ * Implements a replay database for packet security
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "rdb.h"
+
+
+/*
+ * this implementation of a replay database works as follows:
+ *
+ * window_start is the index of the first packet in the window
+ * bitmask a bit-buffer, containing the most recently entered
+ * index as the leftmost bit
+ *
+ */
+
+/* rdb_init initalizes rdb */
+
+err_status_t
+rdb_init(rdb_t *rdb) {
+ v128_set_to_zero(&rdb->bitmask);
+ rdb->window_start = 0;
+ return err_status_ok;
+}
+
+/*
+ * rdb_check checks to see if index appears in rdb
+ */
+
+err_status_t
+rdb_check(const rdb_t *rdb, uint32_t index) {
+
+ /* if the index appears after (or at very end of) the window, its good */
+ if (index >= rdb->window_start + rdb_bits_in_bitmask)
+ return err_status_ok;
+
+ /* if the index appears before the window, its bad */
+ if (index < rdb->window_start)
+ return err_status_replay_old;
+
+ /* otherwise, the index appears within the window, so check the bitmask */
+ if (v128_get_bit(&rdb->bitmask, (index - rdb->window_start)) == 1)
+ return err_status_replay_fail;
+
+ /* otherwise, the index is okay */
+ return err_status_ok;
+}
+
+/*
+ * rdb_add_index adds index to rdb_t (and does *not* check if
+ * index appears in db)
+ *
+ * this function should be called only after rdb_check has
+ * indicated that the index does not appear in the rdb, e.g., a mutex
+ * should protect the rdb between these calls
+ */
+
+err_status_t
+rdb_add_index(rdb_t *rdb, uint32_t index) {
+ int delta;
+
+ /* here we *assume* that index > rdb->window_start */
+
+ delta = (index - rdb->window_start);
+ if (delta < rdb_bits_in_bitmask) {
+
+ /* if the index is within the window, set the appropriate bit */
+ v128_set_bit(&rdb->bitmask, delta);
+
+ } else {
+
+ delta -= rdb_bits_in_bitmask - 1;
+
+ /* shift the window forward by delta bits*/
+ v128_left_shift(&rdb->bitmask, delta);
+ v128_set_bit(&rdb->bitmask, rdb_bits_in_bitmask-delta);
+ rdb->window_start += delta;
+
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+rdb_increment(rdb_t *rdb) {
+
+ if (rdb->window_start++ > 0x7fffffff)
+ return err_status_key_expired;
+ return err_status_ok;
+}
+
+uint32_t
+rdb_get_value(const rdb_t *rdb) {
+ return rdb->window_start;
+}
diff --git a/srtp/crypto/replay/rdbx.c b/srtp/crypto/replay/rdbx.c
new file mode 100644
index 0000000..12e4e8f
--- /dev/null
+++ b/srtp/crypto/replay/rdbx.c
@@ -0,0 +1,289 @@
+/*
+ * rdbx.c
+ *
+ * a replay database with extended range, using a rollover counter
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "rdbx.h"
+
+#define rdbx_high_bit_in_bitmask 127
+
+/*
+ * from draft-ietf-avt-srtp-00.txt:
+ *
+ * A receiver reconstructs the index i of a packet with sequence
+ * number s using the estimate
+ *
+ * i = 65,536 * t + s,
+ *
+ * where t is chosen from the set { r-1, r, r+1 } such that i is
+ * closest to the value 65,536 * r + s_l. If the value r+1 is used,
+ * then the rollover counter r in the cryptographic context is
+ * incremented by one (if the packet containing s is authentic).
+ */
+
+
+
+/*
+ * rdbx implementation notes
+ *
+ * A xtd_seq_num_t is essentially a sequence number for which some of
+ * the data on the wire are implicit. It logically consists of a
+ * rollover counter and a sequence number; the sequence number is the
+ * explicit part, and the rollover counter is the implicit part.
+ *
+ * Upon receiving a sequence_number (e.g. in a newly received SRTP
+ * packet), the complete xtd_seq_num_t can be estimated by using a
+ * local xtd_seq_num_t as a basis. This is done using the function
+ * index_guess(&local, &guess, seq_from_packet). This function
+ * returns the difference of the guess and the local value. The local
+ * xtd_seq_num_t can be moved forward to the guess using the function
+ * index_advance(&guess, delta), where delta is the difference.
+ *
+ *
+ * A rdbx_t consists of a xtd_seq_num_t and a bitmask. The index is highest
+ * sequence number that has been received, and the bitmask indicates
+ * which of the recent indicies have been received as well. The
+ * highest bit in the bitmask corresponds to the index in the bitmask.
+ */
+
+
+void
+index_init(xtd_seq_num_t *pi) {
+#ifdef NO_64BIT_MATH
+ *pi = make64(0,0);
+#else
+ *pi = 0;
+#endif
+}
+
+void
+index_advance(xtd_seq_num_t *pi, sequence_number_t s) {
+#ifdef NO_64BIT_MATH
+ /* a > ~b means a+b will generate a carry */
+ /* s is uint16 here */
+ *pi = make64(high32(*pi) + (s > ~low32(*pi) ? 1 : 0),low32(*pi) + s);
+#else
+ *pi += s;
+#endif
+}
+
+
+/*
+ * index_guess(local, guess, s)
+ *
+ * given a xtd_seq_num_t local (which represents the last
+ * known-to-be-good received xtd_seq_num_t) and a sequence number s
+ * (from a newly arrived packet), sets the contents of *guess to
+ * contain the best guess of the packet index to which s corresponds,
+ * and returns the difference between *guess and *local
+ *
+ * nota bene - the output is a signed integer, DON'T cast it to a
+ * unsigned integer!
+ */
+
+int
+index_guess(const xtd_seq_num_t *local,
+ xtd_seq_num_t *guess,
+ sequence_number_t s) {
+#ifdef NO_64BIT_MATH
+ uint32_t local_roc = ((high32(*local) << 16) |
+ (low32(*local) >> 16));
+ uint16_t local_seq = (uint16_t) (low32(*local));
+#else
+ uint32_t local_roc = (uint32_t)(*local >> 16);
+ uint16_t local_seq = (uint16_t) *local;
+#endif
+#ifdef NO_64BIT_MATH
+ uint32_t guess_roc = ((high32(*guess) << 16) |
+ (low32(*guess) >> 16));
+ uint16_t guess_seq = (uint16_t) (low32(*guess));
+#else
+ uint32_t guess_roc = (uint32_t)(*guess >> 16);
+ uint16_t guess_seq = (uint16_t) *guess;
+#endif
+ int difference;
+
+ if (local_seq < seq_num_median) {
+ if (s - local_seq > seq_num_median) {
+ guess_roc = local_roc - 1;
+ difference = seq_num_max - s + local_seq;
+ } else {
+ guess_roc = local_roc;
+ difference = s - local_seq;
+ }
+ } else {
+ if (local_seq - seq_num_median > s) {
+ guess_roc = local_roc+1;
+ difference = seq_num_max - local_seq + s;
+ } else {
+ difference = s - local_seq;
+ guess_roc = local_roc;
+ }
+ }
+ guess_seq = s;
+
+ /* Note: guess_roc is 32 bits, so this generates a 48-bit result! */
+#ifdef NO_64BIT_MATH
+ *guess = make64(guess_roc >> 16,
+ (guess_roc << 16) | guess_seq);
+#else
+ *guess = (((uint64_t) guess_roc) << 16) | guess_seq;
+#endif
+
+ return difference;
+}
+
+/*
+ * rdbx
+ *
+ */
+
+
+/*
+ * rdbx_init(&r) initalizes the rdbx_t pointed to by r
+ */
+
+err_status_t
+rdbx_init(rdbx_t *rdbx) {
+ v128_set_to_zero(&rdbx->bitmask);
+ index_init(&rdbx->index);
+
+ return err_status_ok;
+}
+
+
+/*
+ * rdbx_check(&r, delta) checks to see if the xtd_seq_num_t
+ * which is at rdbx->index + delta is in the rdb
+ */
+
+err_status_t
+rdbx_check(const rdbx_t *rdbx, int delta) {
+
+ if (delta > 0) { /* if delta is positive, it's good */
+ return err_status_ok;
+ } else if (rdbx_high_bit_in_bitmask + delta < 0) {
+ /* if delta is lower than the bitmask, it's bad */
+ return err_status_replay_old;
+ } else if (v128_get_bit(&rdbx->bitmask,
+ rdbx_high_bit_in_bitmask + delta) == 1) {
+ /* delta is within the window, so check the bitmask */
+ return err_status_replay_fail;
+ }
+ /* otherwise, the index is okay */
+
+ return err_status_ok;
+}
+
+/*
+ * rdbx_add_index adds the xtd_seq_num_t at rdbx->window_start + d to
+ * replay_db (and does *not* check if that xtd_seq_num_t appears in db)
+ *
+ * this function should be called only after replay_check has
+ * indicated that the index does not appear in the rdbx, e.g., a mutex
+ * should protect the rdbx between these calls if need be
+ */
+
+err_status_t
+rdbx_add_index(rdbx_t *rdbx, int delta) {
+
+ if (delta > 0) {
+ /* shift forward by delta */
+ index_advance(&rdbx->index, delta);
+ v128_left_shift(&rdbx->bitmask, delta);
+ v128_set_bit(&rdbx->bitmask, 127);
+ } else {
+ /* delta is in window, so flip bit in bitmask */
+ v128_set_bit(&rdbx->bitmask, -delta);
+ }
+
+ /* note that we need not consider the case that delta == 0 */
+
+ return err_status_ok;
+}
+
+
+
+/*
+ * rdbx_estimate_index(rdbx, guess, s)
+ *
+ * given an rdbx and a sequence number s (from a newly arrived packet),
+ * sets the contents of *guess to contain the best guess of the packet
+ * index to which s corresponds, and returns the difference between
+ * *guess and the locally stored synch info
+ */
+
+int
+rdbx_estimate_index(const rdbx_t *rdbx,
+ xtd_seq_num_t *guess,
+ sequence_number_t s) {
+
+ /*
+ * if the sequence number and rollover counter in the rdbx are
+ * non-zero, then use the index_guess(...) function, otherwise, just
+ * set the rollover counter to zero (since the index_guess(...)
+ * function might incorrectly guess that the rollover counter is
+ * 0xffffffff)
+ */
+
+#ifdef NO_64BIT_MATH
+ /* seq_num_median = 0x8000 */
+ if (high32(rdbx->index) > 0 ||
+ low32(rdbx->index) > seq_num_median)
+#else
+ if (rdbx->index > seq_num_median)
+#endif
+ return index_guess(&rdbx->index, guess, s);
+
+#ifdef NO_64BIT_MATH
+ *guess = make64(0,(uint32_t) s);
+#else
+ *guess = s;
+#endif
+
+#ifdef NO_64BIT_MATH
+ return s - (uint16_t) low32(rdbx->index);
+#else
+ return s - (uint16_t) rdbx->index;
+#endif
+}
diff --git a/srtp/crypto/replay/ut_sim.c b/srtp/crypto/replay/ut_sim.c
new file mode 100644
index 0000000..43c411e
--- /dev/null
+++ b/srtp/crypto/replay/ut_sim.c
@@ -0,0 +1,105 @@
+/*
+ * ut_sim.c
+ *
+ * an unreliable transport simulator
+ * (for testing replay databases and suchlike)
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "ut_sim.h"
+
+
+int
+ut_compar(const void *a, const void *b) {
+ return rand() > (RAND_MAX/2) ? -1 : 1;
+}
+
+void
+ut_init(ut_connection *utc) {
+ int i;
+ utc->index = 0;
+
+ for (i=0; i < UT_BUF; i++)
+ utc->buffer[i] = i;
+
+ qsort(utc->buffer, UT_BUF, sizeof(uint32_t), ut_compar);
+
+ utc->index = UT_BUF - 1;
+}
+
+uint32_t
+ut_next_index(ut_connection *utc) {
+ uint32_t tmp;
+
+ tmp = utc->buffer[0];
+ utc->index++;
+ utc->buffer[0] = utc->index;
+
+ qsort(utc->buffer, UT_BUF, sizeof(uint32_t), ut_compar);
+
+ return tmp;
+}
+
+
+
+#ifdef UT_TEST
+
+#include <stdio.h>
+
+int
+main() {
+ uint32_t i, irecvd, idiff;
+ ut_connection utc;
+
+ ut_init(&utc);
+
+ for (i=0; i < 1000; i++) {
+ irecvd = ut_next_index(&utc);
+ idiff = i - irecvd;
+ printf("%lu\t%lu\t%d\n", i, irecvd, idiff);
+ }
+
+ return 0;
+}
+
+
+#endif
diff --git a/srtp/crypto/rng/CVS/Entries b/srtp/crypto/rng/CVS/Entries
new file mode 100644
index 0000000..f256876
--- /dev/null
+++ b/srtp/crypto/rng/CVS/Entries
@@ -0,0 +1,5 @@
+/ctr_prng.c/1.6/Wed Jul 12 22:22:09 2006//
+/prng.c/1.8/Thu Jun 8 18:51:28 2006//
+/rand_linux_kernel.c/1.1/Mon Oct 3 15:29:10 2005//
+/rand_source.c/1.8/Wed Jul 12 22:22:09 2006//
+D
diff --git a/srtp/crypto/rng/CVS/Repository b/srtp/crypto/rng/CVS/Repository
new file mode 100644
index 0000000..aeb47c2
--- /dev/null
+++ b/srtp/crypto/rng/CVS/Repository
@@ -0,0 +1 @@
+srtp/crypto/rng
diff --git a/srtp/crypto/rng/CVS/Root b/srtp/crypto/rng/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/crypto/rng/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/crypto/rng/ctr_prng.c b/srtp/crypto/rng/ctr_prng.c
new file mode 100644
index 0000000..ab76df3
--- /dev/null
+++ b/srtp/crypto/rng/ctr_prng.c
@@ -0,0 +1,108 @@
+/*
+ * ctr_prng.c
+ *
+ * counter mode based pseudorandom source
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "prng.h"
+
+/* single, global prng structure */
+
+ctr_prng_t ctr_prng;
+
+err_status_t
+ctr_prng_init(rand_source_func_t random_source) {
+ uint8_t tmp_key[32];
+ err_status_t status;
+
+ /* initialize output count to zero */
+ ctr_prng.octet_count = 0;
+
+ /* set random source */
+ ctr_prng.rand = random_source;
+
+ /* initialize secret key from random source */
+ status = random_source(tmp_key, 32);
+ if (status)
+ return status;
+
+ /* initialize aes ctr context with random key */
+ status = aes_icm_context_init(&ctr_prng.state, tmp_key);
+ if (status)
+ return status;
+
+ return err_status_ok;
+}
+
+err_status_t
+ctr_prng_get_octet_string(void *dest, uint32_t len) {
+ err_status_t status;
+
+ /*
+ * if we need to re-initialize the prng, do so now
+ *
+ * avoid 32-bit overflows by subtracting instead of adding
+ */
+ if (ctr_prng.octet_count > MAX_PRNG_OUT_LEN - len) {
+ status = ctr_prng_init(ctr_prng.rand);
+ if (status)
+ return status;
+ }
+ ctr_prng.octet_count += len;
+
+ /*
+ * write prng output
+ */
+ status = aes_icm_output(&ctr_prng.state, (uint8_t*)dest, len);
+ if (status)
+ return status;
+
+ return err_status_ok;
+}
+
+err_status_t
+ctr_prng_deinit(void) {
+
+ /* nothing */
+
+ return err_status_ok;
+}
diff --git a/srtp/crypto/rng/prng.c b/srtp/crypto/rng/prng.c
new file mode 100644
index 0000000..69350a4
--- /dev/null
+++ b/srtp/crypto/rng/prng.c
@@ -0,0 +1,180 @@
+/*
+ * prng.c
+ *
+ * pseudorandom source
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "prng.h"
+
+/* single, global prng structure */
+
+x917_prng_t x917_prng;
+
+err_status_t
+x917_prng_init(rand_source_func_t random_source) {
+ v128_t tmp_key;
+ err_status_t status;
+
+ /* initialize output count to zero */
+ x917_prng.octet_count = 0;
+
+ /* set random source */
+ x917_prng.rand = random_source;
+
+ /* initialize secret key from random source */
+ status = random_source((uint8_t *)&tmp_key, 16);
+ if (status)
+ return status;
+
+ /* expand aes key */
+ aes_expand_encryption_key(&tmp_key, x917_prng.key);
+
+ /* initialize prng state from random source */
+ status = x917_prng.rand((uint8_t *)&x917_prng.state, 16);
+ if (status)
+ return status;
+
+ return err_status_ok;
+}
+
+err_status_t
+x917_prng_get_octet_string(uint8_t *dest, uint32_t len) {
+ uint32_t t;
+ v128_t buffer;
+ uint32_t i, tail_len;
+ err_status_t status;
+
+ /*
+ * if we need to re-initialize the prng, do so now
+ *
+ * avoid overflows by subtracting instead of adding
+ */
+ if (x917_prng.octet_count > MAX_PRNG_OUT_LEN - len) {
+ status = x917_prng_init(x917_prng.rand);
+ if (status)
+ return status;
+ }
+ x917_prng.octet_count += len;
+
+ /* find out the time */
+ t = (uint32_t)time(NULL);
+
+ /* loop until we have output enough data */
+ for (i=0; i < len/16; i++) {
+
+ /* exor time into state */
+ x917_prng.state.v32[0] ^= t;
+
+ /* copy state into buffer */
+ v128_copy(&buffer, &x917_prng.state);
+
+ /* apply aes to buffer */
+ aes_encrypt(&buffer, x917_prng.key);
+
+ /* write data to output */
+ *dest++ = buffer.v8[0];
+ *dest++ = buffer.v8[1];
+ *dest++ = buffer.v8[2];
+ *dest++ = buffer.v8[3];
+ *dest++ = buffer.v8[4];
+ *dest++ = buffer.v8[5];
+ *dest++ = buffer.v8[6];
+ *dest++ = buffer.v8[7];
+ *dest++ = buffer.v8[8];
+ *dest++ = buffer.v8[9];
+ *dest++ = buffer.v8[10];
+ *dest++ = buffer.v8[11];
+ *dest++ = buffer.v8[12];
+ *dest++ = buffer.v8[13];
+ *dest++ = buffer.v8[14];
+ *dest++ = buffer.v8[15];
+
+ /* exor time into buffer */
+ buffer.v32[0] ^= t;
+
+ /* encrypt buffer */
+ aes_encrypt(&buffer, x917_prng.key);
+
+ /* copy buffer into state */
+ v128_copy(&x917_prng.state, &buffer);
+
+ }
+
+ /* if we need to output any more octets, we'll do so now */
+ tail_len = len % 16;
+ if (tail_len) {
+
+ /* exor time into state */
+ x917_prng.state.v32[0] ^= t;
+
+ /* copy value into buffer */
+ v128_copy(&buffer, &x917_prng.state);
+
+ /* apply aes to buffer */
+ aes_encrypt(&buffer, x917_prng.key);
+
+ /* write data to output */
+ for (i=0; i < tail_len; i++) {
+ *dest++ = buffer.v8[i];
+ }
+
+ /* now update the state one more time */
+
+ /* exor time into buffer */
+ buffer.v32[0] ^= t;
+
+ /* encrypt buffer */
+ aes_encrypt(&buffer, x917_prng.key);
+
+ /* copy buffer into state */
+ v128_copy(&x917_prng.state, &buffer);
+
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+x917_prng_deinit(void) {
+
+ return err_status_ok;
+}
diff --git a/srtp/crypto/rng/rand_linux_kernel.c b/srtp/crypto/rng/rand_linux_kernel.c
new file mode 100644
index 0000000..c51978e
--- /dev/null
+++ b/srtp/crypto/rng/rand_linux_kernel.c
@@ -0,0 +1,65 @@
+/*
+ * rand_linux_kernel.c
+ *
+ * implements a random source using Linux kernel functions
+ *
+ * Marcus Sundberg
+ * Ingate Systems AB
+ */
+/*
+ *
+ * Copyright(c) 2005 Ingate Systems AB
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the author(s) nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "config.h"
+#include "rand_source.h"
+
+
+err_status_t
+rand_source_init(void) {
+ return err_status_ok;
+}
+
+err_status_t
+rand_source_get_octet_string(void *dest, uint32_t len) {
+
+ get_random_bytes(dest, len);
+
+ return err_status_ok;
+}
+
+err_status_t
+rand_source_deinit(void) {
+ return err_status_ok;
+}
diff --git a/srtp/crypto/rng/rand_source.c b/srtp/crypto/rng/rand_source.c
new file mode 100644
index 0000000..4de5105
--- /dev/null
+++ b/srtp/crypto/rng/rand_source.c
@@ -0,0 +1,153 @@
+/*
+ * rand_source.c
+ *
+ * implements a random source based on /dev/random
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "config.h"
+
+#ifdef DEV_URANDOM
+# include <fcntl.h> /* for open() */
+# include <unistd.h> /* for close() */
+#elif (_MSC_VER >= 1400)
+#define _CRT_RAND_S
+# include <stdlib.h>
+# include <stdio.h>
+#else
+# include <stdio.h>
+#endif
+
+#include "rand_source.h"
+
+
+/*
+ * global dev_rand_fdes is file descriptor for /dev/random
+ *
+ * This variable is also used to indicate that the random source has
+ * been initialized. When this variable is set to the value of the
+ * #define RAND_SOURCE_NOT_READY, it indicates that the random source
+ * is not ready to be used. The value of the #define
+ * RAND_SOURCE_READY is for use whenever that variable is used as an
+ * indicator of the state of the random source, but not as a file
+ * descriptor.
+ */
+
+#define RAND_SOURCE_NOT_READY (-1)
+#define RAND_SOURCE_READY (17)
+
+static int dev_random_fdes = RAND_SOURCE_NOT_READY;
+
+
+err_status_t
+rand_source_init(void) {
+ if (dev_random_fdes >= 0) {
+ /* already open */
+ return err_status_ok;
+ }
+#ifdef DEV_URANDOM
+ /* open random source for reading */
+ dev_random_fdes = open(DEV_URANDOM, O_RDONLY);
+ if (dev_random_fdes < 0)
+ return err_status_init_fail;
+#elif (_MSC_VER >= 1400)
+ dev_random_fdes = RAND_SOURCE_READY;
+#else
+ /* no random source available; let the user know */
+ fprintf(stderr, "WARNING: no real random source present!\n");
+ dev_random_fdes = RAND_SOURCE_READY;
+#endif
+ return err_status_ok;
+}
+
+err_status_t
+rand_source_get_octet_string(void *dest, uint32_t len) {
+
+ /*
+ * read len octets from /dev/random to dest, and
+ * check return value to make sure enough octets were
+ * written
+ */
+#ifdef DEV_URANDOM
+ if (read(dev_random_fdes, dest, len) != len)
+ return err_status_fail;
+#elif (_MSC_VER >= 1400)
+ unsigned int *dst = dest;
+ while (len)
+ {
+ unsigned int val = 0;
+ errno_t err = rand_s(&val);
+ if (err != 0)
+ {
+ return err_status_fail;
+ }
+
+ *dst++ = val;
+ len--;
+ }
+#else
+ /* Generic C-library (rand()) version */
+ /* This is a random source of last resort */
+ uint8_t *dst = (uint8_t *)dest;
+ while (len)
+ {
+ int val = rand();
+ /* rand() returns 0-32767 (ugh) */
+ /* Is this a good enough way to get random bytes?
+ It is if it passes FIPS-140... */
+ *dst++ = val & 0xff;
+ len--;
+ }
+#endif
+ return err_status_ok;
+}
+
+err_status_t
+rand_source_deinit(void) {
+ if (dev_random_fdes < 0)
+ return err_status_dealloc_fail; /* well, we haven't really failed, *
+ * but there is something wrong */
+#ifdef DEV_URANDOM
+ close(dev_random_fdes);
+#endif
+ dev_random_fdes = RAND_SOURCE_NOT_READY;
+
+ return err_status_ok;
+}
diff --git a/srtp/crypto/test/.cvsignore b/srtp/crypto/test/.cvsignore
new file mode 100644
index 0000000..888bf59
--- /dev/null
+++ b/srtp/crypto/test/.cvsignore
@@ -0,0 +1,8 @@
+aes_calc
+cipher_driver
+datatypes_driver
+env
+kernel_driver
+rand_gen
+sha1_driver
+stat_driver
diff --git a/srtp/crypto/test/CVS/Entries b/srtp/crypto/test/CVS/Entries
new file mode 100644
index 0000000..40e2798
--- /dev/null
+++ b/srtp/crypto/test/CVS/Entries
@@ -0,0 +1,11 @@
+/.cvsignore/1.1/Thu Sep 29 12:06:41 2005//
+/aes_calc.c/1.4/Sat Oct 8 16:23:59 2005//
+/auth_driver.c/1.3/Thu Jun 8 17:00:29 2006//
+/cipher_driver.c/1.6/Thu Jun 8 17:00:29 2006//
+/datatypes_driver.c/1.6/Thu Jun 8 17:00:29 2006//
+/env.c/1.5/Thu Jun 8 17:00:29 2006//
+/kernel_driver.c/1.3/Thu Jun 8 17:00:29 2006//
+/rand_gen.c/1.3/Thu Jun 8 17:00:29 2006//
+/sha1_driver.c/1.4/Fri Mar 17 17:41:33 2006//
+/stat_driver.c/1.3/Sun Oct 2 20:43:26 2005//
+D
diff --git a/srtp/crypto/test/CVS/Repository b/srtp/crypto/test/CVS/Repository
new file mode 100644
index 0000000..487778e
--- /dev/null
+++ b/srtp/crypto/test/CVS/Repository
@@ -0,0 +1 @@
+srtp/crypto/test
diff --git a/srtp/crypto/test/CVS/Root b/srtp/crypto/test/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/crypto/test/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/crypto/test/aes_calc b/srtp/crypto/test/aes_calc
new file mode 100755
index 0000000..80a0043
--- /dev/null
+++ b/srtp/crypto/test/aes_calc
Binary files differ
diff --git a/srtp/crypto/test/aes_calc.c b/srtp/crypto/test/aes_calc.c
new file mode 100644
index 0000000..2fac07a
--- /dev/null
+++ b/srtp/crypto/test/aes_calc.c
@@ -0,0 +1,111 @@
+/*
+ * aes_calc.c
+ *
+ * A simple AES calculator for generating AES encryption values
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+
+ Example usage (with first NIST FIPS 197 test case):
+
+[sh]$ test/aes_calc 000102030405060708090a0b0c0d0e0f 00112233445566778899aabbccddeeff -v
+ plaintext: 00112233445566778899aabbccddeeff
+ key: 000102030405060708090a0b0c0d0e0f
+ ciphertext: 69c4e0d86a7b0430d8cdb78070b4c55a
+
+ */
+
+#include "aes.h"
+#include <stdio.h>
+#include <string.h>
+
+void
+usage(char *prog_name) {
+ printf("usage: %s <key> <plaintext> [-v]\n", prog_name);
+ exit(255);
+}
+
+#define AES_KEY_LEN 16
+
+int
+main (int argc, char *argv[]) {
+ v128_t data, key;
+ aes_expanded_key_t exp_key;
+ int len;
+ int verbose;
+
+ if (argc == 3) {
+ /* we're not in verbose mode */
+ verbose = 0;
+ } else if (argc == 4) {
+ if (strncmp(argv[3], "-v", 2) == 0) {
+ /* we're in verbose mode */
+ verbose = 1;
+ } else {
+ /* unrecognized flag, complain and exit */
+ usage(argv[0]);
+ }
+ } else {
+ /* we've been fed the wrong number of arguments - compain and exit */
+ usage(argv[0]);
+ }
+
+ /* read in key, checking length */
+ if (strlen(argv[1]) > AES_KEY_LEN*2) {
+ fprintf(stderr,
+ "error: too many digits in key "
+ "(should be %d hexadecimal digits, found %u)\n",
+ AES_KEY_LEN*2, (unsigned)strlen(argv[1]));
+ exit(1);
+ }
+ len = hex_string_to_octet_string((char *)&key, argv[1], AES_KEY_LEN*2);
+ /* check that hex string is the right length */
+ if (len < AES_KEY_LEN*2) {
+ fprintf(stderr,
+ "error: too few digits in key "
+ "(should be %d hexadecimal digits, found %d)\n",
+ AES_KEY_LEN*2, len);
+ exit(1);
+ }
+
+ /* read in plaintext, checking length */
+ if (strlen(argv[2]) > 16*2) {
+ fprintf(stderr,
+ "error: too many digits in plaintext "
+ "(should be %d hexadecimal digits, found %u)\n",
+ 16*2, (unsigned)strlen(argv[2]));
+ exit(1);
+ }
+ len = hex_string_to_octet_string((char *)(&data), argv[2], 16*2);
+ /* check that hex string is the right length */
+ if (len < 16*2) {
+ fprintf(stderr,
+ "error: too few digits in plaintext "
+ "(should be %d hexadecimal digits, found %d)\n",
+ 16*2, len);
+ exit(1);
+ }
+
+ if (verbose) {
+ /* print out plaintext */
+ printf("plaintext:\t%s\n", octet_string_hex_string((uint8_t *)&data, 16));
+ }
+
+ /* encrypt plaintext */
+ aes_expand_encryption_key(&key, exp_key);
+
+ aes_encrypt(&data, exp_key);
+
+ /* write ciphertext to output */
+ if (verbose) {
+ printf("key:\t\t%s\n", v128_hex_string(&key));
+ printf("ciphertext:\t");
+ }
+ printf("%s\n", v128_hex_string(&data));
+
+ return 0;
+}
+
diff --git a/srtp/crypto/test/auth_driver.c b/srtp/crypto/test/auth_driver.c
new file mode 100644
index 0000000..cd8a75d
--- /dev/null
+++ b/srtp/crypto/test/auth_driver.c
@@ -0,0 +1,200 @@
+/*
+ * auth_driver.c
+ *
+ * a driver for auth functions
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <stdio.h> /* for printf() */
+#include <stdlib.h> /* for xalloc() */
+#include <unistd.h> /* for getopt() */
+
+#include "auth.h"
+#include "null_auth.h"
+
+#define PRINT_DEBUG_DATA 0
+
+extern auth_type_t tmmhv2;
+
+const uint16_t msg0[9] = {
+ 0x6015, 0xf141, 0x5ba1, 0x29a0, 0xf604, 0xd1c, 0x2d9, 0xaa8a, 0x7931
+};
+
+/* key1 is for TAG_WORDS = 2 */
+
+const uint16_t key1[47] = {
+ 0xe627, 0x6a01, 0x5ea7, 0xf27a, 0xc536, 0x2192, 0x11be, 0xea35,
+ 0xdb9d, 0x63d6, 0xfa8a, 0xfc45, 0xe08b, 0xd216, 0xced2, 0x7853,
+ 0x1a82, 0x22f5, 0x90fb, 0x1c29, 0x708e, 0xd06f, 0x82c3, 0xbee6,
+ 0x4f21, 0x6f33, 0x65c0, 0xd211, 0xc25e, 0x9138, 0x4fa3, 0x7c1f,
+ 0x61ac, 0x3489, 0x2976, 0x8c19, 0x8252, 0xddbf, 0xcad3, 0xc28f,
+ 0x68d6, 0x58dd, 0x504f, 0x2bbf, 0x0278, 0x70b7, 0xcfca
+};
+
+double
+auth_bits_per_second(auth_t *h, int msg_len);
+
+
+void
+usage(char *prog_name) {
+ printf("usage: %s [ -t | -v ]\n", prog_name);
+ exit(255);
+}
+
+#define MAX_MSG_LEN 2048
+
+int
+main (int argc, char *argv[]) {
+ auth_t *a = NULL;
+ err_status_t status;
+ int i;
+ int c;
+ unsigned do_timing_test = 0;
+ unsigned do_validation = 0;
+
+ /* process input arguments */
+ while (1) {
+ c = getopt(argc, argv, "tv");
+ if (c == -1)
+ break;
+ switch (c) {
+ case 't':
+ do_timing_test = 1;
+ break;
+ case 'v':
+ do_validation = 1;
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ printf("auth driver\nDavid A. McGrew\nCisco Systems, Inc.\n");
+
+ if (!do_validation && !do_timing_test)
+ usage(argv[0]);
+
+ if (do_validation) {
+ printf("running self-test for %s...", tmmhv2.description);
+ status = tmmhv2_add_big_test();
+ if (status) {
+ printf("tmmhv2_add_big_test failed with error code %d\n", status);
+ exit(status);
+ }
+ status = auth_type_self_test(&tmmhv2);
+ if (status) {
+ printf("failed with error code %d\n", status);
+ exit(status);
+ }
+ printf("passed\n");
+ }
+
+ if (do_timing_test) {
+
+ /* tmmhv2 timing test */
+ status = auth_type_alloc(&tmmhv2, &a, 94, 4);
+ if (status) {
+ fprintf(stderr, "can't allocate tmmhv2\n");
+ exit(status);
+ }
+ status = auth_init(a, (uint8_t *)key1);
+ if (status) {
+ printf("error initializaing auth function\n");
+ exit(status);
+ }
+
+ printf("timing %s (tag length %d)\n",
+ tmmhv2.description, auth_get_tag_length(a));
+ for (i=8; i <= MAX_MSG_LEN; i *= 2)
+ printf("msg len: %d\tgigabits per second: %f\n",
+ i, auth_bits_per_second(a, i) / 1E9);
+
+ status = auth_dealloc(a);
+ if (status) {
+ printf("error deallocating auth function\n");
+ exit(status);
+ }
+
+ }
+
+ return 0;
+}
+
+#define NUM_TRIALS 100000
+
+#include <time.h>
+
+double
+auth_bits_per_second(auth_t *a, int msg_len_octets) {
+ int i;
+ clock_t timer;
+ uint8_t *result;
+ int msg_len = (msg_len_octets + 1)/2;
+ uint16_t *msg_string;
+
+ /* create random message */
+ msg_string = (uint16_t *) crypto_alloc(msg_len_octets);
+ if (msg_string == NULL)
+ return 0.0; /* indicate failure */
+ for (i=0; i < msg_len; i++)
+ msg_string[i] = (uint16_t) random();
+
+ /* allocate temporary storage for authentication tag */
+ result = crypto_alloc(auth_get_tag_length(a));
+ if (result == NULL) {
+ free(msg_string);
+ return 0.0; /* indicate failure */
+ }
+
+ timer = clock();
+ for (i=0; i < NUM_TRIALS; i++) {
+ auth_compute(a, (uint8_t *)msg_string, msg_len_octets, (uint8_t *)result);
+ }
+ timer = clock() - timer;
+
+ free(msg_string);
+ free(result);
+
+ return (double) NUM_TRIALS * 8 * msg_len_octets * CLOCKS_PER_SEC / timer;
+}
+
+
diff --git a/srtp/crypto/test/cipher_driver b/srtp/crypto/test/cipher_driver
new file mode 100755
index 0000000..bf62657
--- /dev/null
+++ b/srtp/crypto/test/cipher_driver
Binary files differ
diff --git a/srtp/crypto/test/cipher_driver.c b/srtp/crypto/test/cipher_driver.c
new file mode 100644
index 0000000..25ca90a
--- /dev/null
+++ b/srtp/crypto/test/cipher_driver.c
@@ -0,0 +1,491 @@
+/*
+ * cipher_driver.c
+ *
+ * A driver for the generic cipher type
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h> /* for printf() */
+#include <stdlib.h> /* for rand() */
+#include <string.h> /* for memset() */
+#include <unistd.h> /* for getopt() */
+#include "cipher.h"
+#include "aes_icm.h"
+#include "null_cipher.h"
+
+#define PRINT_DEBUG 0
+
+void
+cipher_driver_test_throughput(cipher_t *c);
+
+err_status_t
+cipher_driver_self_test(cipher_type_t *ct);
+
+
+/*
+ * cipher_driver_test_buffering(ct) tests the cipher's output
+ * buffering for correctness by checking the consistency of succesive
+ * calls
+ */
+
+err_status_t
+cipher_driver_test_buffering(cipher_t *c);
+
+
+/*
+ * functions for testing cipher cache thrash
+ */
+err_status_t
+cipher_driver_test_array_throughput(cipher_type_t *ct,
+ int klen, int num_cipher);
+
+void
+cipher_array_test_throughput(cipher_t *ca[], int num_cipher);
+
+uint64_t
+cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher,
+ unsigned octets_in_buffer, int num_trials);
+
+err_status_t
+cipher_array_delete(cipher_t *cipher_array[], int num_cipher);
+
+err_status_t
+cipher_array_alloc_init(cipher_t ***cipher_array, int num_ciphers,
+ cipher_type_t *ctype, int klen);
+
+void
+usage(char *prog_name) {
+ printf("usage: %s [ -t | -v | -a ]\n", prog_name);
+ exit(255);
+}
+
+void
+check_status(err_status_t s) {
+ if (s) {
+ printf("error (code %d)\n", s);
+ exit(s);
+ }
+ return;
+}
+
+/*
+ * null_cipher, aes_icm, and aes_cbc are the cipher meta-objects
+ * defined in the files in crypto/cipher subdirectory. these are
+ * declared external so that we can use these cipher types here
+ */
+
+extern cipher_type_t null_cipher;
+extern cipher_type_t aes_icm;
+extern cipher_type_t aes_cbc;
+
+int
+main(int argc, char *argv[]) {
+ cipher_t *c = NULL;
+ err_status_t status;
+ unsigned char test_key[20] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13
+ };
+ int q;
+ unsigned do_timing_test = 0;
+ unsigned do_validation = 0;
+ unsigned do_array_timing_test = 0;
+
+ /* process input arguments */
+ while (1) {
+ q = getopt(argc, argv, "tva");
+ if (q == -1)
+ break;
+ switch (q) {
+ case 't':
+ do_timing_test = 1;
+ break;
+ case 'v':
+ do_validation = 1;
+ break;
+ case 'a':
+ do_array_timing_test = 1;
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ printf("cipher test driver\n"
+ "David A. McGrew\n"
+ "Cisco Systems, Inc.\n");
+
+ if (!do_validation && !do_timing_test && !do_array_timing_test)
+ usage(argv[0]);
+
+ /* arry timing (cache thrash) test */
+ if (do_array_timing_test) {
+ int max_num_cipher = 1 << 16; /* number of ciphers in cipher_array */
+ int num_cipher;
+
+ for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
+ cipher_driver_test_array_throughput(&null_cipher, 0, num_cipher);
+
+ for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
+ cipher_driver_test_array_throughput(&aes_icm, 30, num_cipher);
+
+ for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
+ cipher_driver_test_array_throughput(&aes_cbc, 16, num_cipher);
+
+ }
+
+ if (do_validation) {
+ cipher_driver_self_test(&null_cipher);
+ cipher_driver_self_test(&aes_icm);
+ cipher_driver_self_test(&aes_cbc);
+ }
+
+ /* do timing and/or buffer_test on null_cipher */
+ status = cipher_type_alloc(&null_cipher, &c, 0);
+ check_status(status);
+
+ status = cipher_init(c, NULL, direction_encrypt);
+ check_status(status);
+
+ if (do_timing_test)
+ cipher_driver_test_throughput(c);
+ if (do_validation) {
+ status = cipher_driver_test_buffering(c);
+ check_status(status);
+ }
+ status = cipher_dealloc(c);
+ check_status(status);
+
+
+ /* run the throughput test on the aes_icm cipher */
+ status = cipher_type_alloc(&aes_icm, &c, 30);
+ if (status) {
+ fprintf(stderr, "error: can't allocate cipher\n");
+ exit(status);
+ }
+
+ status = cipher_init(c, test_key, direction_encrypt);
+ check_status(status);
+
+ if (do_timing_test)
+ cipher_driver_test_throughput(c);
+
+ if (do_validation) {
+ status = cipher_driver_test_buffering(c);
+ check_status(status);
+ }
+
+ status = cipher_dealloc(c);
+ check_status(status);
+
+ return 0;
+}
+
+void
+cipher_driver_test_throughput(cipher_t *c) {
+ int i;
+ int min_enc_len = 32;
+ int max_enc_len = 2048; /* should be a power of two */
+ int num_trials = 100000;
+
+ printf("timing %s throughput:\n", c->type->description);
+ fflush(stdout);
+ for (i=min_enc_len; i <= max_enc_len; i = i * 2)
+ printf("msg len: %d\tgigabits per second: %f\n",
+ i, cipher_bits_per_second(c, i, num_trials) / 1e9);
+
+}
+
+err_status_t
+cipher_driver_self_test(cipher_type_t *ct) {
+ err_status_t status;
+
+ printf("running cipher self-test for %s...", ct->description);
+ status = cipher_type_self_test(ct);
+ if (status) {
+ printf("failed with error code %d\n", status);
+ exit(status);
+ }
+ printf("passed\n");
+
+ return err_status_ok;
+}
+
+/*
+ * cipher_driver_test_buffering(ct) tests the cipher's output
+ * buffering for correctness by checking the consistency of succesive
+ * calls
+ */
+
+err_status_t
+cipher_driver_test_buffering(cipher_t *c) {
+ int i, j, num_trials = 1000;
+ unsigned len, buflen = 1024;
+ uint8_t buffer0[buflen], buffer1[buflen], *current, *end;
+ uint8_t idx[16] = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34
+ };
+ err_status_t status;
+
+ printf("testing output buffering for cipher %s...",
+ c->type->description);
+
+ for (i=0; i < num_trials; i++) {
+
+ /* set buffers to zero */
+ for (j=0; j < buflen; j++)
+ buffer0[j] = buffer1[j] = 0;
+
+ /* initialize cipher */
+ status = cipher_set_iv(c, idx);
+ if (status)
+ return status;
+
+ /* generate 'reference' value by encrypting all at once */
+ status = cipher_encrypt(c, buffer0, &buflen);
+ if (status)
+ return status;
+
+ /* re-initialize cipher */
+ status = cipher_set_iv(c, idx);
+ if (status)
+ return status;
+
+ /* now loop over short lengths until buffer1 is encrypted */
+ current = buffer1;
+ end = buffer1 + buflen;
+ while (current < end) {
+
+ /* choose a short length */
+ len = rand() & 0x01f;
+
+ /* make sure that len doesn't cause us to overreach the buffer */
+ if (current + len > end)
+ len = end - current;
+
+ status = cipher_encrypt(c, current, &len);
+ if (status)
+ return status;
+
+ /* advance pointer into buffer1 to reflect encryption */
+ current += len;
+
+ /* if buffer1 is all encrypted, break out of loop */
+ if (current == end)
+ break;
+ }
+
+ /* compare buffers */
+ for (j=0; j < buflen; j++)
+ if (buffer0[j] != buffer1[j]) {
+#if PRINT_DEBUG
+ printf("test case %d failed at byte %d\n", i, j);
+ printf("computed: %s\n", octet_string_hex_string(buffer1, buflen));
+ printf("expected: %s\n", octet_string_hex_string(buffer0, buflen));
+#endif
+ return err_status_algo_fail;
+ }
+ }
+
+ printf("passed\n");
+
+ return err_status_ok;
+}
+
+
+/*
+ * The function cipher_test_throughput_array() tests the effect of CPU
+ * cache thrash on cipher throughput.
+ *
+ * cipher_array_alloc_init(ctype, array, num_ciphers) creates an array
+ * of cipher_t of type ctype
+ */
+
+err_status_t
+cipher_array_alloc_init(cipher_t ***ca, int num_ciphers,
+ cipher_type_t *ctype, int klen) {
+ int i, j;
+ err_status_t status;
+ uint8_t *key;
+ cipher_t **cipher_array;
+
+ /* allocate array of pointers to ciphers */
+ cipher_array = (cipher_t **) malloc(sizeof(cipher_t *) * num_ciphers);
+ if (cipher_array == NULL)
+ return err_status_alloc_fail;
+
+ /* set ca to location of cipher_array */
+ *ca = cipher_array;
+
+ /* allocate key */
+ key = crypto_alloc(klen);
+ if (key == NULL) {
+ free(cipher_array);
+ return err_status_alloc_fail;
+ }
+
+ /* allocate and initialize an array of ciphers */
+ for (i=0; i < num_ciphers; i++) {
+
+ /* allocate cipher */
+ status = cipher_type_alloc(ctype, cipher_array, klen);
+ if (status)
+ return status;
+
+ /* generate random key and initialize cipher */
+ for (j=0; j < klen; j++)
+ key[j] = (uint8_t) rand();
+ status = cipher_init(*cipher_array, key, direction_encrypt);
+ if (status)
+ return status;
+
+/* printf("%dth cipher is at %p\n", i, *cipher_array); */
+/* printf("%dth cipher description: %s\n", i, */
+/* (*cipher_array)->type->description); */
+
+ /* advance cipher array pointer */
+ cipher_array++;
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+cipher_array_delete(cipher_t *cipher_array[], int num_cipher) {
+ int i;
+
+ for (i=0; i < num_cipher; i++) {
+ cipher_dealloc(cipher_array[i]);
+ }
+
+ free(cipher_array);
+
+ return err_status_ok;
+}
+
+
+/*
+ * cipher_array_bits_per_second(c, l, t) computes (an estimate of) the
+ * number of bits that a cipher implementation can encrypt in a second
+ * when distinct keys are used to encrypt distinct messages
+ *
+ * c is a cipher (which MUST be allocated an initialized already), l
+ * is the length in octets of the test data to be encrypted, and t is
+ * the number of trials
+ *
+ * if an error is encountered, the value 0 is returned
+ */
+
+uint64_t
+cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher,
+ unsigned octets_in_buffer, int num_trials) {
+ int i;
+ v128_t nonce;
+ clock_t timer;
+ unsigned char *enc_buf;
+ int cipher_index = 0;
+
+
+ enc_buf = crypto_alloc(octets_in_buffer);
+ if (enc_buf == NULL)
+ return 0; /* indicate bad parameters by returning null */
+
+ /* time repeated trials */
+ v128_set_to_zero(&nonce);
+ timer = clock();
+ for(i=0; i < num_trials; i++, nonce.v32[3] = i) {
+
+ /* choose a cipher at random from the array*/
+ cipher_index = (*((uint32_t *)enc_buf)) % num_cipher;
+
+ /* encrypt buffer with cipher */
+ cipher_set_iv(cipher_array[cipher_index], &nonce);
+ cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_in_buffer);
+ }
+ timer = clock() - timer;
+
+ free(enc_buf);
+
+ if (timer == 0) {
+ /* Too fast! */
+ return 0;
+ }
+
+ return CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
+}
+
+void
+cipher_array_test_throughput(cipher_t *ca[], int num_cipher) {
+ int i;
+ int min_enc_len = 16;
+ int max_enc_len = 2048; /* should be a power of two */
+ int num_trials = 10000;
+
+ printf("timing %s throughput with array size %d:\n",
+ (ca[0])->type->description, num_cipher);
+ fflush(stdout);
+ for (i=min_enc_len; i <= max_enc_len; i = i * 4)
+ printf("msg len: %d\tgigabits per second: %f\n", i,
+ cipher_array_bits_per_second(ca, num_cipher, i, num_trials) / 1e9);
+
+}
+
+err_status_t
+cipher_driver_test_array_throughput(cipher_type_t *ct,
+ int klen, int num_cipher) {
+ cipher_t **ca = NULL;
+ err_status_t status;
+
+ status = cipher_array_alloc_init(&ca, num_cipher, ct, klen);
+ if (status) {
+ printf("error: cipher_array_alloc_init() failed with error code %d\n",
+ status);
+ return status;
+ }
+
+ cipher_array_test_throughput(ca, num_cipher);
+
+ cipher_array_delete(ca, num_cipher);
+
+ return err_status_ok;
+}
diff --git a/srtp/crypto/test/datatypes_driver b/srtp/crypto/test/datatypes_driver
new file mode 100755
index 0000000..6782e54
--- /dev/null
+++ b/srtp/crypto/test/datatypes_driver
Binary files differ
diff --git a/srtp/crypto/test/datatypes_driver.c b/srtp/crypto/test/datatypes_driver.c
new file mode 100644
index 0000000..f186652
--- /dev/null
+++ b/srtp/crypto/test/datatypes_driver.c
@@ -0,0 +1,237 @@
+/*
+ * datatypes_driver.c
+ *
+ * a test driver for crypto/math datatypes
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <stdio.h> /* for printf() */
+#include <string.h> /* for strlen() */
+#include "datatypes.h"
+
+void
+byte_order(void);
+
+void
+test_hex_string_funcs(void);
+
+void
+print_string(char *s);
+
+void
+test_bswap(void);
+
+int
+main (void) {
+
+ /*
+ * this program includes various and sundry tests for fundamental
+ * datatypes. it's a grab-bag of throwaway code, retained only in
+ * case of future problems
+ */
+
+ int i, j;
+ v128_t x;
+ char *r =
+ "The Moving Finger writes; and, having writ,\n"
+ "Moves on: nor all thy Piety nor Wit\n"
+ "Shall lure it back to cancel half a Line,\n"
+ "Nor all thy Tears wash out a Word of it.";
+ char *s = "incomplet";
+
+ print_string(r);
+ print_string(s);
+
+ byte_order();
+ test_hex_string_funcs();
+
+ for (j=0; j < 128; j++) {
+ v128_set_to_zero(&x);
+ /* x.v32[0] = (1 << j); */
+ v128_set_bit(&x, j);
+ printf("%s\n", v128_bit_string(&x));
+ v128_clear_bit(&x, j);
+ printf("%s\n", v128_bit_string(&x));
+
+ }
+
+ printf("----------------------------------------------\n");
+ v128_set_to_zero(&x);
+ for (i=0; i < 128; i++) {
+ v128_set_bit(&x, i);
+ }
+ printf("%s\n", v128_bit_string(&x));
+
+ printf("----------------------------------------------\n");
+ v128_set_to_zero(&x);
+ v128_set_bit(&x, 0);
+ for (i=0; i < 128; i++) {
+ printf("%s\n", v128_bit_string(&x));
+ v128_right_shift(&x, 1);
+ }
+ printf("----------------------------------------------\n");
+ v128_set_to_zero(&x);
+ v128_set_bit(&x, 127);
+ for (i=0; i < 128; i++) {
+ printf("%s\n", v128_bit_string(&x));
+ v128_left_shift(&x, 1);
+ }
+ printf("----------------------------------------------\n");
+ for (i=0; i < 128; i++) {
+ v128_set_to_zero(&x);
+ v128_set_bit(&x, 127);
+ v128_left_shift(&x, i);
+ printf("%s\n", v128_bit_string(&x));
+ }
+ printf("----------------------------------------------\n");
+ v128_set_to_zero(&x);
+ for (i=0; i < 128; i+=2) {
+ v128_set_bit(&x, i);
+ }
+ printf("bit_string: { %s }\n", v128_bit_string(&x));
+ printf("get_bit: { ");
+ for (i=0; i < 128; i++) {
+ if (v128_get_bit(&x, i) == 1)
+ printf("1");
+ else
+ printf("0");
+ }
+ printf(" } \n");
+
+ test_bswap();
+
+ return 0;
+}
+
+
+/* byte_order() prints out byte ordering of datatypes */
+
+void
+byte_order(void) {
+ int i;
+ v128_t e;
+#if 0
+ v16_t b;
+ v32_t c;
+ v64_t d;
+
+ for (i=0; i < sizeof(b); i++)
+ b.octet[i] = i;
+ for (i=0; i < sizeof(c); i++)
+ c.octet[i] = i;
+ for (i=0; i < sizeof(d); i++)
+ d.octet[i] = i;
+
+ printf("v128_t:\t%s\n", v128_hex_string(&e));
+ printf("v64_t:\t%s\n", v64_hex_string(&d));
+ printf("v32_t:\t%s\n", v32_hex_string(c));
+ printf("v16_t:\t%s\n", v16_hex_string(b));
+
+ c.value = 0x01020304;
+ printf("v32_t:\t%s\n", v32_hex_string(c));
+ b.value = 0x0102;
+ printf("v16_t:\t%s\n", v16_hex_string(b));
+
+ printf("uint16_t ordering:\n");
+
+ c.value = 0x00010002;
+ printf("v32_t:\t%x%x\n", c.v16[0], c.v16[1]);
+#endif
+
+ printf("byte ordering of crypto/math datatypes:\n");
+ for (i=0; i < sizeof(e); i++)
+ e.v8[i] = i;
+ printf("v128_t: %s\n", v128_hex_string(&e));
+
+}
+
+void
+test_hex_string_funcs(void) {
+ char hex1[] = "abadcafe";
+ char hex2[] = "0123456789abcdefqqqqq";
+ char raw[10];
+ int len;
+
+ len = hex_string_to_octet_string(raw, hex1, strlen(hex1));
+ printf("computed length: %d\tstring: %s\n", len,
+ octet_string_hex_string(raw, len/2));
+ printf("expected length: %u\tstring: %s\n", (unsigned)strlen(hex1), hex1);
+
+ len = hex_string_to_octet_string(raw, hex2, strlen(hex2));
+ printf("computed length: %d\tstring: %s\n", len,
+ octet_string_hex_string(raw, len/2));
+ printf("expected length: %d\tstring: %s\n", 16, "0123456789abcdef");
+
+}
+
+void
+print_string(char *s) {
+ int i;
+ printf("%s\n", s);
+ printf("strlen(s) = %u\n", (unsigned)strlen(s));
+ printf("{ ");
+ for (i=0; i < strlen(s); i++) {
+ printf("0x%x, ", s[i]);
+ if (((i+1) % 8) == 0)
+ printf("\n ");
+ }
+ printf("}\n");
+}
+
+void
+test_bswap(void) {
+ uint32_t x = 0x11223344;
+ uint64_t y = 0x1122334455667788LL;
+
+ printf("before: %0x\nafter: %0x\n", x, be32_to_cpu(x));
+ printf("before: %0llx\nafter: %0llx\n", (unsigned long long)y,
+ (unsigned long long)be64_to_cpu(y));
+
+ y = 1234;
+
+ printf("1234: %0llx\n", (unsigned long long)y);
+ printf("as octet string: %s\n",
+ octet_string_hex_string((uint8_t *) &y, 8));
+ y = be64_to_cpu(y);
+ printf("bswapped octet string: %s\n",
+ octet_string_hex_string((uint8_t *) &y, 8));
+}
diff --git a/srtp/crypto/test/env.c b/srtp/crypto/test/env.c
new file mode 100644
index 0000000..37a6e27
--- /dev/null
+++ b/srtp/crypto/test/env.c
@@ -0,0 +1,99 @@
+/*
+ * env.c
+ *
+ * prints out a brief report on the build environment
+ *
+ * David McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h>
+#include <string.h> /* for srtcmp() */
+#include "config.h"
+
+int
+main(void) {
+ int err_count = 0;
+ char *str;
+
+#ifdef WORDS_BIGENDIAN
+ printf("CPU set to big-endian\t\t\t(WORDS_BIGENDIAN == 1)\n");
+#else
+ printf("CPU set to little-endian\t\t(WORDS_BIGENDIAN == 0)\n");
+#endif
+
+#ifdef CPU_RISC
+ printf("CPU set to RISC\t\t\t\t(CPU_RISC == 1)\n");
+#elif defined(CPU_CISC)
+ printf("CPU set to CISC\t\t\t\t(CPU_CISC == 1)\n");
+#else
+ printf("CPU set to an unknown type, probably due to a configuration error\n");
+ err_count++;
+#endif
+
+#ifdef CPU_ALTIVEC
+ printf("CPU set to ALTIVEC\t\t\t\t(CPU_ALTIVEC == 0)\n");
+#endif
+
+#ifndef NO_64BIT_MATH
+ printf("using native 64-bit type\t\t(NO_64_BIT_MATH == 0)\n");
+#else
+ printf("using built-in 64-bit math\t\t(NO_64_BIT_MATH == 1)\n");
+#endif
+
+#ifdef ERR_REPORTING_STDOUT
+ printf("using stdout for error reporting\t(ERR_REPORTING_STDOUT == 1)\n");
+#endif
+
+#ifdef DEV_URANDOM
+ str = DEV_URANDOM;
+#else
+ str = "";
+#endif
+ printf("using %s as a random source\t(DEV_URANDOM == %s)\n",
+ str, str);
+ if (strcmp("", str) == 0) {
+ err_count++;
+ }
+
+ if (err_count)
+ printf("warning: configuration is probably in error "
+ "(found %d problems)\n", err_count);
+
+ return err_count;
+}
diff --git a/srtp/crypto/test/kernel_driver b/srtp/crypto/test/kernel_driver
new file mode 100755
index 0000000..4d0fe96
--- /dev/null
+++ b/srtp/crypto/test/kernel_driver
Binary files differ
diff --git a/srtp/crypto/test/kernel_driver.c b/srtp/crypto/test/kernel_driver.c
new file mode 100644
index 0000000..8ef8a5f
--- /dev/null
+++ b/srtp/crypto/test/kernel_driver.c
@@ -0,0 +1,126 @@
+/*
+ * kernel_driver.c
+ *
+ * a test driver for the crypto_kernel
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <stdio.h> /* for printf() */
+#include <unistd.h> /* for getopt() */
+#include "crypto_kernel.h"
+
+void
+usage(char *prog_name) {
+ printf("usage: %s [ -v ][ -d debug_module ]*\n", prog_name);
+ exit(255);
+}
+
+int
+main (int argc, char *argv[]) {
+ extern char *optarg;
+ int q;
+ int do_validation = 0;
+ err_status_t status;
+
+ if (argc == 1)
+ usage(argv[0]);
+
+ /* initialize kernel - we need to do this before anything else */
+ status = crypto_kernel_init();
+ if (status) {
+ printf("error: crypto_kernel init failed\n");
+ exit(1);
+ }
+ printf("crypto_kernel successfully initalized\n");
+
+ /* process input arguments */
+ while (1) {
+ q = getopt(argc, argv, "vd:");
+ if (q == -1)
+ break;
+ switch (q) {
+ case 'v':
+ do_validation = 1;
+ break;
+ case 'd':
+ status = crypto_kernel_set_debug_module(optarg, 1);
+ if (status) {
+ printf("error: set debug module (%s) failed\n", optarg);
+ exit(1);
+ }
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ if (do_validation) {
+ printf("checking crypto_kernel status...\n");
+ status = crypto_kernel_status();
+ if (status) {
+ printf("failed\n");
+ exit(1);
+ }
+ printf("crypto_kernel passed self-tests\n");
+ }
+
+ status = crypto_kernel_shutdown();
+ if (status) {
+ printf("error: crypto_kernel shutdown failed\n");
+ exit(1);
+ }
+ printf("crypto_kernel successfully shut down\n");
+
+ return 0;
+}
+
+/*
+ * crypto_kernel_cipher_test() is a test of the cipher interface
+ * of the crypto_kernel
+ */
+
+err_status_t
+crypto_kernel_cipher_test(void) {
+
+ /* not implemented yet! */
+
+ return err_status_ok;
+}
diff --git a/srtp/crypto/test/rand_gen b/srtp/crypto/test/rand_gen
new file mode 100755
index 0000000..1d0344c
--- /dev/null
+++ b/srtp/crypto/test/rand_gen
Binary files differ
diff --git a/srtp/crypto/test/rand_gen.c b/srtp/crypto/test/rand_gen.c
new file mode 100644
index 0000000..ccea097
--- /dev/null
+++ b/srtp/crypto/test/rand_gen.c
@@ -0,0 +1,140 @@
+/*
+ * rand_gen.c
+ *
+ * a random source (random number generator)
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <stdio.h> /* for printf() */
+#include <unistd.h> /* for getopt() */
+#include "crypto_kernel.h"
+
+/*
+ * MAX_PRINT_STRING_LEN is defined in datatypes.h, and is the length
+ * of the largest hexadecimal string that can be generated by the
+ * function octet_string_hex_string().
+ */
+
+#define BUF_LEN (MAX_PRINT_STRING_LEN/2)
+
+void
+usage(char *prog_name) {
+ printf("usage: %s -n <num_bytes> [-l][ -d debug_module ]*\n"
+ " -n <num> output <num> random bytes, where <num>"
+ " is between zero and %d\n"
+ " -l list the avaliable debug modules\n"
+ " -d <mod> turn on debugging module <mod>\n",
+ prog_name, BUF_LEN);
+ exit(255);
+}
+
+int
+main (int argc, char *argv[]) {
+ extern char *optarg;
+ int q;
+ int num_octets = 0;
+ unsigned do_list_mods = 0;
+ err_status_t status;
+
+ if (argc == 1)
+ usage(argv[0]);
+
+ /* initialize kernel - we need to do this before anything else */
+ status = crypto_kernel_init();
+ if (status) {
+ printf("error: crypto_kernel init failed\n");
+ exit(1);
+ }
+
+ /* process input arguments */
+ while (1) {
+ q = getopt(argc, argv, "ld:n:");
+ if (q == -1)
+ break;
+ switch (q) {
+ case 'd':
+ status = crypto_kernel_set_debug_module(optarg, 1);
+ if (status) {
+ printf("error: set debug module (%s) failed\n", optarg);
+ exit(1);
+ }
+ break;
+ case 'l':
+ do_list_mods = 1;
+ break;
+ case 'n':
+ num_octets = atoi(optarg);
+ if (num_octets < 0 || num_octets > BUF_LEN)
+ usage(argv[0]);
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ if (do_list_mods) {
+ status = crypto_kernel_list_debug_modules();
+ if (status) {
+ printf("error: list of debug modules failed\n");
+ exit(1);
+ }
+ }
+
+ if (num_octets > 0) {
+ uint8_t buffer[BUF_LEN];
+
+ status = crypto_get_random(buffer, num_octets);
+ if (status) {
+ printf("error: failure in random source\n");
+ } else {
+ printf("%s\n", octet_string_hex_string(buffer, num_octets));
+ }
+ }
+
+ status = crypto_kernel_shutdown();
+ if (status) {
+ printf("error: crypto_kernel shutdown failed\n");
+ exit(1);
+ }
+
+ return 0;
+}
+
diff --git a/srtp/crypto/test/sha1_driver b/srtp/crypto/test/sha1_driver
new file mode 100755
index 0000000..5fdbec4
--- /dev/null
+++ b/srtp/crypto/test/sha1_driver
Binary files differ
diff --git a/srtp/crypto/test/sha1_driver.c b/srtp/crypto/test/sha1_driver.c
new file mode 100644
index 0000000..f7cb6ca
--- /dev/null
+++ b/srtp/crypto/test/sha1_driver.c
@@ -0,0 +1,533 @@
+/*
+ * sha1_driver.c
+ *
+ * a test driver for SHA-1
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h>
+#include "sha1.h"
+
+#define SHA_PASS 0
+#define SHA_FAIL 1
+
+#define MAX_HASH_DATA_LEN 1024
+#define MAX_HASH_OUT_LEN 20
+
+typedef struct hash_test_case_t {
+ unsigned data_len; /* number of octets in data */
+ unsigned hash_len; /* number of octets output by hash */
+ uint8_t data[MAX_HASH_DATA_LEN]; /* message data */
+ uint8_t hash[MAX_HASH_OUT_LEN]; /* expected hash output */
+ struct hash_test_case_t *next_test_case;
+} hash_test_case_t;
+
+hash_test_case_t *sha1_test_case_list;
+
+err_status_t
+hash_test_case_add(hash_test_case_t **list_ptr,
+ char *hex_data,
+ unsigned data_len,
+ char *hex_hash,
+ unsigned hash_len) {
+ hash_test_case_t *list_head = *list_ptr;
+ hash_test_case_t *test_case;
+ unsigned tmp_len;
+
+ test_case = malloc(sizeof(hash_test_case_t));
+ if (test_case == NULL)
+ return err_status_alloc_fail;
+
+ tmp_len = hex_string_to_octet_string((char *)test_case->data, hex_data, data_len*2);
+ if (tmp_len != data_len*2)
+ return err_status_parse_err;
+
+ tmp_len = hex_string_to_octet_string((char *)test_case->hash, hex_hash, hash_len*2);
+ if (tmp_len != hash_len*2)
+ return err_status_parse_err;
+
+ test_case->data_len = data_len;
+ test_case->hash_len = hash_len;
+
+ /* add the new test case to the head of the list */
+ test_case->next_test_case = list_head;
+ *list_ptr = test_case;
+
+ return err_status_ok;
+}
+
+err_status_t
+sha1_test_case_validate(const hash_test_case_t *test_case) {
+ sha1_ctx_t ctx;
+ uint32_t hash_value[5];
+
+ if (test_case == NULL)
+ return err_status_bad_param;
+
+ if (test_case->hash_len != 20)
+ return err_status_bad_param;
+ if (test_case->data_len > MAX_HASH_DATA_LEN)
+ return err_status_bad_param;
+
+ sha1_init(&ctx);
+ sha1_update(&ctx, test_case->data, test_case->data_len);
+ sha1_final(&ctx, hash_value);
+ if (0 == memcmp(test_case->hash, hash_value, 20)) {
+#if VERBOSE
+ printf("PASSED: reference value: %s\n",
+ octet_string_hex_string((uint8_t *)test_case->hash, 20));
+ printf("PASSED: computed value: %s\n",
+ octet_string_hex_string((uint8_t *)hash_value, 20));
+#endif
+ return err_status_ok;
+ }
+
+ printf("reference value: %s\n",
+ octet_string_hex_string((uint8_t *)test_case->hash, 20));
+ printf("computed value: %s\n",
+ octet_string_hex_string((uint8_t *)hash_value, 20));
+
+ return err_status_algo_fail;
+
+}
+
+struct hex_sha1_test_case_t {
+ unsigned bit_len;
+ char hex_data[MAX_HASH_DATA_LEN*2];
+ char hex_hash[40];
+};
+
+err_status_t
+sha1_add_test_cases() {
+ int i;
+ err_status_t err;
+
+ /*
+ * these test cases are taken from the "SHA-1 Sample Vectors"
+ * provided by NIST at http://csrc.nist.gov/cryptval/shs.html
+ */
+
+ struct hex_sha1_test_case_t tc[] = {
+ {
+ 0,
+ "",
+ "da39a3ee5e6b4b0d3255bfef95601890afd80709"
+ },
+ {
+ 8,
+ "a8",
+ "99f2aa95e36f95c2acb0eaf23998f030638f3f15"
+ },
+ {
+ 16,
+ "3000",
+ "f944dcd635f9801f7ac90a407fbc479964dec024"
+ },
+ {
+ 24,
+ "42749e",
+ "a444319e9b6cc1e8464c511ec0969c37d6bb2619"
+ },
+ {
+ 32,
+ "9fc3fe08",
+ "16a0ff84fcc156fd5d3ca3a744f20a232d172253"
+ },
+ {
+ 40,
+ "b5c1c6f1af",
+ "fec9deebfcdedaf66dda525e1be43597a73a1f93"
+ },
+ {
+ 48,
+ "e47571e5022e",
+ "8ce051181f0ed5e9d0c498f6bc4caf448d20deb5"
+ },
+ {
+ 56,
+ "3e1b28839fb758",
+ "67da53837d89e03bf652ef09c369a3415937cfd3"
+ },
+ {
+ 64,
+ "a81350cbb224cb90",
+ "305e4ff9888ad855a78573cddf4c5640cce7e946"
+ },
+ {
+ 72, "c243d167923dec3ce1",
+ "5902b77b3265f023f9bbc396ba1a93fa3509bde7"
+ },
+ {
+ 80,
+ "50ac18c59d6a37a29bf4",
+ "fcade5f5d156bf6f9af97bdfa9c19bccfb4ff6ab"
+ },
+ {
+ 88,
+ "98e2b611ad3b1cccf634f6",
+ "1d20fbe00533c10e3cbd6b27088a5de0c632c4b5"
+ },
+ {
+ 96,
+ "73fe9afb68e1e8712e5d4eec",
+ "7e1b7e0f7a8f3455a9c03e9580fd63ae205a2d93"
+ },
+ {
+ 104,
+ "9e701ed7d412a9226a2a130e66",
+ "706f0677146307b20bb0e8d6311e329966884d13"
+ },
+ {
+ 112,
+ "6d3ee90413b0a7cbf69e5e6144ca",
+ "a7241a703aaf0d53fe142f86bf2e849251fa8dff"
+ },
+ {
+ 120,
+ "fae24d56514efcb530fd4802f5e71f",
+ "400f53546916d33ad01a5e6df66822dfbdc4e9e6"
+ },
+ {
+ 128,
+ "c5a22dd6eda3fe2bdc4ddb3ce6b35fd1",
+ "fac8ab93c1ae6c16f0311872b984f729dc928ccd"
+ },
+ {
+ 136,
+ "d98cded2adabf08fda356445c781802d95",
+ "fba6d750c18da58f6e2aab10112b9a5ef3301b3b"
+ },
+ {
+ 144,
+ "bcc6d7087a84f00103ccb32e5f5487a751a2",
+ "29d27c2d44c205c8107f0351b05753ac708226b6"
+ },
+ {
+ 152,
+ "36ecacb1055434190dbbc556c48bafcb0feb0d",
+ "b971bfc1ebd6f359e8d74cb7ecfe7f898d0ba845"
+ },
+ {
+ 160,
+ "5ff9edb69e8f6bbd498eb4537580b7fba7ad31d0",
+ "96d08c430094b9fcc164ad2fb6f72d0a24268f68"
+ },
+ {
+ 168, "c95b441d8270822a46a798fae5defcf7b26abace36",
+ "a287ea752a593d5209e287881a09c49fa3f0beb1"
+ },
+ {
+ 176,
+ "83104c1d8a55b28f906f1b72cb53f68cbb097b44f860",
+ "a06c713779cbd88519ed4a585ac0cb8a5e9d612b"
+ },
+ {
+ 184,
+ "755175528d55c39c56493d697b790f099a5ce741f7754b",
+ "bff7d52c13a3688132a1d407b1ab40f5b5ace298"
+ },
+ {
+ 192,
+ "088fc38128bbdb9fd7d65228b3184b3faac6c8715f07272f",
+ "c7566b91d7b6f56bdfcaa9781a7b6841aacb17e9"
+ },
+ {
+ 200,
+ "a4a586eb9245a6c87e3adf1009ac8a49f46c07e14185016895",
+ "ffa30c0b5c550ea4b1e34f8a60ec9295a1e06ac1"
+ },
+ {
+ 208,
+ "8e7c555270c006092c2a3189e2a526b873e2e269f0fb28245256",
+ "29e66ed23e914351e872aa761df6e4f1a07f4b81"
+ },
+ {
+ 216,
+ "a5f3bfa6bb0ba3b59f6b9cbdef8a558ec565e8aa3121f405e7f2f0",
+ "b28cf5e5b806a01491d41f69bd9248765c5dc292"
+ },
+ {
+ 224,
+ "589054f0d2bd3c2c85b466bfd8ce18e6ec3e0b87d944cd093ba36469",
+ "60224fb72c46069652cd78bcd08029ef64da62f3"
+ },
+ {
+ 232,
+ "a0abb12083b5bbc78128601bf1cbdbc0fdf4b862b24d899953d8da0ff3",
+ "b72c4a86f72608f24c05f3b9088ef92fba431df7"
+ },
+ {
+ 240,
+ "82143f4cea6fadbf998e128a8811dc75301cf1db4f079501ea568da68eeb",
+ "73779ad5d6b71b9b8328ef7220ff12eb167076ac"
+ },
+ {
+ 248,
+ "9f1231dd6df1ff7bc0b0d4f989d048672683ce35d956d2f57913046267e6f3",
+ "a09671d4452d7cf50015c914a1e31973d20cc1a0"
+ },
+ {
+ 256,
+ "041c512b5eed791f80d3282f3a28df263bb1df95e1239a7650e5670fc2187919",
+ "e88cdcd233d99184a6fd260b8fca1b7f7687aee0"
+ },
+ {
+ 264,
+ "17e81f6ae8c2e5579d69dafa6e070e7111461552d314b691e7a3e7a4feb3fae418",
+ "010def22850deb1168d525e8c84c28116cb8a269"
+ },
+ {
+ 272,
+ "d15976b23a1d712ad28fad04d805f572026b54dd64961fda94d5355a0cc98620cf77",
+ "aeaa40ba1717ed5439b1e6ea901b294ba500f9ad"
+ },
+ {
+ 280,
+ "09fce4d434f6bd32a44e04b848ff50ec9f642a8a85b37a264dc73f130f22838443328f",
+ "c6433791238795e34f080a5f1f1723f065463ca0"
+ },
+ {
+ 288, "f17af27d776ec82a257d8d46d2b46b639462c56984cc1be9c1222eadb8b26594a25c709d",
+ "e21e22b89c1bb944a32932e6b2a2f20d491982c3"
+ },
+ {
+ 296,
+ "b13ce635d6f8758143ffb114f2f601cb20b6276951416a2f94fbf4ad081779d79f4f195b22",
+ "575323a9661f5d28387964d2ba6ab92c17d05a8a"
+ },
+ {
+ 304,
+ "5498793f60916ff1c918dde572cdea76da8629ba4ead6d065de3dfb48de94d234cc1c5002910",
+ "feb44494af72f245bfe68e86c4d7986d57c11db7"
+ },
+ {
+ 312,
+ "498a1e0b39fa49582ae688cd715c86fbaf8a81b8b11b4d1594c49c902d197c8ba8a621fd6e3be5",
+ "cff2290b3648ba2831b98dde436a72f9ebf51eee"
+ },
+ {
+ 320,
+ "3a36ae71521f9af628b3e34dcb0d4513f84c78ee49f10416a98857150b8b15cb5c83afb4b570376e",
+ "9b4efe9d27b965905b0c3dab67b8d7c9ebacd56c"
+ },
+ {
+ 328,
+ "dcc76b40ae0ea3ba253e92ac50fcde791662c5b6c948538cffc2d95e9de99cac34dfca38910db2678f",
+ "afedb0ff156205bcd831cbdbda43db8b0588c113"
+ },
+ {
+ 336,
+ "5b5ec6ec4fd3ad9c4906f65c747fd4233c11a1736b6b228b92e90cddabb0c7c2fcf9716d3fad261dff33",
+ "8deb1e858f88293a5e5e4d521a34b2a4efa70fc4"
+ },
+ {
+ 344,
+ "df48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab",
+ "95cbdac0f74afa69cebd0e5c7defbc6faf0cbeaf"
+ },
+ {
+ 352,
+ "1f179b3b82250a65e1b0aee949e218e2f45c7a8dbfd6ba08de05c55acfc226b48c68d7f7057e5675cd96fcfc",
+ "f0307bcb92842e5ae0cd4f4f14f3df7f877fbef2"
+ },
+ {
+ 360,
+ "ee3d72da3a44d971578972a8e6780ce64941267e0f7d0179b214fa97855e1790e888e09fbe3a70412176cb3b54",
+ "7b13bb0dbf14964bd63b133ac85e22100542ef55"
+ },
+ {
+ 368,
+ "d4d4c7843d312b30f610b3682254c8be96d5f6684503f8fbfbcd15774fc1b084d3741afb8d24aaa8ab9c104f7258",
+ "c314d2b6cf439be678d2a74e890d96cfac1c02ed"
+ },
+ {
+ 376,
+ "32c094944f5936a190a0877fb9178a7bf60ceae36fd530671c5b38c5dbd5e6a6c0d615c2ac8ad04b213cc589541cf6",
+ "4d0be361e410b47a9d67d8ce0bb6a8e01c53c078"
+ },
+ {
+ 384,
+ "e5d3180c14bf27a5409fa12b104a8fd7e9639609bfde6ee82bbf9648be2546d29688a65e2e3f3da47a45ac14343c9c02",
+ "e5353431ffae097f675cbf498869f6fbb6e1c9f2"
+ },
+ {
+ 392,
+ "e7b6e4b69f724327e41e1188a37f4fe38b1dba19cbf5a7311d6e32f1038e97ab506ee05aebebc1eed09fc0e357109818b9",
+ "b8720a7068a085c018ab18961de2765aa6cd9ac4"
+ },
+ {
+ 400,
+ "bc880cb83b8ac68ef2fedc2da95e7677ce2aa18b0e2d8b322701f67af7d5e7a0d96e9e33326ccb7747cfff0852b961bfd475",
+ "b0732181568543ba85f2b6da602b4b065d9931aa"
+ },
+ {
+ 408,
+ "235ea9c2ba7af25400f2e98a47a291b0bccdaad63faa2475721fda5510cc7dad814bce8dabb611790a6abe56030b798b75c944",
+ "9c22674cf3222c3ba921672694aafee4ce67b96b"
+ },
+ {
+ 416,
+ "07e3e29fed63104b8410f323b975fd9fba53f636af8c4e68a53fb202ca35dd9ee07cb169ec5186292e44c27e5696a967f5e67709",
+ "d128335f4cecca9066cdae08958ce656ff0b4cfc"
+ },
+ {
+ 424,
+ "65d2a1dd60a517eb27bfbf530cf6a5458f9d5f4730058bd9814379547f34241822bf67e6335a6d8b5ed06abf8841884c636a25733f",
+ "0b67c57ac578de88a2ae055caeaec8bb9b0085a0"
+ },
+ {
+ 432,
+ "dcc86b3bd461615bab739d8daafac231c0f462e819ad29f9f14058f3ab5b75941d4241ea2f17ebb8a458831b37a9b16dead4a76a9b0e",
+ "c766f912a89d4ccda88e0cce6a713ef5f178b596"
+ },
+ {
+ 440,
+ "4627d54f0568dc126b62a8c35fb46a9ac5024400f2995e51635636e1afc4373dbb848eb32df23914230560b82477e9c3572647a7f2bb92",
+ "9aa3925a9dcb177b15ccff9b78e70cf344858779"
+ },
+ {
+ 448,
+ "ba531affd4381168ef24d8b275a84d9254c7f5cc55fded53aa8024b2c5c5c8aa7146fe1d1b83d62b70467e9a2e2cb67b3361830adbab28d7",
+ "4811fa30042fc076acf37c8e2274d025307e5943"
+ },
+ {
+ 456,
+ "8764dcbcf89dcf4282eb644e3d568bdccb4b13508bfa7bfe0ffc05efd1390be22109969262992d377691eb4f77f3d59ea8466a74abf57b2ef4",
+ "6743018450c9730761ee2b130df9b91c1e118150"
+ },
+ {
+ 464,
+ "497d9df9ddb554f3d17870b1a31986c1be277bc44feff713544217a9f579623d18b5ffae306c25a45521d2759a72c0459b58957255ab592f3be4",
+ "71ad4a19d37d92a5e6ef3694ddbeb5aa61ada645"
+ },
+ {
+ 472,
+ "72c3c2e065aefa8d9f7a65229e818176eef05da83f835107ba90ec2e95472e73e538f783b416c04654ba8909f26a12db6e5c4e376b7615e4a25819",
+ "a7d9dc68dacefb7d6116186048cb355cc548e11d"
+ },
+ {
+ 480,
+ "7cc9894454d0055ab5069a33984e2f712bef7e3124960d33559f5f3b81906bb66fe64da13c153ca7f5cabc89667314c32c01036d12ecaf5f9a78de98",
+ "142e429f0522ba5abf5131fa81df82d355b96909"
+ },
+ {
+ 488,
+ "74e8404d5a453c5f4d306f2cfa338ca65501c840ddab3fb82117933483afd6913c56aaf8a0a0a6b2a342fc3d9dc7599f4a850dfa15d06c61966d74ea59",
+ "ef72db70dcbcab991e9637976c6faf00d22caae9"
+ },
+ {
+ 496,
+ "46fe5ed326c8fe376fcc92dc9e2714e2240d3253b105adfbb256ff7a19bc40975c604ad7c0071c4fd78a7cb64786e1bece548fa4833c04065fe593f6fb10",
+ "f220a7457f4588d639dc21407c942e9843f8e26b"
+ },
+ {
+ 504,
+ "836dfa2524d621cf07c3d2908835de859e549d35030433c796b81272fd8bc0348e8ddbc7705a5ad1fdf2155b6bc48884ac0cd376925f069a37849c089c8645",
+ "ddd2117b6e309c233ede85f962a0c2fc215e5c69"
+ },
+ {
+ 512,
+ "7e3a4c325cb9c52b88387f93d01ae86d42098f5efa7f9457388b5e74b6d28b2438d42d8b64703324d4aa25ab6aad153ae30cd2b2af4d5e5c00a8a2d0220c6116",
+ "a3054427cdb13f164a610b348702724c808a0dcc"
+ }
+ };
+
+
+ for (i=0; i < 65; i++) {
+ err = hash_test_case_add(&sha1_test_case_list,
+ tc[i].hex_data,
+ tc[i].bit_len/8,
+ tc[i].hex_hash, 20);
+ if (err) {
+ printf("error adding hash test case (code %d)\n", err);
+ return err;
+ }
+ }
+
+ return err_status_ok;
+}
+
+
+err_status_t
+sha1_validate(void) {
+ hash_test_case_t *test_case;
+ err_status_t err;
+
+ err = sha1_add_test_cases();
+ if (err) {
+ printf("error adding SHA1 test cases (error code %d)\n", err);
+ return err;
+ }
+
+ if (sha1_test_case_list == NULL)
+ return err_status_cant_check;
+
+ test_case = sha1_test_case_list;
+ while (test_case != NULL) {
+ err = sha1_test_case_validate(test_case);
+ if (err) {
+ printf("error validating hash test case (error code %d)\n", err);
+ return err;
+ }
+ test_case = test_case->next_test_case;
+ }
+
+ return err_status_ok;
+}
+
+
+
+int
+main (void) {
+ err_status_t err;
+
+ printf("sha1 test driver\n");
+
+ err = sha1_validate();
+ if (err) {
+ printf("SHA1 did not pass validation testing\n");
+ return 1;
+ }
+ printf("SHA1 passed validation tests\n");
+
+ return 0;
+
+}
diff --git a/srtp/crypto/test/stat_driver b/srtp/crypto/test/stat_driver
new file mode 100755
index 0000000..623e6de
--- /dev/null
+++ b/srtp/crypto/test/stat_driver
Binary files differ
diff --git a/srtp/crypto/test/stat_driver.c b/srtp/crypto/test/stat_driver.c
new file mode 100644
index 0000000..09cc44a
--- /dev/null
+++ b/srtp/crypto/test/stat_driver.c
@@ -0,0 +1,101 @@
+/*
+ * stat-driver.c
+ *
+ * test driver for the stat_test functions
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+
+#include <stdio.h> /* for printf() */
+
+#include "err.h"
+#include "stat.h"
+
+#include "cipher.h"
+
+typedef struct {
+ void *state;
+} random_source_t;
+
+err_status_t
+random_source_alloc(void);
+
+void
+err_check(err_status_t s) {
+ if (s) {
+ printf("error (code %d)\n", s);
+ exit(1);
+ }
+}
+
+int
+main (int argc, char *argv[]) {
+ uint8_t buffer[2500];
+ unsigned int buf_len = 2500;
+ int i, j;
+ extern cipher_type_t aes_icm;
+ cipher_t *c;
+ uint8_t key[30] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05
+ };
+ v128_t nonce;
+ int num_trials = 500;
+ int num_fail;
+
+ printf("statistical tests driver\n");
+
+ for (i=0; i < 2500; i++)
+ buffer[i] = 0;
+
+ /* run tests */
+ printf("running stat_tests on all-null buffer, expecting failure\n");
+ printf("monobit %d\n", stat_test_monobit(buffer));
+ printf("poker %d\n", stat_test_poker(buffer));
+ printf("runs %d\n", stat_test_runs(buffer));
+
+ for (i=0; i < 2500; i++)
+ buffer[i] = rand();
+ printf("running stat_tests on rand(), expecting success\n");
+ printf("monobit %d\n", stat_test_monobit(buffer));
+ printf("poker %d\n", stat_test_poker(buffer));
+ printf("runs %d\n", stat_test_runs(buffer));
+
+ printf("running stat_tests on AES-128-ICM, expecting success\n");
+ /* set buffer to cipher output */
+ for (i=0; i < 2500; i++)
+ buffer[i] = 0;
+ err_check(cipher_type_alloc(&aes_icm, &c, 30));
+ err_check(cipher_init(c, key, direction_encrypt));
+ err_check(cipher_set_iv(c, &nonce));
+ err_check(cipher_encrypt(c, buffer, &buf_len));
+ /* run tests on cipher outout */
+ printf("monobit %d\n", stat_test_monobit(buffer));
+ printf("poker %d\n", stat_test_poker(buffer));
+ printf("runs %d\n", stat_test_runs(buffer));
+
+ printf("runs test (please be patient): ");
+ fflush(stdout);
+ num_fail = 0;
+ v128_set_to_zero(&nonce);
+ for(j=0; j < num_trials; j++) {
+ for (i=0; i < 2500; i++)
+ buffer[i] = 0;
+ nonce.v32[3] = i;
+ err_check(cipher_set_iv(c, &nonce));
+ err_check(cipher_encrypt(c, buffer, &buf_len));
+ if (stat_test_runs(buffer)) {
+ num_fail++;
+ }
+ }
+
+ printf("%d failures in %d tests\n", num_fail, num_trials);
+ printf("(nota bene: a small fraction of stat_test failures does not \n"
+ "indicate that the random source is invalid)\n");
+
+ return 0;
+}
diff --git a/srtp/doc/.cvsignore b/srtp/doc/.cvsignore
new file mode 100644
index 0000000..55a080a
--- /dev/null
+++ b/srtp/doc/.cvsignore
@@ -0,0 +1,3 @@
+Makefile
+header.tex
+latex
diff --git a/srtp/doc/CVS/Entries b/srtp/doc/CVS/Entries
new file mode 100644
index 0000000..3387ba1
--- /dev/null
+++ b/srtp/doc/CVS/Entries
@@ -0,0 +1,11 @@
+/.cvsignore/1.2/Thu Sep 29 14:31:57 2005//
+/Doxyfile/1.3/Wed Jul 12 00:50:56 2006//
+/Makefile.in/1.2/Thu Sep 29 14:27:35 2005//
+/crypto_kernel.txt/1.2/Thu Sep 29 12:36:43 2005//
+/draft-irtf-cfrg-icm-00.txt/1.1.1.1/Wed Sep 21 22:51:41 2005//
+/header.template/1.2/Thu Jun 8 18:44:32 2006//
+/intro.txt/1.4/Fri Sep 30 17:30:26 2005//
+/references.txt/1.1.1.1/Wed Sep 21 22:51:44 2005//
+/rfc3711.txt/1.1.1.1/Wed Sep 21 22:51:45 2005//
+/libsrtp.pdf/1.7/Fri May 4 20:12:04 2007//
+D
diff --git a/srtp/doc/CVS/Repository b/srtp/doc/CVS/Repository
new file mode 100644
index 0000000..f8aaa51
--- /dev/null
+++ b/srtp/doc/CVS/Repository
@@ -0,0 +1 @@
+srtp/doc
diff --git a/srtp/doc/CVS/Root b/srtp/doc/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/doc/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/doc/Doxyfile b/srtp/doc/Doxyfile
new file mode 100644
index 0000000..c6e6a6d
--- /dev/null
+++ b/srtp/doc/Doxyfile
@@ -0,0 +1,1042 @@
+# Doxyfile 1.3-rc3
+
+# This file describes the settings to be used by the documentation system
+# doxygen (www.doxygen.org) for a project
+#
+# All text after a hash (#) is considered a comment and will be ignored
+# The format is:
+# TAG = value [value, ...]
+# For lists items can also be appended using:
+# TAG += value [value, ...]
+# Values that contain spaces should be placed between quotes (" ")
+
+#---------------------------------------------------------------------------
+# General configuration options
+#---------------------------------------------------------------------------
+
+# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
+# by quotes) that should identify the project.
+
+PROJECT_NAME = libSRTP
+
+# The PROJECT_NUMBER tag can be used to enter a project or revision number.
+# This could be handy for archiving the generated documentation or
+# if some version control system is used.
+
+PROJECT_NUMBER = 1.3.22
+
+# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
+# base path where the generated documentation will be put.
+# If a relative path is entered, it will be relative to the location
+# where doxygen was started. If left blank the current directory will be used.
+
+OUTPUT_DIRECTORY =
+
+# The OUTPUT_LANGUAGE tag is used to specify the language in which all
+# documentation generated by doxygen is written. Doxygen will use this
+# information to generate all constant output in the proper language.
+# The default language is English, other supported languages are:
+# Brazilian, Catalan, Chinese, Chinese-Traditional, Croatian, Czech, Danish, Dutch,
+# Finnish, French, German, Greek, Hungarian, Italian, Japanese, Japanese-en
+# (Japanese with english messages), Korean, Norwegian, Polish, Portuguese,
+# Romanian, Russian, Serbian, Slovak, Slovene, Spanish, Swedish and Ukrainian.
+
+OUTPUT_LANGUAGE = English
+
+# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in
+# documentation are documented, even if no documentation was available.
+# Private class members and static file members will be hidden unless
+# the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES
+
+EXTRACT_ALL = NO
+
+# If the EXTRACT_PRIVATE tag is set to YES all private members of a class
+# will be included in the documentation.
+
+EXTRACT_PRIVATE = NO
+
+# If the EXTRACT_STATIC tag is set to YES all static members of a file
+# will be included in the documentation.
+
+EXTRACT_STATIC = NO
+
+# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs)
+# defined locally in source files will be included in the documentation.
+# If set to NO only classes defined in header files are included.
+
+EXTRACT_LOCAL_CLASSES = YES
+
+# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all
+# undocumented members of documented classes, files or namespaces.
+# If set to NO (the default) these members will be included in the
+# various overviews, but no documentation section is generated.
+# This option has no effect if EXTRACT_ALL is enabled.
+
+HIDE_UNDOC_MEMBERS = YES
+
+# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all
+# undocumented classes that are normally visible in the class hierarchy.
+# If set to NO (the default) these class will be included in the various
+# overviews. This option has no effect if EXTRACT_ALL is enabled.
+
+HIDE_UNDOC_CLASSES = NO
+
+# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all
+# friend (class|struct|union) declarations.
+# If set to NO (the default) these declarations will be included in the
+# documentation.
+
+HIDE_FRIEND_COMPOUNDS = NO
+
+# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any
+# documentation blocks found inside the body of a function.
+# If set to NO (the default) these blocks will be appended to the
+# function's detailed documentation block.
+
+HIDE_IN_BODY_DOCS = NO
+
+# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will
+# include brief member descriptions after the members that are listed in
+# the file and class documentation (similar to JavaDoc).
+# Set to NO to disable this.
+
+BRIEF_MEMBER_DESC = YES
+
+# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend
+# the brief description of a member or function before the detailed description.
+# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the
+# brief descriptions will be completely suppressed.
+
+REPEAT_BRIEF = NO
+
+# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then
+# Doxygen will generate a detailed section even if there is only a brief
+# description.
+
+ALWAYS_DETAILED_SEC = NO
+
+# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show
+# all inherited members of a class in the documentation of that class
+# as if those members were ordinary class members. Constructors,
+# destructors and assignment operators of the base classes will not be
+# shown.
+
+INLINE_INHERITED_MEMB = NO
+
+# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full
+# path before files name in the file list and in the header files. If set
+# to NO the shortest path that makes the file name unique will be used.
+
+FULL_PATH_NAMES = NO
+
+# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag
+# can be used to strip a user defined part of the path. Stripping is
+# only done if one of the specified strings matches the left-hand part of
+# the path. It is allowed to use relative paths in the argument list.
+
+STRIP_FROM_PATH =
+
+# The INTERNAL_DOCS tag determines if documentation
+# that is typed after a \internal command is included. If the tag is set
+# to NO (the default) then the documentation will be excluded.
+# Set it to YES to include the internal documentation.
+
+INTERNAL_DOCS = NO
+
+# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate
+# file names in lower case letters. If set to YES upper case letters are also
+# allowed. This is useful if you have classes or files whose names only differ
+# in case and if your file system supports case sensitive file names. Windows
+# users are adviced to set this option to NO.
+
+CASE_SENSE_NAMES = YES
+
+# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter
+# (but less readable) file names. This can be useful is your file systems
+# doesn't support long names like on DOS, Mac, or CD-ROM.
+
+SHORT_NAMES = NO
+
+# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen
+# will show members with their full class and namespace scopes in the
+# documentation. If set to YES the scope will be hidden.
+
+HIDE_SCOPE_NAMES = NO
+
+# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen
+# will generate a verbatim copy of the header file for each class for
+# which an include is specified. Set to NO to disable this.
+
+VERBATIM_HEADERS = YES
+
+# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen
+# will put list of the files that are included by a file in the documentation
+# of that file.
+
+SHOW_INCLUDE_FILES = NO
+
+# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen
+# will interpret the first line (until the first dot) of a JavaDoc-style
+# comment as the brief description. If set to NO, the JavaDoc
+# comments will behave just like the Qt-style comments (thus requiring an
+# explict @brief command for a brief description.
+
+JAVADOC_AUTOBRIEF = NO
+
+# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen
+# treat a multi-line C++ special comment block (i.e. a block of //! or ///
+# comments) as a brief description. This used to be the default behaviour.
+# The new default is to treat a multi-line C++ comment block as a detailed
+# description. Set this tag to YES if you prefer the old behaviour instead.
+
+MULTILINE_CPP_IS_BRIEF = NO
+
+# If the DETAILS_AT_TOP tag is set to YES then Doxygen
+# will output the detailed description near the top, like JavaDoc.
+# If set to NO, the detailed description appears after the member
+# documentation.
+
+DETAILS_AT_TOP = NO
+
+# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented
+# member inherits the documentation from any documented member that it
+# reimplements.
+
+INHERIT_DOCS = YES
+
+# If the INLINE_INFO tag is set to YES (the default) then a tag [inline]
+# is inserted in the documentation for inline members.
+
+INLINE_INFO = YES
+
+# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen
+# will sort the (detailed) documentation of file and class members
+# alphabetically by member name. If set to NO the members will appear in
+# declaration order.
+
+SORT_MEMBER_DOCS = YES
+
+# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC
+# tag is set to YES, then doxygen will reuse the documentation of the first
+# member in the group (if any) for the other members of the group. By default
+# all members of a group must be documented explicitly.
+
+DISTRIBUTE_GROUP_DOC = NO
+
+# The TAB_SIZE tag can be used to set the number of spaces in a tab.
+# Doxygen uses this value to replace tabs by spaces in code fragments.
+
+TAB_SIZE = 3
+
+# The GENERATE_TODOLIST tag can be used to enable (YES) or
+# disable (NO) the todo list. This list is created by putting \todo
+# commands in the documentation.
+
+GENERATE_TODOLIST = YES
+
+# The GENERATE_TESTLIST tag can be used to enable (YES) or
+# disable (NO) the test list. This list is created by putting \test
+# commands in the documentation.
+
+GENERATE_TESTLIST = YES
+
+# The GENERATE_BUGLIST tag can be used to enable (YES) or
+# disable (NO) the bug list. This list is created by putting \bug
+# commands in the documentation.
+
+GENERATE_BUGLIST = YES
+
+# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or
+# disable (NO) the deprecated list. This list is created by putting
+# \deprecated commands in the documentation.
+
+GENERATE_DEPRECATEDLIST= YES
+
+# This tag can be used to specify a number of aliases that acts
+# as commands in the documentation. An alias has the form "name=value".
+# For example adding "sideeffect=\par Side Effects:\n" will allow you to
+# put the command \sideeffect (or @sideeffect) in the documentation, which
+# will result in a user defined paragraph with heading "Side Effects:".
+# You can put \n's in the value part of an alias to insert newlines.
+
+ALIASES =
+
+# The ENABLED_SECTIONS tag can be used to enable conditional
+# documentation sections, marked by \if sectionname ... \endif.
+
+ENABLED_SECTIONS =
+
+# The MAX_INITIALIZER_LINES tag determines the maximum number of lines
+# the initial value of a variable or define consist of for it to appear in
+# the documentation. If the initializer consists of more lines than specified
+# here it will be hidden. Use a value of 0 to hide initializers completely.
+# The appearance of the initializer of individual variables and defines in the
+# documentation can be controlled using \showinitializer or \hideinitializer
+# command in the documentation regardless of this setting.
+
+MAX_INITIALIZER_LINES = 30
+
+# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources
+# only. Doxygen will then generate output that is more tailored for C.
+# For instance some of the names that are used will be different. The list
+# of all members will be omitted, etc.
+
+OPTIMIZE_OUTPUT_FOR_C = YES
+
+# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java sources
+# only. Doxygen will then generate output that is more tailored for Java.
+# For instance namespaces will be presented as packages, qualified scopes
+# will look different, etc.
+
+OPTIMIZE_OUTPUT_JAVA = NO
+
+# Set the SHOW_USED_FILES tag to NO to disable the list of files generated
+# at the bottom of the documentation of classes and structs. If set to YES the
+# list will mention the files that were used to generate the documentation.
+
+SHOW_USED_FILES = YES
+
+#---------------------------------------------------------------------------
+# configuration options related to warning and progress messages
+#---------------------------------------------------------------------------
+
+# The QUIET tag can be used to turn on/off the messages that are generated
+# by doxygen. Possible values are YES and NO. If left blank NO is used.
+
+QUIET = NO
+
+# The WARNINGS tag can be used to turn on/off the warning messages that are
+# generated by doxygen. Possible values are YES and NO. If left blank
+# NO is used.
+
+WARNINGS = YES
+
+# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings
+# for undocumented members. If EXTRACT_ALL is set to YES then this flag will
+# automatically be disabled.
+
+WARN_IF_UNDOCUMENTED = YES
+
+# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for
+# potential errors in the documentation, such as not documenting some
+# parameters in a documented function, or documenting parameters that
+# don't exist or using markup commands wrongly.
+
+WARN_IF_DOC_ERROR = YES
+
+# The WARN_FORMAT tag determines the format of the warning messages that
+# doxygen can produce. The string should contain the $file, $line, and $text
+# tags, which will be replaced by the file and line number from which the
+# warning originated and the warning text.
+
+WARN_FORMAT = "$file:$line: $text"
+
+# The WARN_LOGFILE tag can be used to specify a file to which warning
+# and error messages should be written. If left blank the output is written
+# to stderr.
+
+WARN_LOGFILE =
+
+#---------------------------------------------------------------------------
+# configuration options related to the input files
+#---------------------------------------------------------------------------
+
+# The INPUT tag can be used to specify the files and/or directories that contain
+# documented source files. You may enter file names like "myfile.cpp" or
+# directories like "/usr/src/myproject". Separate the files or directories
+# with spaces.
+
+INPUT = intro.txt ../include/srtp.h ../crypto/include/crypto_types.h ../crypto/include/err.h ../crypto/include/crypto.h crypto_kernel.txt
+
+# If the value of the INPUT tag contains directories, you can use the
+# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
+# and *.h) to filter out the source-files in the directories. If left
+# blank the following patterns are tested:
+# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx *.hpp
+# *.h++ *.idl *.odl
+
+FILE_PATTERNS =
+
+# The RECURSIVE tag can be used to turn specify whether or not subdirectories
+# should be searched for input files as well. Possible values are YES and NO.
+# If left blank NO is used.
+
+RECURSIVE = NO
+
+# The EXCLUDE tag can be used to specify files and/or directories that should
+# excluded from the INPUT source files. This way you can easily exclude a
+# subdirectory from a directory tree whose root is specified with the INPUT tag.
+
+EXCLUDE =
+
+# The EXCLUDE_SYMLINKS tag can be used select whether or not files or directories
+# that are symbolic links (a Unix filesystem feature) are excluded from the input.
+
+EXCLUDE_SYMLINKS = NO
+
+# If the value of the INPUT tag contains directories, you can use the
+# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
+# certain files from those directories.
+
+EXCLUDE_PATTERNS =
+
+# The EXAMPLE_PATH tag can be used to specify one or more files or
+# directories that contain example code fragments that are included (see
+# the \include command).
+
+EXAMPLE_PATH =
+
+# If the value of the EXAMPLE_PATH tag contains directories, you can use the
+# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
+# and *.h) to filter out the source-files in the directories. If left
+# blank all files are included.
+
+EXAMPLE_PATTERNS =
+
+# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be
+# searched for input files to be used with the \include or \dontinclude
+# commands irrespective of the value of the RECURSIVE tag.
+# Possible values are YES and NO. If left blank NO is used.
+
+EXAMPLE_RECURSIVE = NO
+
+# The IMAGE_PATH tag can be used to specify one or more files or
+# directories that contain image that are included in the documentation (see
+# the \image command).
+
+IMAGE_PATH =
+
+# The INPUT_FILTER tag can be used to specify a program that doxygen should
+# invoke to filter for each input file. Doxygen will invoke the filter program
+# by executing (via popen()) the command <filter> <input-file>, where <filter>
+# is the value of the INPUT_FILTER tag, and <input-file> is the name of an
+# input file. Doxygen will then use the output that the filter program writes
+# to standard output.
+
+INPUT_FILTER =
+
+# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using
+# INPUT_FILTER) will be used to filter the input files when producing source
+# files to browse (i.e. when SOURCE_BROWSER is set to YES).
+
+FILTER_SOURCE_FILES = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to source browsing
+#---------------------------------------------------------------------------
+
+# If the SOURCE_BROWSER tag is set to YES then a list of source files will
+# be generated. Documented entities will be cross-referenced with these sources.
+
+SOURCE_BROWSER = NO
+
+# Setting the INLINE_SOURCES tag to YES will include the body
+# of functions and classes directly in the documentation.
+
+INLINE_SOURCES = NO
+
+# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct
+# doxygen to hide any special comment blocks from generated source code
+# fragments. Normal C and C++ comments will always remain visible.
+
+STRIP_CODE_COMMENTS = YES
+
+# If the REFERENCED_BY_RELATION tag is set to YES (the default)
+# then for each documented function all documented
+# functions referencing it will be listed.
+
+REFERENCED_BY_RELATION = YES
+
+# If the REFERENCES_RELATION tag is set to YES (the default)
+# then for each documented function all documented entities
+# called/used by that function will be listed.
+
+REFERENCES_RELATION = YES
+
+#---------------------------------------------------------------------------
+# configuration options related to the alphabetical class index
+#---------------------------------------------------------------------------
+
+# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index
+# of all compounds will be generated. Enable this if the project
+# contains a lot of classes, structs, unions or interfaces.
+
+ALPHABETICAL_INDEX = NO
+
+# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then
+# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns
+# in which this list will be split (can be a number in the range [1..20])
+
+COLS_IN_ALPHA_INDEX = 5
+
+# In case all classes in a project start with a common prefix, all
+# classes will be put under the same header in the alphabetical index.
+# The IGNORE_PREFIX tag can be used to specify one or more prefixes that
+# should be ignored while generating the index headers.
+
+IGNORE_PREFIX =
+
+#---------------------------------------------------------------------------
+# configuration options related to the HTML output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_HTML tag is set to YES (the default) Doxygen will
+# generate HTML output.
+
+GENERATE_HTML = NO
+
+# The HTML_OUTPUT tag is used to specify where the HTML docs will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `html' will be used as the default path.
+
+HTML_OUTPUT = html
+
+# The HTML_FILE_EXTENSION tag can be used to specify the file extension for
+# each generated HTML page (for example: .htm,.php,.asp). If it is left blank
+# doxygen will generate files with .html extension.
+
+HTML_FILE_EXTENSION = .html
+
+# The HTML_HEADER tag can be used to specify a personal HTML header for
+# each generated HTML page. If it is left blank doxygen will generate a
+# standard header.
+
+HTML_HEADER =
+
+# The HTML_FOOTER tag can be used to specify a personal HTML footer for
+# each generated HTML page. If it is left blank doxygen will generate a
+# standard footer.
+
+HTML_FOOTER =
+
+# The HTML_STYLESHEET tag can be used to specify a user defined cascading
+# style sheet that is used by each HTML page. It can be used to
+# fine-tune the look of the HTML output. If the tag is left blank doxygen
+# will generate a default style sheet
+
+HTML_STYLESHEET =
+
+# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
+# files or namespaces will be aligned in HTML using tables. If set to
+# NO a bullet list will be used.
+
+HTML_ALIGN_MEMBERS = YES
+
+# If the GENERATE_HTMLHELP tag is set to YES, additional index files
+# will be generated that can be used as input for tools like the
+# Microsoft HTML help workshop to generate a compressed HTML help file (.chm)
+# of the generated HTML documentation.
+
+GENERATE_HTMLHELP = NO
+
+# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can
+# be used to specify the file name of the resulting .chm file. You
+# can add a path in front of the file if the result should not be
+# written to the html output dir.
+
+CHM_FILE =
+
+# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can
+# be used to specify the location (absolute path including file name) of
+# the HTML help compiler (hhc.exe). If non empty doxygen will try to run
+# the html help compiler on the generated index.hhp.
+
+HHC_LOCATION =
+
+# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag
+# controls if a separate .chi index file is generated (YES) or that
+# it should be included in the master .chm file (NO).
+
+GENERATE_CHI = NO
+
+# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag
+# controls whether a binary table of contents is generated (YES) or a
+# normal table of contents (NO) in the .chm file.
+
+BINARY_TOC = NO
+
+# The TOC_EXPAND flag can be set to YES to add extra items for group members
+# to the contents of the Html help documentation and to the tree view.
+
+TOC_EXPAND = NO
+
+# The DISABLE_INDEX tag can be used to turn on/off the condensed index at
+# top of each HTML page. The value NO (the default) enables the index and
+# the value YES disables it.
+
+DISABLE_INDEX = NO
+
+# This tag can be used to set the number of enum values (range [1..20])
+# that doxygen will group on one line in the generated HTML documentation.
+
+ENUM_VALUES_PER_LINE = 4
+
+# If the GENERATE_TREEVIEW tag is set to YES, a side panel will be
+# generated containing a tree-like index structure (just like the one that
+# is generated for HTML Help). For this to work a browser that supports
+# JavaScript, DHTML, CSS and frames is required (for instance Mozilla,
+# Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are
+# probably better off using the HTML help feature.
+
+GENERATE_TREEVIEW = NO
+
+# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be
+# used to set the initial width (in pixels) of the frame in which the tree
+# is shown.
+
+TREEVIEW_WIDTH = 250
+
+#---------------------------------------------------------------------------
+# configuration options related to the LaTeX output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will
+# generate Latex output.
+
+GENERATE_LATEX = YES
+
+# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `latex' will be used as the default path.
+
+LATEX_OUTPUT = latex
+
+# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be
+# invoked. If left blank `latex' will be used as the default command name.
+
+LATEX_CMD_NAME = latex
+
+# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to
+# generate index for LaTeX. If left blank `makeindex' will be used as the
+# default command name.
+
+MAKEINDEX_CMD_NAME = makeindex
+
+# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact
+# LaTeX documents. This may be useful for small projects and may help to
+# save some trees in general.
+
+COMPACT_LATEX = NO
+
+# The PAPER_TYPE tag can be used to set the paper type that is used
+# by the printer. Possible values are: a4, a4wide, letter, legal and
+# executive. If left blank a4wide will be used.
+
+PAPER_TYPE = letter
+
+# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX
+# packages that should be included in the LaTeX output.
+
+EXTRA_PACKAGES =
+
+# The LATEX_HEADER tag can be used to specify a personal LaTeX header for
+# the generated latex document. The header should contain everything until
+# the first chapter. If it is left blank doxygen will generate a
+# standard header. Notice: only use this tag if you know what you are doing!
+
+LATEX_HEADER = header.tex
+
+# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
+# is prepared for conversion to pdf (using ps2pdf). The pdf file will
+# contain links (just like the HTML output) instead of page references
+# This makes the output suitable for online browsing using a pdf viewer.
+
+PDF_HYPERLINKS = YES
+
+# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of
+# plain latex in the generated Makefile. Set this option to YES to get a
+# higher quality PDF documentation.
+
+USE_PDFLATEX = YES
+
+# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode.
+# command to the generated LaTeX files. This will instruct LaTeX to keep
+# running if errors occur, instead of asking the user for help.
+# This option is also used when generating formulas in HTML.
+
+LATEX_BATCHMODE = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the RTF output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output
+# The RTF output is optimised for Word 97 and may not look very pretty with
+# other RTF readers or editors.
+
+GENERATE_RTF = NO
+
+# The RTF_OUTPUT tag is used to specify where the RTF docs will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `rtf' will be used as the default path.
+
+RTF_OUTPUT = rtf
+
+# If the COMPACT_RTF tag is set to YES Doxygen generates more compact
+# RTF documents. This may be useful for small projects and may help to
+# save some trees in general.
+
+COMPACT_RTF = NO
+
+# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated
+# will contain hyperlink fields. The RTF file will
+# contain links (just like the HTML output) instead of page references.
+# This makes the output suitable for online browsing using WORD or other
+# programs which support those fields.
+# Note: wordpad (write) and others do not support links.
+
+RTF_HYPERLINKS = NO
+
+# Load stylesheet definitions from file. Syntax is similar to doxygen's
+# config file, i.e. a series of assigments. You only have to provide
+# replacements, missing definitions are set to their default value.
+
+RTF_STYLESHEET_FILE =
+
+# Set optional variables used in the generation of an rtf document.
+# Syntax is similar to doxygen's config file.
+
+RTF_EXTENSIONS_FILE =
+
+#---------------------------------------------------------------------------
+# configuration options related to the man page output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_MAN tag is set to YES (the default) Doxygen will
+# generate man pages
+
+GENERATE_MAN = NO
+
+# The MAN_OUTPUT tag is used to specify where the man pages will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `man' will be used as the default path.
+
+MAN_OUTPUT = man
+
+# The MAN_EXTENSION tag determines the extension that is added to
+# the generated man pages (default is the subroutine's section .3)
+
+MAN_EXTENSION = .3
+
+# If the MAN_LINKS tag is set to YES and Doxygen generates man output,
+# then it will generate one additional man file for each entity
+# documented in the real man page(s). These additional files
+# only source the real man page, but without them the man command
+# would be unable to find the correct page. The default is NO.
+
+MAN_LINKS = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the XML output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_XML tag is set to YES Doxygen will
+# generate an XML file that captures the structure of
+# the code including all documentation. Note that this
+# feature is still experimental and incomplete at the
+# moment.
+
+GENERATE_XML = NO
+
+# The XML_SCHEMA tag can be used to specify an XML schema,
+# which can be used by a validating XML parser to check the
+# syntax of the XML files.
+
+XML_SCHEMA =
+
+# The XML_DTD tag can be used to specify an XML DTD,
+# which can be used by a validating XML parser to check the
+# syntax of the XML files.
+
+XML_DTD =
+
+#---------------------------------------------------------------------------
+# configuration options for the AutoGen Definitions output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will
+# generate an AutoGen Definitions (see autogen.sf.net) file
+# that captures the structure of the code including all
+# documentation. Note that this feature is still experimental
+# and incomplete at the moment.
+
+GENERATE_AUTOGEN_DEF = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the Perl module output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_PERLMOD tag is set to YES Doxygen will
+# generate a Perl module file that captures the structure of
+# the code including all documentation. Note that this
+# feature is still experimental and incomplete at the
+# moment.
+
+GENERATE_PERLMOD = NO
+
+# If the PERLMOD_LATEX tag is set to YES Doxygen will generate
+# the necessary Makefile rules, Perl scripts and LaTeX code to be able
+# to generate PDF and DVI output from the Perl module output.
+
+PERLMOD_LATEX = NO
+
+# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be
+# nicely formatted so it can be parsed by a human reader. This is useful
+# if you want to understand what is going on. On the other hand, if this
+# tag is set to NO the size of the Perl module output will be much smaller
+# and Perl will parse it just the same.
+
+PERLMOD_PRETTY = YES
+
+# The names of the make variables in the generated doxyrules.make file
+# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX.
+# This is useful so different doxyrules.make files included by the same
+# Makefile don't overwrite each other's variables.
+
+PERLMOD_MAKEVAR_PREFIX =
+
+#---------------------------------------------------------------------------
+# Configuration options related to the preprocessor
+#---------------------------------------------------------------------------
+
+# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will
+# evaluate all C-preprocessor directives found in the sources and include
+# files.
+
+ENABLE_PREPROCESSING = YES
+
+# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro
+# names in the source code. If set to NO (the default) only conditional
+# compilation will be performed. Macro expansion can be done in a controlled
+# way by setting EXPAND_ONLY_PREDEF to YES.
+
+MACRO_EXPANSION = NO
+
+# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES
+# then the macro expansion is limited to the macros specified with the
+# PREDEFINED and EXPAND_AS_PREDEFINED tags.
+
+EXPAND_ONLY_PREDEF = NO
+
+# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
+# in the INCLUDE_PATH (see below) will be search if a #include is found.
+
+SEARCH_INCLUDES = YES
+
+# The INCLUDE_PATH tag can be used to specify one or more directories that
+# contain include files that are not input files but should be processed by
+# the preprocessor.
+
+INCLUDE_PATH =
+
+# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
+# patterns (like *.h and *.hpp) to filter out the header-files in the
+# directories. If left blank, the patterns specified with FILE_PATTERNS will
+# be used.
+
+INCLUDE_FILE_PATTERNS =
+
+# The PREDEFINED tag can be used to specify one or more macro names that
+# are defined before the preprocessor is started (similar to the -D option of
+# gcc). The argument of the tag is a list of macros of the form: name
+# or name=definition (no spaces). If the definition and the = are
+# omitted =1 is assumed.
+
+PREDEFINED =
+
+# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
+# this tag can be used to specify a list of macro names that should be expanded.
+# The macro definition that is found in the sources will be used.
+# Use the PREDEFINED tag if you want to use a different macro definition.
+
+EXPAND_AS_DEFINED =
+
+# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then
+# doxygen's preprocessor will remove all function-like macros that are alone
+# on a line, have an all uppercase name, and do not end with a semicolon. Such
+# function macros are typically used for boiler-plate code, and will confuse the
+# parser if not removed.
+
+SKIP_FUNCTION_MACROS = YES
+
+#---------------------------------------------------------------------------
+# Configuration::addtions related to external references
+#---------------------------------------------------------------------------
+
+# The TAGFILES tag can be used to specify one or more tagfiles.
+
+TAGFILES =
+
+# When a file name is specified after GENERATE_TAGFILE, doxygen will create
+# a tag file that is based on the input files it reads.
+
+GENERATE_TAGFILE =
+
+# If the ALLEXTERNALS tag is set to YES all external classes will be listed
+# in the class index. If set to NO only the inherited external classes
+# will be listed.
+
+ALLEXTERNALS = NO
+
+# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed
+# in the modules index. If set to NO, only the current project's groups will
+# be listed.
+
+EXTERNAL_GROUPS = YES
+
+# The PERL_PATH should be the absolute path and name of the perl script
+# interpreter (i.e. the result of `which perl').
+
+PERL_PATH = /usr/bin/perl
+
+#---------------------------------------------------------------------------
+# Configuration options related to the dot tool
+#---------------------------------------------------------------------------
+
+# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will
+# generate a inheritance diagram (in Html, RTF and LaTeX) for classes with base or
+# super classes. Setting the tag to NO turns the diagrams off. Note that this
+# option is superceded by the HAVE_DOT option below. This is only a fallback. It is
+# recommended to install and use dot, since it yield more powerful graphs.
+
+CLASS_DIAGRAMS = YES
+
+# If set to YES, the inheritance and collaboration graphs will hide
+# inheritance and usage relations if the target is undocumented
+# or is not a class.
+
+HIDE_UNDOC_RELATIONS = YES
+
+# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is
+# available from the path. This tool is part of Graphviz, a graph visualization
+# toolkit from AT&T and Lucent Bell Labs. The other options in this section
+# have no effect if this option is set to NO (the default)
+
+HAVE_DOT = NO
+
+# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen
+# will generate a graph for each documented class showing the direct and
+# indirect inheritance relations. Setting this tag to YES will force the
+# the CLASS_DIAGRAMS tag to NO.
+
+CLASS_GRAPH = YES
+
+# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen
+# will generate a graph for each documented class showing the direct and
+# indirect implementation dependencies (inheritance, containment, and
+# class references variables) of the class with other documented classes.
+
+COLLABORATION_GRAPH = YES
+
+# If set to YES, the inheritance and collaboration graphs will show the
+# relations between templates and their instances.
+
+TEMPLATE_RELATIONS = YES
+
+# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT
+# tags are set to YES then doxygen will generate a graph for each documented
+# file showing the direct and indirect include dependencies of the file with
+# other documented files.
+
+INCLUDE_GRAPH = YES
+
+# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and
+# HAVE_DOT tags are set to YES then doxygen will generate a graph for each
+# documented header file showing the documented files that directly or
+# indirectly include this file.
+
+INCLUDED_BY_GRAPH = YES
+
+# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen
+# will graphical hierarchy of all classes instead of a textual one.
+
+GRAPHICAL_HIERARCHY = YES
+
+# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
+# generated by dot. Possible values are png, jpg, or gif
+# If left blank png will be used.
+
+DOT_IMAGE_FORMAT = png
+
+# The tag DOT_PATH can be used to specify the path where the dot tool can be
+# found. If left blank, it is assumed the dot tool can be found on the path.
+
+DOT_PATH =
+
+# The DOTFILE_DIRS tag can be used to specify one or more directories that
+# contain dot files that are included in the documentation (see the
+# \dotfile command).
+
+DOTFILE_DIRS =
+
+# The MAX_DOT_GRAPH_WIDTH tag can be used to set the maximum allowed width
+# (in pixels) of the graphs generated by dot. If a graph becomes larger than
+# this value, doxygen will try to truncate the graph, so that it fits within
+# the specified constraint. Beware that most browsers cannot cope with very
+# large images.
+
+MAX_DOT_GRAPH_WIDTH = 1024
+
+# The MAX_DOT_GRAPH_HEIGHT tag can be used to set the maximum allows height
+# (in pixels) of the graphs generated by dot. If a graph becomes larger than
+# this value, doxygen will try to truncate the graph, so that it fits within
+# the specified constraint. Beware that most browsers cannot cope with very
+# large images.
+
+MAX_DOT_GRAPH_HEIGHT = 1024
+
+# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will
+# generate a legend page explaining the meaning of the various boxes and
+# arrows in the dot generated graphs.
+
+GENERATE_LEGEND = YES
+
+# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will
+# remove the intermedate dot files that are used to generate
+# the various graphs.
+
+DOT_CLEANUP = YES
+
+#---------------------------------------------------------------------------
+# Configuration::addtions related to the search engine
+#---------------------------------------------------------------------------
+
+# The SEARCHENGINE tag specifies whether or not a search engine should be
+# used. If set to NO the values of all tags below this one will be ignored.
+
+SEARCHENGINE = NO
+
+# The CGI_NAME tag should be the name of the CGI script that
+# starts the search engine (doxysearch) with the correct parameters.
+# A script with this name will be generated by doxygen.
+
+CGI_NAME = search.cgi
+
+# The CGI_URL tag should be the absolute URL to the directory where the
+# cgi binaries are located. See the documentation of your http daemon for
+# details.
+
+CGI_URL =
+
+# The DOC_URL tag should be the absolute URL to the directory where the
+# documentation is located. If left blank the absolute path to the
+# documentation, with file:// prepended to it, will be used.
+
+DOC_URL =
+
+# The DOC_ABSPATH tag should be the absolute path to the directory where the
+# documentation is located. If left blank the directory on the local machine
+# will be used.
+
+DOC_ABSPATH =
+
+# The BIN_ABSPATH tag must point to the directory where the doxysearch binary
+# is installed.
+
+BIN_ABSPATH = /usr/local/bin/
+
+# The EXT_DOC_PATHS tag can be used to specify one or more paths to
+# documentation generated for other projects. This allows doxysearch to search
+# the documentation for these projects as well.
+
+EXT_DOC_PATHS =
diff --git a/srtp/doc/Makefile b/srtp/doc/Makefile
new file mode 100644
index 0000000..d4c0845
--- /dev/null
+++ b/srtp/doc/Makefile
@@ -0,0 +1,44 @@
+# Makefile for libSRTP documentation
+#
+# David A. McGrew
+# Cisco Systems, Inc.
+#
+# This makefile does not use the autoconf system; we don't really need
+# it. We just run doxygen then latex. If you don't have either of
+# these, then there is no way that you can make your own
+# documentation. Of course, you can just go online at pick up the
+# documentation from http://srtp.sourceforge.net.
+
+srcdir = .
+top_srcdir = ..
+top_builddir = ../
+
+
+# Determine the version of the library
+
+version = $(shell cat $(top_srcdir)/VERSION)
+
+
+.PHONY: libsrtpdoc cryptodoc clean
+libsrtpdoc:
+ @if test ! -e Doxyfile; then \
+ echo "*** Sorry, can't build doc outside source dir"; exit 1; \
+ fi
+ sed 's/LIBSRTPVERSION/$(version)/' header.template > header.tex
+ doxygen
+ sed 's/\subsection/\section/' latex/index.tex > latex/index.tmp
+ mv latex/index.tmp latex/index.tex
+ cd latex; make
+ cp latex/refman.pdf libsrtp.pdf
+
+
+cryptodoc: clean
+ doxygen crypto.dox
+ cd latex; make
+ cp latex/refman.pdf crypto.pdf
+
+clean:
+ rm -rf latex/ header.tex
+ for a in * ; do \
+ if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
+ done;
diff --git a/srtp/doc/Makefile.in b/srtp/doc/Makefile.in
new file mode 100644
index 0000000..5b4b6bd
--- /dev/null
+++ b/srtp/doc/Makefile.in
@@ -0,0 +1,44 @@
+# Makefile for libSRTP documentation
+#
+# David A. McGrew
+# Cisco Systems, Inc.
+#
+# This makefile does not use the autoconf system; we don't really need
+# it. We just run doxygen then latex. If you don't have either of
+# these, then there is no way that you can make your own
+# documentation. Of course, you can just go online at pick up the
+# documentation from http://srtp.sourceforge.net.
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+top_builddir = @top_builddir@
+VPATH = @srcdir@
+
+# Determine the version of the library
+
+version = $(shell cat $(top_srcdir)/VERSION)
+
+
+.PHONY: libsrtpdoc cryptodoc clean
+libsrtpdoc:
+ @if test ! -e Doxyfile; then \
+ echo "*** Sorry, can't build doc outside source dir"; exit 1; \
+ fi
+ sed 's/LIBSRTPVERSION/$(version)/' header.template > header.tex
+ doxygen
+ sed 's/\subsection/\section/' latex/index.tex > latex/index.tmp
+ mv latex/index.tmp latex/index.tex
+ cd latex; make
+ cp latex/refman.pdf libsrtp.pdf
+
+
+cryptodoc: clean
+ doxygen crypto.dox
+ cd latex; make
+ cp latex/refman.pdf crypto.pdf
+
+clean:
+ rm -rf latex/ header.tex
+ for a in * ; do \
+ if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
+ done;
diff --git a/srtp/doc/crypto_kernel.txt b/srtp/doc/crypto_kernel.txt
new file mode 100644
index 0000000..b0d033f
--- /dev/null
+++ b/srtp/doc/crypto_kernel.txt
@@ -0,0 +1,76 @@
+/**
+
+@defgroup CryptoKernel Cryptographic Kernel
+
+All of the cryptographic functions are contained in a kernel.
+
+*/
+
+/**
+
+@defgroup CipherImplementations Ciphers
+@ingroup CryptoKernel
+
+@brief A generic cipher type enables cipher agility, that is, the
+ability to write code that runs with multiple cipher types.
+Ciphers can be used through the crypto kernel, or can be accessed
+directly, if need be.
+
+@{
+
+*/
+
+/**
+ * @brief Allocates a cipher of a particular type.
+ * @warning May be implemented as a macro.
+ */
+err_status_t
+cipher_type_alloc(cipher_type_t *ctype, cipher_t **cipher,
+ unsigned key_len);
+
+/**
+ * @brief Initialized a cipher to use a particular key. May
+ * be invoked more than once on the same cipher.
+ * @warning May be implemented as a macro.
+ */
+
+err_status_t
+cipher_init(cipher_t *cipher, const uint8_t *key);
+
+/**
+ * @brief Sets the initialization vector of a given cipher.
+ * @warning May be implemented as a macro.
+ */
+
+err_status_t
+cipher_set_iv(cipher_t *cipher, void *iv);
+
+/**
+ * @brief Encrypts a buffer with a given cipher.
+ * @warning May be implemented as a macro.
+ */
+
+err_status_t
+cipher_encrypt(cipher_t *cipher, void *buf, unsigned int *len);
+
+/**
+ * @brief Sets a buffer to the keystream generated by the cipher.
+ * @warning May be implemented as a macro.
+ */
+err_status_t
+cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output);
+
+/**
+ * @brief Deallocates a cipher.
+ * @warning May be implemented as a macro.
+ */
+err_status_t
+cipher_dealloc(cipher_t *cipher);
+
+
+
+/**
+ * @}
+ */
+
+ */ \ No newline at end of file
diff --git a/srtp/doc/draft-irtf-cfrg-icm-00.txt b/srtp/doc/draft-irtf-cfrg-icm-00.txt
new file mode 100644
index 0000000..ddfce33
--- /dev/null
+++ b/srtp/doc/draft-irtf-cfrg-icm-00.txt
@@ -0,0 +1 @@
+ Crypto Forum Research Group David A. McGrew Internet Draft Cisco Systems, Inc. Expires April, 2003 October, 2002 Integer Counter Mode <draft-irtf-cfrg-icm-00.txt> Status of this Memo This document is an Internet Draft and is in full conformance with all provisions of Section 10 of RFC-2026. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and working groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. 1. Abstract This document specifies Integer Counter Mode (ICM), a mode of operation of a block cipher which defines an indexed keystream generator (which generates a keystream segment given an index). This mode is efficient, parallelizable, and has been proven secure given realistic assumptions about the block cipher. Test vectors are provided for AES. Counter Mode admits many variations. The variant specified in this document is secure and flexible, yet it enables a single implementation of a keystream generator to suffice in different application domains. McGrew [Page 1] Internet Draft Integer Counter Mode October, 2002 2. Notational Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [B97]. 3. Introduction Counter Mode is a way to define a pseudorandom keystream generator using a block cipher [CTR]. The keystream can be used for additive encryption, key derivation, or any other application requiring pseudorandom data. In ICM, the keystream is logically broken into segments. Each segment is identified with a segment index, and the segments have equal lengths. This segmentation makes ICM especially appropriate for securing packet-based protocols. 4. ICM In this section, ICM keystream generation and encryption are defined. 4.1. ICM Parameters The following parameters are used in ICM. These parameters MUST remain fixed for any given use of a key. Parameter Meaning ----------------------------------------------------------------- BLOCK_LENGTH the number of octets in the cipher block KEY_LENGTH the number of octets in the cipher key OFFSET_LENGTH the number of octets in the offset SEGMENT_INDEX_LENGTH the number of octets in the segment index BLOCK_INDEX_LENGTH the number of octets in the block index 4.2. Keystream Segments Conceptually, ICM is a keystream generator that takes a secret key and a segment index as an input and then outputs a keystream segment. The segmentation lends itself to packet encryption, as each keystream segment can be used to encrypt a distinct packet. A counter is a value containing BLOCK_LENGTH octets which is McGrew [Page 2] Internet Draft Integer Counter Mode October, 2002 incremented using an increment function based on integer addition, to produce a sequence of distinct values which are used as inputs to the block cipher. (In the context of this specification, an integer is an octet string, the most significant of which is the first.) The output blocks of the cipher are concatenated to form the keystream segment. The first octet of the segment is the first octet of the first output block, and so on. A schematic of this process is shown in Figure 1. Figure 1. The generation of a keystream segment given a segment index and a block cipher key K. Here C[i] and S[i] denote the ith counter and keystream block, respectively. segment index | v C[0] -----> C[1] -----> C[2] -----> ... | | | v v v +---+ +---+ +---+ K->| E | K->| E | K->| E | ... +---+ +---+ +---+ | | | v v v S[0] S[1] S[2] ... The ith counter C[i] of the keystream segment with segment index s is defined as C[i] = (i + s * (256^BLOCK_INDEX_LENGTH)) (+) r where r denotes the shifted Offset, which is defined as the Offset times 256^(BLOCK_LENGTH - OFFSET_LENGTH). (This multiplication left-shifts the Offset so that it is aligned with the leftmost edge of the block.) Here ^ denotes exponentiation and (+) denotes the bitwise exclusive-or operation. The number of blocks in any segment MUST NOT exceed 256^BLOCK_INDEX_LENGTH. The number of segments MUST NOT exceed 256^SEGMENT_INDEX_LENGTH. These restrictions ensure the uniqueness of each block cipher input. They also imply that each segment contains no more than (256^BLOCK_INDEX_LENGTH)*BLOCK_LENGTH octets. The sum of SEGMENT_INDEX_LENGTH and BLOCK_INDEX_LENGTH MUST NOT exceed BLOCK_LENGTH / 2. This requirement protects the ICM keystream generator from potentially failing to be pseudorandom (see McGrew [Page 3] Internet Draft Integer Counter Mode October, 2002 the rationale). Figure 2. An illustration of the structure of a counter with BLOCK_LENGTH = 8, SEGMENT_INDEX_LENGTH = 2, and BLOCK_INDEX_LENGTH = 2. The field marked `null' is not part of either the block or segment indices. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | null | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | segment index | block index | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4.3. ICM Encryption Unless otherwise specified, ICM encryption consists of bitwise exclusive-oring the keystream into the plaintext to produce the ciphertext. 4.4 ICM KEY An ICM key consists of the block cipher key and an Offset. The Offset is an integer with OFFSET_LENGTH octets, which is used to `randomize' the logical starting point of keystream. The Offset is crucial to providing security; see the rationale. The value of OFFSET_LENGTH SHOULD be at least half that of BLOCK_LENGTH. For the purposes of transporting an ICM key, e.g. in a signaling protocol, that key SHOULD be considered a sequence of octets in which the block cipher key precedes the Offset. 5. Implementation Considerations Implementation of the `add one modulo 2^m' operation is simple. For example, with BLOCK_LENGTH = 8 (m=64), it can be implemented in C as if (!++x) ++y; where x and y are 32-bit unsigned integers in network byte order. The implementation of general purpose addition modulo 2^m is slightly more complicated. The fact that the Offset is left-aligned enables an implementation McGrew [Page 4] Internet Draft Integer Counter Mode October, 2002 to avoid propagating carry values outside of the block index and/or the segment index. Choosing an OFFSET_LENGTH value equal to half that of BLOCK_LENGTH avoids all of these carries, since the Offset is then shifted so that it occupies the most significant octets of the block, while the block and segment indices occupy the least significant ones. 6. Parameters and Test Vectors for AES This section provides ICM parameters and test vectors for AES with a 128 bit block size and 128 bit key (that is, with a BLOCK_LENGTH and KEY_LENGTH of 16). All integers are expressed in hexadecimal. Each consecutive pair of hex digits corresponds to an octet, so that the integer 000102030405060708090A0B0C0D0E0F corresponds to the octet sequence { 00, 01, 02, 02 ... }. BLOCK_LENGTH 16 KEY_LENGTH 16 OFFSET_LENGTH 14 SEGMENT_INDEX_LENGTH 6 BLOCK_INDEX_LENGTH 2 Block Cipher Key: 2b7e151628aed2a6abf7158809cf4f3c Offset: f0f1f2f3f4f5f6f7f8f9fafbfcfd Segment Index: 000000000000 Keystream: e03ead0935c95e80e166b16dd92b4eb4 d23513162b02d0f72a43a2fe4a5f97ab ... The counter values that correspond to the keystream blocks are outlined below. Counter Keystream f0f1f2f3f4f5f6f7f8f9fafbfcfd0000 e03ead0935c95e80e166b16dd92b4eb4 f0f1f2f3f4f5f6f7f8f9fafbfcfd0001 d23513162b02d0f72a43a2fe4a5f97ab f0f1f2f3f4f5f6f7f8f9fafbfcfd0002 41e95b3bb0a2e8dd477901e4fca894c0 ... ... 7. Security Considerations Each block cipher input is distinct for any segment and any block index. To see this fact, subtract any two counter values with distinct segment or block indices; the result is non-zero. McGrew [Page 5] Internet Draft Integer Counter Mode October, 2002 The limitation on the number of segments which can be generated ensures that the probability with which an adversary can distinguish the keystream generator from random is negligible. For a theoretical justification of this fact, see Bellare et. al. [BR98]. Their analysis shows that if the block cipher cannot be distinguished from a random permutation, then the keystream generated by ICM cannot be distinguished from keystream generated by a truly random process, as long as the length of keystream which is generated is kept below some threshold. The threshold defined in Section 4.2 is sufficient for most uses of ICM for encryption. This specification refrains from dictating a lower threshold in order to refrain from dictating a particular policy, and to avoid a complicated digression. The use of the Offset, a key-dependent value which randomizes the starting position of the keystream, is essential for security. The omission of this mechanism leaves the door open for practical attacks, such as the key collision attack and Hellman's time-memory tradeoff attack; see McGrew and Fluhrer [MF00] for a description of these attacks which is applicable to ICM. Several counter mode proposals do not include an offset, and are thus vulnerable to these attacks. 8. Rationale This speficiation includes input from implementation experience with several counter mode variants. The goals of ICM are to provide: o a secure keystream generator and cipher, and o a definition flexible enough that a single implementation can be used for a variety of applications (e.g., Secure RTP [SRTP], IPsec ESP [KA96]). The Offset slightly increases the key management overhead, but this minor disadvantage is well outweighed by other savings. The Offset is no larger than a CBC mode IV, and ICM enables the use of an explicit IV (as is commonly used with CBC [MD98]) to be avoided. 9. History This draft is based on draft-mcgrew-saag-icm-00.txt, which was submitted to SAAG on November, 2001 and which expired in May, 2002. The current definition of ICM has changed from the earlier one; the counter formation is different and the specifications are McGrew [Page 6] Internet Draft Integer Counter Mode October, 2002 unfortunately not interoperable. This change was motivated by a considerable amount of feedback on the desirability of admitting optimizations of the sort described in Section 5, in which the carry operations of counter addition need not be propagated across a large register. The current definition of ICM is interoperable with that defined in Secure RTP [SRTP]. 10. Acknowledgements Thanks are due to Helger Lipmaa, Jerome Etienne, Scott Fluhrer and Mats Naslund for their helpful discussion and comments. 11. Contact Information Questions and comments on this draft SHOULD be sent to: David A. McGrew Cisco Systems, Inc. mcgrew@cisco.com and copied to the Crypto Forum Research Group at: cfrg@ietf.org. 12. References [BR98] M. Bellare, A. Desai, E. Lokipii and P. Rogaway, A Concrete Security Treatment of Symmetric Encryption: Analysis of DES Modes of Operation, Proceedings of the 38th Symposium on Foundations of Computer Science, IEEE, 1997. [B97] S. Bradner, Key words for use in RFCs to Indicate Requirement Levels, RFC 2119, March 1997. [AES] The Advanced Encryption Standard, United States National Institute for Standards and Technology (NIST), http://www.nist.gov/aes/. [CTR] M. Dworkin, NIST Special Publication 800-38A, "Recommendation for Block Cipher Modes of Operation: Methods and Techniques", 2001. Online at McGrew [Page 7] Internet Draft Integer Counter Mode October, 2002 http://csrc.nist.gov/publications/nistpubs/800-38a/sp800- 38a.pdf. [MD98] Madson, C., and Doraswamy, N., "The ESP DES-CBC Cipher Algorithm With Explicit IV", RFC 2405, November 1998. [MF00] D. McGrew and S. Fluhrer, Attacks on Additive Encryption and Implications on Internet Security, Selected Areas in Cryptography 2000. [SRTP] The Secure Real-time Transport Protocol, Baugher et. al., Internet Draft, draft-ietf-avt-srtp-05.txt. McGrew [Page 8] \ No newline at end of file
diff --git a/srtp/doc/header.template b/srtp/doc/header.template
new file mode 100644
index 0000000..2c0b96d
--- /dev/null
+++ b/srtp/doc/header.template
@@ -0,0 +1,115 @@
+% header.tex
+%
+% header file for the libSRTP documentation - based on the header
+% file generated by doxygen, with the initial chapters of the
+% original libSRTP documentation tacked on
+%
+\documentclass[letterpaper]{book}
+\usepackage{makeidx}
+\usepackage{fancyhdr}
+\usepackage{graphicx}
+\usepackage{multicol}
+\usepackage{float}
+\usepackage{textcomp}
+\usepackage{alltt}
+\usepackage{times}
+\usepackage{graphicx}
+\ifx\pdfoutput\undefined
+\usepackage[ps2pdf,
+ pagebackref=true,
+ colorlinks=true,
+ linkcolor=blue
+ ]{hyperref}
+\else
+\usepackage[pdftex,
+ pagebackref=true,
+ colorlinks=true,
+ linkcolor=blue
+ ]{hyperref}
+\fi
+\usepackage{doxygen}
+\makeindex
+\setcounter{tocdepth}{1}
+\renewcommand{\footrulewidth}{0.4pt}
+
+% these lengths are from DAM
+\textwidth = 6.5 in
+%\textheight = 9 in
+\oddsidemargin = 0.0 in
+\evensidemargin = 0.0 in
+\topmargin = 0.0 in
+\headheight = 0.0 in
+%\headsep = 0.0 in
+\parskip = 0.2in
+\parindent = 0.0in
+
+% these header and footer definitions from DAM
+\lhead{libSRTP}
+\chead{}
+\rhead{\rightmark}
+%\rhead{\slshape }
+\lfoot{}
+\cfoot{ \thepage }
+\rfoot{}
+%\fancyhead[LE,RO]{\rightmark }
+%\fancyhead[LO,RE]{\slshape }
+
+% let's use the palatino font
+\fontfamily{ppl}
+\selectfont
+
+
+\begin{document}
+\begin{titlepage}
+\vspace*{4cm}
+%\begin{center}
+{\Huge
+libSRTP LIBSRTPVERSION Overview and Reference Manual\\
+ \hrulefill
+}\\
+\vspace*{0cm}
+\begin{flushright}
+{\Large David A. McGrew \\ \texttt{mcgrew@cisco.com} }\\
+\vspace*{0.5cm}
+\end{flushright}
+%\end{center}
+
+%\includegraphics[scale=.8]{phone}
+
+\end{titlepage}
+
+
+\clearemptydoublepage
+\vspace*{3cm}
+{\LARGE Preface}
+\vspace{1cm}
+
+The original implementation and documentation of libSRTP was written
+by David McGrew of Cisco Systems, Inc. in order to promote the use,
+understanding, and interoperability of Secure RTP. Michael Jerris
+contributed support for building under MSVC. Andris Pavenis
+contributed many important fixes. Brian West contributed changes to
+enable dynamic linking. Yves Shumann reported documentation bugs.
+Randell Jesup contributed a working SRTCP implementation and other
+fixes. Alex Vanzella and Will Clark contributed changes so that the
+AES ICM implementation can be used for ISMA media encryption. Steve
+Underwood contributed x86\_64 portability changes. We also give
+thanks to Fredrik Thulin, Brian Weis, Mark Baugher, Jeff Chan, Bill
+Simon, Douglas Smith, Bill May, Richard Preistley, Joe Tardo and
+others for contributions, comments, and corrections.
+
+This reference material in this documenation was generated using the
+\texttt{doxygen} utility for automatic documentation of source code.
+
+\copyright 2001-2005 by David A. McGrew, Cisco Systems, Inc.
+\thispagestyle{empty}
+
+\clearemptydoublepage
+\pagenumbering{roman}
+\tableofcontents
+%\clearemptydoublepage
+
+\clearemptydoublepage
+\pagenumbering{arabic}
+
+
diff --git a/srtp/doc/intro.txt b/srtp/doc/intro.txt
new file mode 100644
index 0000000..f315599
--- /dev/null
+++ b/srtp/doc/intro.txt
@@ -0,0 +1,395 @@
+/**
+
+@mainpage Introduction to libSRTP
+
+This document describes libSRTP, the Open Source Secure RTP library
+from Cisco Systems, Inc. RTP is the Real-time Transport Protocol, an
+IETF standard for the transport of real-time data such as telephony,
+audio, and video, defined by RFC1889. Secure RTP (SRTP) is an RTP
+profile for providing confidentiality to RTP data and authentication
+to the RTP header and payload. SRTP is an IETF Proposed Standard, and
+is defined in RFC 3711, and was developed in the IETF Audio/Video
+Transport (AVT) Working Group. This library supports all of the
+mandatory features of SRTP, but not all of the optional features. See
+the @ref Features section for more detailed information.
+
+This document is organized as follows. The first chapter provides
+background material on SRTP and overview of libSRTP. The following
+chapters provide a detailed reference to the libSRTP API and related
+functions. The reference material is created automatically (using the
+doxygen utility) from comments embedded in some of the C header
+files. The documentation is organized into modules in order to improve
+its clarity. These modules do not directly correspond to files. An
+underlying cryptographic kernel provides much of the basic
+functionality of libSRTP, but is mostly undocumented because it does
+its work behind the scenes.
+
+@section LICENSE License and Disclaimer
+
+libSRTP is distributed under the following license, which is included
+in the source code distribution. It is reproduced in the manual in
+case you got the library from another source.
+
+@latexonly
+\begin{quote}
+Copyright (c) 2001-2005 Cisco Systems, Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+\begin{itemize}
+\item Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+\item Redistributions in binary form must reproduce the above
+ copyright notice, this list of conditions and the following
+ disclaimer in the documentation and/or other materials provided
+ with the distribution.
+\item Neither the name of the Cisco Systems, Inc. nor the names of its
+ contributors may be used to endorse or promote products derived
+ from this software without specific prior written permission.
+\end{itemize}
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+OF THE POSSIBILITY OF SUCH DAMAGE.
+\end{quote}
+@endlatexonly
+
+@section Features Supported Features
+
+This library supports all of the mandatory-to-implement features of
+SRTP (as defined by the most recent Internet Draft). Some of these
+features can be selected (or de-selected) at run time by setting an
+appropriate policy; this is done using the structure srtp_policy_t.
+Some other behaviors of the protocol can be adapted by defining an
+approriate event handler for the exceptional events; see the @ref
+SRTPevents section.
+
+Some options that are not included in the specification are supported.
+Most notably, the TMMH authentication function is included, though it
+was removed from the SRTP Internet Draft during the summer of 2002.
+
+
+@latexonly
+Some options that are described in the SRTP specification are not
+supported. This includes
+\begin{itemize}
+\item the Master Key Index (MKI),
+\item key derivation rates other than zero,
+\item the cipher F8,
+\item anti-replay lists with sizes other than 128,
+\item the use of the packet index to select between master keys.
+\end{itemize}
+@endlatexonly
+
+The user should be aware that it is possible to misuse this libary,
+and that the result may be that the security level it provides is
+inadequate. If you are implementing a feature using this library, you
+will want to read the Security Considerations section of the Internet
+Draft. In addition, it is important that you read and understand the
+terms outlined in the @ref LICENSE section.
+
+
+@section Installing Installing and Building libSRTP
+
+@latexonly
+
+To install libSRTP, download the latest release of the distribution
+from \texttt{srtp.sourceforge.net}. The format of the names of the
+distributions are \texttt{srtp-A.B.C.tgz}, where \texttt{A} is the
+version number, \texttt{B} is the major release number, \texttt{C} is
+the minor release number, and \texttt{tgz} is the file
+extension\footnote{The extension \texttt{.tgz} is identical to
+\texttt{tar.gz}, and indicates a compressed tar file.} You probably
+want to get the most recent release. Unpack the distribution and
+extract the source files; the directory into which the soruce files
+will go is named \texttt{srtp}.
+
+libSRTP uses the GNU \texttt{autoconf} and \texttt{make}
+utilities\footnote{BSD make will not work; if both versions of make
+are on your platform, you can invoke GNU make as \texttt{gmake}.}. In
+the \texttt{srtp} directory, run the configure script and then make:
+\begin{verbatim}
+ ./configure [ options ]
+ make
+\end{verbatim}
+The configure script accepts the following options:
+\begin{quote}
+\begin{description}
+\item[--help] provides a usage summary.
+\item[--disable-debug] compiles libSRTP without the runtime
+ dynamic debugging system.
+\item[--enable-generic-aesicm] compile in changes for ismacryp
+\item[--enable-syslog] use syslog for error reporting.
+\item[--disable-stdout] diables stdout for error reporting.
+\item[--enable-console] use \texttt{/dev/console} for error reporting
+\item[--gdoi] use GDOI key management (disabled at present).
+\end{description}
+\end{quote}
+
+By default, dynamic debbuging is enabled and stdout is used for
+debugging. You can use the configure options to have the debugging
+output sent to syslog or the system console. Alternatively, you can
+define ERR\_REPORTING\_FILE in \texttt{include/conf.h} to be any other
+file that can be opened by libSRTP, and debug messages will be sent to
+it.
+
+This package has been tested on the following platforms: Mac OS X
+(powerpc-apple-darwin1.4), Cygwin (i686-pc-cygwin), Solaris
+(sparc-sun-solaris2.6), RedHat Linux 7.1 and 9 (i686-pc-linux), and
+OpenBSD (sparc-unknown-openbsd2.7).
+
+
+@endlatexonly
+
+@section Applications Applications
+
+@latexonly
+
+Several test drivers and a simple and portable srtp application are
+included in the \texttt{test/} subdirectory.
+
+\begin{center}
+\begin{tabular}{ll}
+\hline
+Test driver & Function tested \\
+\hline
+kernel\_driver & crypto kernel (ciphers, auth funcs, rng) \\
+srtp\_driver & srtp in-memory tests (does not use the network) \\
+rdbx\_driver & rdbx (extended replay database) \\
+roc\_driver & extended sequence number functions \\
+replay\_driver & replay database \\
+cipher\_driver & ciphers \\
+auth\_driver & hash functions \\
+\hline
+\end{tabular}
+\end{center}
+
+The app rtpw is a simple rtp application which reads words from
+/usr/dict/words and then sends them out one at a time using [s]rtp.
+Manual srtp keying uses the -k option; automated key management
+using gdoi will be added later.
+
+The usage for rtpw is
+
+\texttt{rtpw [[-d $<$debug$>$]* [-k $<$key$>$ [-a][-e]] [-s | -r] dest\_ip
+dest\_port][-l]}
+
+Either the -s (sender) or -r (receiver) option must be chosen. The
+values dest\_ip, dest\_port are the IP address and UDP port to which
+the dictionary will be sent, respectively. The options are:
+\begin{center}
+\begin{tabular}{ll}
+ -s & (S)RTP sender - causes app to send words \\
+ -r & (S)RTP receive - causes app to receve words \\
+ -k $<$key$>$ & use SRTP master key $<$key$>$, where the
+ key is a hexadecimal value (without the
+ leading "0x") \\
+ -e & encrypt/decrypt (for data confidentiality)
+ (requires use of -k option as well)\\
+ -a & message authentication
+ (requires use of -k option as well) \\
+ -l & list the avaliable debug modules \\
+ -d $<$debug$>$ & turn on debugging for module $<$debug$>$ \\
+\end{tabular}
+\end{center}
+
+In order to get a random 30-byte value for use as a key/salt pair, you
+can use the \texttt{rand\_gen} utility in the \texttt{test/}
+subdirectory.
+
+An example of an SRTP session using two rtpw programs follows:
+
+\begin{verbatim}
+[sh1] set k=`test/rand_gen -n 30`
+[sh1] echo $k
+c1eec3717da76195bb878578790af71c4ee9f859e197a414a78d5abc7451
+[sh1]$ test/rtpw -s -k $k -ea 0.0.0.0 9999
+Security services: confidentiality message authentication
+set master key/salt to C1EEC3717DA76195BB878578790AF71C/4EE9F859E197A414A78D5ABC7451
+setting SSRC to 2078917053
+sending word: A
+sending word: a
+sending word: aa
+sending word: aal
+sending word: aalii
+sending word: aam
+sending word: Aani
+sending word: aardvark
+...
+
+[sh2] set k=c1eec3717da76195bb878578790af71c4ee9f859e197a414a78d5abc7451
+[sh2]$ test/rtpw -r -k $k -ea 0.0.0.0 9999
+security services: confidentiality message authentication
+set master key/salt to C1EEC3717DA76195BB878578790AF71C/4EE9F859E197A414A78D5ABC7451
+19 octets received from SSRC 2078917053 word: A
+19 octets received from SSRC 2078917053 word: a
+20 octets received from SSRC 2078917053 word: aa
+21 octets received from SSRC 2078917053 word: aal
+...
+\end{verbatim}
+
+
+@endlatexonly
+
+
+@section Review Secure RTP Background
+
+In this section we review SRTP and introduce some terms that are used
+in libSRTP. An RTP session is defined by a pair of destination
+transport addresses, that is, a network address plus a pair of UDP
+ports for RTP and RTCP. RTCP, the RTP control protocol, is used to
+coordinate between the participants in an RTP session, e.g. to provide
+feedback from receivers to senders. An @e SRTP @e session is
+similarly defined; it is just an RTP session for which the SRTP
+profile is being used. An SRTP session consists of the traffic sent
+to the SRTP or SRTCP destination transport addresses. Each
+participant in a session is identified by a synchronization source
+(SSRC) identifier. Some participants may not send any SRTP traffic;
+they are called receivers, even though they send out SRTCP traffic,
+such as receiver reports.
+
+RTP allows multiple sources to send RTP and RTCP traffic during the
+same session. The synchronization source identifier (SSRC) is used to
+distinguish these sources. In libSRTP, we call the SRTP and SRTCP
+traffic from a particular source a @e stream. Each stream has its own
+SSRC, sequence number, rollover counter, and other data. A particular
+choice of options, cryptographic mechanisms, and keys is called a @e
+policy. Each stream within a session can have a distinct policy
+applied to it. A session policy is a collection of stream policies.
+
+A single policy can be used for all of the streams in a given session,
+though the case in which a single @e key is shared across multiple
+streams requires care. When key sharing is used, the SSRC values that
+identify the streams @b must be distinct. This requirement can be
+enforced by using the convention that each SRTP and SRTCP key is used
+for encryption by only a single sender. In other words, the key is
+shared only across streams that originate from a particular device (of
+course, other SRTP participants will need to use the key for
+decryption). libSRTP supports this enforcement by detecting the case
+in which a key is used for both inbound and outbound data.
+
+
+@section Overview libSRTP Overview
+
+libSRTP provides functions for protecting RTP and RTCP. RTP packets
+can be encrypted and authenticated (using the srtp_protect()
+function), turning them into SRTP packets. Similarly, SRTP packets
+can be decrypted and have their authentication verified (using the
+srtp_unprotect() function), turning them into RTP packets. Similar
+functions apply security to RTCP packets.
+
+The typedef srtp_stream_t points to a structure holding all of the
+state associated with an SRTP stream, including the keys and
+parameters for cipher and message authentication functions and the
+anti-replay data. A particular srtp_stream_t holds the information
+needed to protect a particular RTP and RTCP stream. This datatype
+is intentionally opaque in order to better seperate the libSRTP
+API from its implementation.
+
+Within an SRTP session, there can be multiple streams, each
+originating from a particular sender. Each source uses a distinct
+stream context to protect the RTP and RTCP stream that it is
+originating. The typedef srtp_t points to a structure holding all of
+the state associated with an SRTP session. There can be multiple
+stream contexts associated with a single srtp_t. A stream context
+cannot exist indepent from an srtp_t, though of course an srtp_t can
+be created that contains only a single stream context. A device
+participating in an SRTP session must have a stream context for each
+source in that session, so that it can process the data that it
+receives from each sender.
+
+
+In libSRTP, a session is created using the function srtp_create().
+The policy to be implemented in the session is passed into this
+function as an srtp_policy_t structure. A single one of these
+structures describes the policy of a single stream. These structures
+can also be linked together to form an entire session policy. A linked
+list of srtp_policy_t structures is equivalent to a session policy.
+In such a policy, we refer to a single srtp_policy_t as an @e element.
+
+An srtp_policy_t strucutre contains two crypto_policy_t structures
+that describe the cryptograhic policies for RTP and RTCP, as well as
+the SRTP master key and the SSRC value. The SSRC describes what to
+protect (e.g. which stream), and the crypto_policy_t structures
+describe how to protect it. The key is contained in a policy element
+because it simplifies the interface to the library. In many cases, it
+is desirable to use the same cryptographic policies across all of the
+streams in a session, but to use a distinct key for each stream. A
+crypto_policy_t structure can be initialized by using either the
+crypto_policy_set_rtp_default() or crypto_policy_set_rtcp_default()
+functions, which set a crypto policy structure to the default policies
+for RTP and RTCP protection, respectively.
+
+@section Example Example Code
+
+This section provides a simple example of how to use libSRTP. The
+example code lacks error checking, but is functional. Here we assume
+that the value ssrc is already set to describe the SSRC of the stream
+that we are sending, and that the functions get_rtp_packet() and
+send_srtp_packet() are available to us. The former puts an RTP packet
+into the buffer and returns the number of octets written to that
+buffer. The latter sends the RTP packet in the buffer, given the
+length as its second argument.
+
+@verbatim
+ srtp_t session;
+ srtp_policy_t policy;
+ uint8_t key[30];
+
+ // initialize libSRTP
+ srtp_init();
+
+ // set policy to describe a policy for an SRTP stream
+ crypto_policy_set_rtp_default(&policy.rtp);
+ crypto_policy_set_rtcp_default(&policy.rtcp);
+ policy.ssrc = ssrc;
+ policy.key = key;
+ policy.next = NULL;
+
+ // set key to random value
+ crypto_get_random(key, 30);
+
+ // allocate and initialize the SRTP session
+ srtp_create(&session, policy);
+
+ // main loop: get rtp packets, send srtp packets
+ while (1) {
+ char rtp_buffer[2048];
+ unsigned len;
+
+ len = get_rtp_packet(rtp_buffer);
+ srtp_protect(session, rtp_buffer, &len);
+ send_srtp_packet(rtp_buffer, len);
+ }
+@endverbatim
+
+@section ISMAcryp ISMA Encryption Support
+
+The Internet Streaming Media Alliance (ISMA) specifies a way
+to pre-encrypt a media file prior to streaming. This method
+is an alternative to SRTP encryption, which is potentially
+useful when a particular media file will be streamed
+multiple times. The specification is available online
+at http://www.isma.tv/specreq.nsf/SpecRequest.
+
+libSRTP provides the encryption and decryption functions needed for ISMAcryp
+in the library @t libaesicm.a, which is included in the default
+Makefile target. This library is used by the MPEG4IP project; see
+http://mpeg4ip.sourceforge.net/.
+
+Note that ISMAcryp does not provide authentication for
+RTP nor RTCP, nor confidentiality for RTCP.
+ISMAcryp RECOMMENDS the use of SRTP message authentication for ISMAcryp
+streams while using ISMAcryp encryption to protect the media itself.
+
+
+ */
diff --git a/srtp/doc/libsrtp.pdf b/srtp/doc/libsrtp.pdf
new file mode 100644
index 0000000..94ad008
--- /dev/null
+++ b/srtp/doc/libsrtp.pdf
Binary files differ
diff --git a/srtp/doc/references.txt b/srtp/doc/references.txt
new file mode 100644
index 0000000..2ec9d43
--- /dev/null
+++ b/srtp/doc/references.txt
@@ -0,0 +1,21 @@
+SRTP and ICM References
+September, 2005
+
+This document provides references for the various cryptographic
+functions used in libSRTP and libaesicm.
+
+Secure RTP is defined in RFC 3711, which is included in this
+distribution for convenience. The counter mode definition is in
+Section 4.1.1 of the SRTP draft.
+
+SHA-1 is defined in FIPS-180-1, available online at the NIST website.
+
+HMAC is defined in RFC2104, and HMAC-SHA1 test vectors are available
+in RFC2202, which are available online at http://www.ietf.org/rfc/
+
+ICM is defined by draft-irtf-cfrg-icm-00.txt, and its application in
+ISMAcryp (the Internet Streaming Media Alliance 1.0 Encryption and
+Authentication) is defined in that specification. It is available
+from http://www.isma.tv/.
+
+
diff --git a/srtp/doc/rfc3711.txt b/srtp/doc/rfc3711.txt
new file mode 100644
index 0000000..ecc0648
--- /dev/null
+++ b/srtp/doc/rfc3711.txt
@@ -0,0 +1,3139 @@
+
+
+
+
+
+
+Network Working Group M. Baugher
+Request for Comments: 3711 D. McGrew
+Category: Standards Track Cisco Systems, Inc.
+ M. Naslund
+ E. Carrara
+ K. Norrman
+ Ericsson Research
+ March 2004
+
+
+ The Secure Real-time Transport Protocol (SRTP)
+
+Status of this Memo
+
+ This document specifies an Internet standards track protocol for the
+ Internet community, and requests discussion and suggestions for
+ improvements. Please refer to the current edition of the "Internet
+ Official Protocol Standards" (STD 1) for the standardization state
+ and status of this protocol. Distribution of this memo is unlimited.
+
+Copyright Notice
+
+ Copyright (C) The Internet Society (2004). All Rights Reserved.
+
+Abstract
+
+ This document describes the Secure Real-time Transport Protocol
+ (SRTP), a profile of the Real-time Transport Protocol (RTP), which
+ can provide confidentiality, message authentication, and replay
+ protection to the RTP traffic and to the control traffic for RTP, the
+ Real-time Transport Control Protocol (RTCP).
+
+Table of Contents
+
+ 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
+ 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 3
+ 2. Goals and Features . . . . . . . . . . . . . . . . . . . . . . 4
+ 2.1. Features . . . . . . . . . . . . . . . . . . . . . . . . 5
+ 3. SRTP Framework . . . . . . . . . . . . . . . . . . . . . . . . 5
+ 3.1. Secure RTP . . . . . . . . . . . . . . . . . . . . . . . 6
+ 3.2. SRTP Cryptographic Contexts. . . . . . . . . . . . . . . 7
+ 3.2.1. Transform-independent parameters . . . . . . . . 8
+ 3.2.2. Transform-dependent parameters . . . . . . . . . 10
+ 3.2.3. Mapping SRTP Packets to Cryptographic Contexts . 10
+ 3.3. SRTP Packet Processing . . . . . . . . . . . . . . . . . 11
+ 3.3.1. Packet Index Determination, and ROC, s_l Update. 13
+ 3.3.2. Replay Protection. . . . . . . . . . . . . . . . 15
+ 3.4. Secure RTCP . . . . . . . . . . . . . . . . . . . . . . . 15
+
+
+
+Baugher, et al. Standards Track [Page 1]
+
+RFC 3711 SRTP March 2004
+
+
+ 4. Pre-Defined Cryptographic Transforms . . . . . . . . . . . . . 19
+ 4.1. Encryption . . . . . . . . . . . . . . . . . . . . . . . 19
+ 4.1.1. AES in Counter Mode. . . . . . . . . . . . . . . 21
+ 4.1.2. AES in f8-mode . . . . . . . . . . . . . . . . . 22
+ 4.1.3. NULL Cipher. . . . . . . . . . . . . . . . . . . 25
+ 4.2. Message Authentication and Integrity . . . . . . . . . . 25
+ 4.2.1. HMAC-SHA1. . . . . . . . . . . . . . . . . . . . 25
+ 4.3. Key Derivation . . . . . . . . . . . . . . . . . . . . . 26
+ 4.3.1. Key Derivation Algorithm . . . . . . . . . . . . 26
+ 4.3.2. SRTCP Key Derivation . . . . . . . . . . . . . . 28
+ 4.3.3. AES-CM PRF . . . . . . . . . . . . . . . . . . . 28
+ 5. Default and mandatory-to-implement Transforms. . . . . . . . . 28
+ 5.1. Encryption: AES-CM and NULL. . . . . . . . . . . . . . . 29
+ 5.2. Message Authentication/Integrity: HMAC-SHA1. . . . . . . 29
+ 5.3. Key Derivation: AES-CM PRF . . . . . . . . . . . . . . . 29
+ 6. Adding SRTP Transforms . . . . . . . . . . . . . . . . . . . . 29
+ 7. Rationale. . . . . . . . . . . . . . . . . . . . . . . . . . . 30
+ 7.1. Key derivation . . . . . . . . . . . . . . . . . . . . . 30
+ 7.2. Salting key. . . . . . . . . . . . . . . . . . . . . . . 30
+ 7.3. Message Integrity from Universal Hashing . . . . . . . . 31
+ 7.4. Data Origin Authentication Considerations. . . . . . . . 31
+ 7.5. Short and Zero-length Message Authentication . . . . . . 32
+ 8. Key Management Considerations. . . . . . . . . . . . . . . . . 33
+ 8.1. Re-keying . . . . . . . . . . . . . . . . . . . . . . . 34
+ 8.1.1. Use of the <From, To> for re-keying. . . . . . . 34
+ 8.2. Key Management parameters. . . . . . . . . . . . . . . . 35
+ 9. Security Considerations. . . . . . . . . . . . . . . . . . . . 37
+ 9.1. SSRC collision and two-time pad. . . . . . . . . . . . . 37
+ 9.2. Key Usage. . . . . . . . . . . . . . . . . . . . . . . . 38
+ 9.3. Confidentiality of the RTP Payload . . . . . . . . . . . 39
+ 9.4. Confidentiality of the RTP Header. . . . . . . . . . . . 40
+ 9.5. Integrity of the RTP payload and header. . . . . . . . . 40
+ 9.5.1. Risks of Weak or Null Message Authentication. . . 42
+ 9.5.2. Implicit Header Authentication . . . . . . . . . 43
+ 10. Interaction with Forward Error Correction mechanisms. . . . . 43
+ 11. Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . 43
+ 11.1. Unicast. . . . . . . . . . . . . . . . . . . . . . . . . 43
+ 11.2. Multicast (one sender) . . . . . . . . . . . . . . . . . 44
+ 11.3. Re-keying and access control . . . . . . . . . . . . . . 45
+ 11.4. Summary of basic scenarios . . . . . . . . . . . . . . . 46
+ 12. IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 46
+ 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 47
+ 14. References . . . . . . . . . . . . . . . . . . . . . . . . . . 47
+ 14.1. Normative References . . . . . . . . . . . . . . . . . . 47
+ 14.2. Informative References . . . . . . . . . . . . . . . . . 48
+ Appendix A: Pseudocode for Index Determination . . . . . . . . . . 51
+ Appendix B: Test Vectors . . . . . . . . . . . . . . . . . . . . . 51
+ B.1. AES-f8 Test Vectors. . . . . . . . . . . . . . . . . . . 51
+
+
+
+Baugher, et al. Standards Track [Page 2]
+
+RFC 3711 SRTP March 2004
+
+
+ B.2. AES-CM Test Vectors. . . . . . . . . . . . . . . . . . . 52
+ B.3. Key Derivation Test Vectors. . . . . . . . . . . . . . . 53
+ Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 55
+ Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 56
+
+1. Introduction
+
+ This document describes the Secure Real-time Transport Protocol
+ (SRTP), a profile of the Real-time Transport Protocol (RTP), which
+ can provide confidentiality, message authentication, and replay
+ protection to the RTP traffic and to the control traffic for RTP,
+ RTCP (the Real-time Transport Control Protocol) [RFC3350].
+
+ SRTP provides a framework for encryption and message authentication
+ of RTP and RTCP streams (Section 3). SRTP defines a set of default
+ cryptographic transforms (Sections 4 and 5), and it allows new
+ transforms to be introduced in the future (Section 6). With
+ appropriate key management (Sections 7 and 8), SRTP is secure
+ (Sections 9) for unicast and multicast RTP applications (Section 11).
+
+ SRTP can achieve high throughput and low packet expansion. SRTP
+ proves to be a suitable protection for heterogeneous environments
+ (mix of wired and wireless networks). To get such features, default
+ transforms are described, based on an additive stream cipher for
+ encryption, a keyed-hash based function for message authentication,
+ and an "implicit" index for sequencing/synchronization based on the
+ RTP sequence number for SRTP and an index number for Secure RTCP
+ (SRTCP).
+
+1.1. Notational Conventions
+
+ The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+ "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
+ document are to be interpreted as described in [RFC2119]. The
+ terminology conforms to [RFC2828] with the following exception. For
+ simplicity we use the term "random" throughout the document to denote
+ randomly or pseudo-randomly generated values. Large amounts of
+ random bits may be difficult to obtain, and for the security of SRTP,
+ pseudo-randomness is sufficient [RFC1750].
+
+ By convention, the adopted representation is the network byte order,
+ i.e., the left most bit (octet) is the most significant one. By XOR
+ we mean bitwise addition modulo 2 of binary strings, and || denotes
+ concatenation. In other words, if C = A || B, then the most
+ significant bits of C are the bits of A, and the least significant
+ bits of C equal the bits of B. Hexadecimal numbers are prefixed by
+ 0x.
+
+
+
+
+Baugher, et al. Standards Track [Page 3]
+
+RFC 3711 SRTP March 2004
+
+
+ The word "encryption" includes also use of the NULL algorithm (which
+ in practice does leave the data in the clear).
+
+ With slight abuse of notation, we use the terms "message
+ authentication" and "authentication tag" as is common practice, even
+ though in some circumstances, e.g., group communication, the service
+ provided is actually only integrity protection and not data origin
+ authentication.
+
+2. Goals and Features
+
+ The security goals for SRTP are to ensure:
+
+ * the confidentiality of the RTP and RTCP payloads, and
+
+ * the integrity of the entire RTP and RTCP packets, together with
+ protection against replayed packets.
+
+ These security services are optional and independent from each other,
+ except that SRTCP integrity protection is mandatory (malicious or
+ erroneous alteration of RTCP messages could otherwise disrupt the
+ processing of the RTP stream).
+
+ Other, functional, goals for the protocol are:
+
+ * a framework that permits upgrading with new cryptographic
+ transforms,
+
+ * low bandwidth cost, i.e., a framework preserving RTP header
+ compression efficiency,
+
+ and, asserted by the pre-defined transforms:
+
+ * a low computational cost,
+
+ * a small footprint (i.e., small code size and data memory for
+ keying information and replay lists),
+
+ * limited packet expansion to support the bandwidth economy goal,
+
+ * independence from the underlying transport, network, and physical
+ layers used by RTP, in particular high tolerance to packet loss
+ and re-ordering.
+
+ These properties ensure that SRTP is a suitable protection scheme for
+ RTP/RTCP in both wired and wireless scenarios.
+
+
+
+
+
+Baugher, et al. Standards Track [Page 4]
+
+RFC 3711 SRTP March 2004
+
+
+2.1. Features
+
+ Besides the above mentioned direct goals, SRTP provides for some
+ additional features. They have been introduced to lighten the burden
+ on key management and to further increase security. They include:
+
+ * A single "master key" can provide keying material for
+ confidentiality and integrity protection, both for the SRTP stream
+ and the corresponding SRTCP stream. This is achieved with a key
+ derivation function (see Section 4.3), providing "session keys"
+ for the respective security primitive, securely derived from the
+ master key.
+
+ * In addition, the key derivation can be configured to periodically
+ refresh the session keys, which limits the amount of ciphertext
+ produced by a fixed key, available for an adversary to
+ cryptanalyze.
+
+ * "Salting keys" are used to protect against pre-computation and
+ time-memory tradeoff attacks [MF00] [BS00].
+
+ Detailed rationale for these features can be found in Section 7.
+
+3. SRTP Framework
+
+ RTP is the Real-time Transport Protocol [RFC3550]. We define SRTP as
+ a profile of RTP. This profile is an extension to the RTP
+ Audio/Video Profile [RFC3551]. Except where explicitly noted, all
+ aspects of that profile apply, with the addition of the SRTP security
+ features. Conceptually, we consider SRTP to be a "bump in the stack"
+ implementation which resides between the RTP application and the
+ transport layer. SRTP intercepts RTP packets and then forwards an
+ equivalent SRTP packet on the sending side, and intercepts SRTP
+ packets and passes an equivalent RTP packet up the stack on the
+ receiving side.
+
+ Secure RTCP (SRTCP) provides the same security services to RTCP as
+ SRTP does to RTP. SRTCP message authentication is MANDATORY and
+ thereby protects the RTCP fields to keep track of membership, provide
+ feedback to RTP senders, or maintain packet sequence counters. SRTCP
+ is described in Section 3.4.
+
+
+
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 5]
+
+RFC 3711 SRTP March 2004
+
+
+3.1. Secure RTP
+
+ The format of an SRTP packet is illustrated in Figure 1.
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<+
+ |V=2|P|X| CC |M| PT | sequence number | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | timestamp | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | synchronization source (SSRC) identifier | |
+ +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |
+ | contributing source (CSRC) identifiers | |
+ | .... | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | RTP extension (OPTIONAL) | |
+ +>+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | | payload ... | |
+ | | +-------------------------------+ |
+ | | | RTP padding | RTP pad count | |
+ +>+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<+
+ | ~ SRTP MKI (OPTIONAL) ~ |
+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | : authentication tag (RECOMMENDED) : |
+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | |
+ +- Encrypted Portion* Authenticated Portion ---+
+
+ Figure 1. The format of an SRTP packet. *Encrypted Portion is the
+ same size as the plaintext for the Section 4 pre-defined transforms.
+
+ The "Encrypted Portion" of an SRTP packet consists of the encryption
+ of the RTP payload (including RTP padding when present) of the
+ equivalent RTP packet. The Encrypted Portion MAY be the exact size
+ of the plaintext or MAY be larger. Figure 1 shows the RTP payload
+ including any possible padding for RTP [RFC3550].
+
+ None of the pre-defined encryption transforms uses any padding; for
+ these, the RTP and SRTP payload sizes match exactly. New transforms
+ added to SRTP (following Section 6) may require padding, and may
+ hence produce larger payloads. RTP provides its own padding format
+ (as seen in Fig. 1), which due to the padding indicator in the RTP
+ header has merits in terms of compactness relative to paddings using
+ prefix-free codes. This RTP padding SHALL be the default method for
+ transforms requiring padding. Transforms MAY specify other padding
+ methods, and MUST then specify the amount, format, and processing of
+ their padding. It is important to note that encryption transforms
+
+
+
+Baugher, et al. Standards Track [Page 6]
+
+RFC 3711 SRTP March 2004
+
+
+ that use padding are vulnerable to subtle attacks, especially when
+ message authentication is not used [V02]. Each specification for a
+ new encryption transform needs to carefully consider and describe the
+ security implications of the padding that it uses. Message
+ authentication codes define their own padding, so this default does
+ not apply to authentication transforms.
+
+ The OPTIONAL MKI and the RECOMMENDED authentication tag are the only
+ fields defined by SRTP that are not in RTP. Only 8-bit alignment is
+ assumed.
+
+ MKI (Master Key Identifier): configurable length, OPTIONAL. The
+ MKI is defined, signaled, and used by key management. The
+ MKI identifies the master key from which the session
+ key(s) were derived that authenticate and/or encrypt the
+ particular packet. Note that the MKI SHALL NOT identify
+ the SRTP cryptographic context, which is identified
+ according to Section 3.2.3. The MKI MAY be used by key
+ management for the purposes of re-keying, identifying a
+ particular master key within the cryptographic context
+ (Section 3.2.1).
+
+ Authentication tag: configurable length, RECOMMENDED. The
+ authentication tag is used to carry message authentication
+ data. The Authenticated Portion of an SRTP packet
+ consists of the RTP header followed by the Encrypted
+ Portion of the SRTP packet. Thus, if both encryption and
+ authentication are applied, encryption SHALL be applied
+ before authentication on the sender side and conversely on
+ the receiver side. The authentication tag provides
+ authentication of the RTP header and payload, and it
+ indirectly provides replay protection by authenticating
+ the sequence number. Note that the MKI is not integrity
+ protected as this does not provide any extra protection.
+
+3.2. SRTP Cryptographic Contexts
+
+ Each SRTP stream requires the sender and receiver to maintain
+ cryptographic state information. This information is called the
+ "cryptographic context".
+
+ SRTP uses two types of keys: session keys and master keys. By a
+ "session key", we mean a key which is used directly in a
+ cryptographic transform (e.g., encryption or message authentication),
+ and by a "master key", we mean a random bit string (given by the key
+ management protocol) from which session keys are derived in a
+
+
+
+
+
+Baugher, et al. Standards Track [Page 7]
+
+RFC 3711 SRTP March 2004
+
+
+ cryptographically secure way. The master key(s) and other parameters
+ in the cryptographic context are provided by key management
+ mechanisms external to SRTP, see Section 8.
+
+3.2.1. Transform-independent parameters
+
+ Transform-independent parameters are present in the cryptographic
+ context independently of the particular encryption or authentication
+ transforms that are used. The transform-independent parameters of
+ the cryptographic context for SRTP consist of:
+
+ * a 32-bit unsigned rollover counter (ROC), which records how many
+ times the 16-bit RTP sequence number has been reset to zero after
+ passing through 65,535. Unlike the sequence number (SEQ), which
+ SRTP extracts from the RTP packet header, the ROC is maintained by
+ SRTP as described in Section 3.3.1.
+
+ We define the index of the SRTP packet corresponding to a given
+ ROC and RTP sequence number to be the 48-bit quantity
+
+ i = 2^16 * ROC + SEQ.
+
+ * for the receiver only, a 16-bit sequence number s_l, which can be
+ thought of as the highest received RTP sequence number (see
+ Section 3.3.1 for its handling), which SHOULD be authenticated
+ since message authentication is RECOMMENDED,
+
+ * an identifier for the encryption algorithm, i.e., the cipher and
+ its mode of operation,
+
+ * an identifier for the message authentication algorithm,
+
+ * a replay list, maintained by the receiver only (when
+ authentication and replay protection are provided), containing
+ indices of recently received and authenticated SRTP packets,
+
+ * an MKI indicator (0/1) as to whether an MKI is present in SRTP and
+ SRTCP packets,
+
+ * if the MKI indicator is set to one, the length (in octets) of the
+ MKI field, and (for the sender) the actual value of the currently
+ active MKI (the value of the MKI indicator and length MUST be kept
+ fixed for the lifetime of the context),
+
+ * the master key(s), which MUST be random and kept secret,
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 8]
+
+RFC 3711 SRTP March 2004
+
+
+ * for each master key, there is a counter of the number of SRTP
+ packets that have been processed (sent) with that master key
+ (essential for security, see Sections 3.3.1 and 9),
+
+ * non-negative integers n_e, and n_a, determining the length of the
+ session keys for encryption, and message authentication.
+
+ In addition, for each master key, an SRTP stream MAY use the
+ following associated values:
+
+ * a master salt, to be used in the key derivation of session keys.
+ This value, when used, MUST be random, but MAY be public. Use of
+ master salt is strongly RECOMMENDED, see Section 9.2. A "NULL"
+ salt is treated as 00...0.
+
+ * an integer in the set {1,2,4,...,2^24}, the "key_derivation_rate",
+ where an unspecified value is treated as zero. The constraint to
+ be a power of 2 simplifies the session-key derivation
+ implementation, see Section 4.3.
+
+ * an MKI value,
+
+ * <From, To> values, specifying the lifetime for a master key,
+ expressed in terms of the two 48-bit index values inside whose
+ range (including the range end-points) the master key is valid.
+ For the use of <From, To>, see Section 8.1.1. <From, To> is an
+ alternative to the MKI and assumes that a master key is in one-
+ to-one correspondence with the SRTP session key on which the
+ <From, To> range is defined.
+
+ SRTCP SHALL by default share the crypto context with SRTP, except:
+
+ * no rollover counter and s_l-value need to be maintained as the
+ RTCP index is explicitly carried in each SRTCP packet,
+
+ * a separate replay list is maintained (when replay protection is
+ provided),
+
+ * SRTCP maintains a separate counter for its master key (even if the
+ master key is the same as that for SRTP, see below), as a means to
+ maintain a count of the number of SRTCP packets that have been
+ processed with that key.
+
+ Note in particular that the master key(s) MAY be shared between SRTP
+ and the corresponding SRTCP, if the pre-defined transforms (including
+ the key derivation) are used but the session key(s) MUST NOT be so
+ shared.
+
+
+
+
+Baugher, et al. Standards Track [Page 9]
+
+RFC 3711 SRTP March 2004
+
+
+ In addition, there can be cases (see Sections 8 and 9.1) where
+ several SRTP streams within a given RTP session, identified by their
+ synchronization source (SSRCs, which is part of the RTP header),
+ share most of the crypto context parameters (including possibly
+ master and session keys). In such cases, just as in the normal
+ SRTP/SRTCP parameter sharing above, separate replay lists and packet
+ counters for each stream (SSRC) MUST still be maintained. Also,
+ separate SRTP indices MUST then be maintained.
+
+ A summary of parameters, pre-defined transforms, and default values
+ for the above parameters (and other SRTP parameters) can be found in
+ Sections 5 and 8.2.
+
+3.2.2. Transform-dependent parameters
+
+ All encryption, authentication/integrity, and key derivation
+ parameters are defined in the transforms section (Section 4).
+ Typical examples of such parameters are block size of ciphers,
+ session keys, data for the Initialization Vector (IV) formation, etc.
+ Future SRTP transform specifications MUST include a section to list
+ the additional cryptographic context's parameters for that transform,
+ if any.
+
+3.2.3. Mapping SRTP Packets to Cryptographic Contexts
+
+ Recall that an RTP session for each participant is defined [RFC3550]
+ by a pair of destination transport addresses (one network address
+ plus a port pair for RTP and RTCP), and that a multimedia session is
+ defined as a collection of RTP sessions. For example, a particular
+ multimedia session could include an audio RTP session, a video RTP
+ session, and a text RTP session.
+
+ A cryptographic context SHALL be uniquely identified by the triplet
+ context identifier:
+
+ context id = <SSRC, destination network address, destination
+ transport port number>
+
+ where the destination network address and the destination transport
+ port are the ones in the SRTP packet. It is assumed that, when
+ presented with this information, the key management returns a context
+ with the information as described in Section 3.2.
+
+ As noted above, SRTP and SRTCP by default share the bulk of the
+ parameters in the cryptographic context. Thus, retrieving the crypto
+ context parameters for an SRTCP stream in practice may imply a
+ binding to the correspondent SRTP crypto context. It is up to the
+ implementation to assure such binding, since the RTCP port may not be
+
+
+
+Baugher, et al. Standards Track [Page 10]
+
+RFC 3711 SRTP March 2004
+
+
+ directly deducible from the RTP port only. Alternatively, the key
+ management may choose to provide separate SRTP- and SRTCP- contexts,
+ duplicating the common parameters (such as master key(s)). The
+ latter approach then also enables SRTP and SRTCP to use, e.g.,
+ distinct transforms, if so desired. Similar considerations arise
+ when multiple SRTP streams, forming part of one single RTP session,
+ share keys and other parameters.
+
+ If no valid context can be found for a packet corresponding to a
+ certain context identifier, that packet MUST be discarded.
+
+3.3. SRTP Packet Processing
+
+ The following applies to SRTP. SRTCP is described in Section 3.4.
+
+ Assuming initialization of the cryptographic context(s) has taken
+ place via key management, the sender SHALL do the following to
+ construct an SRTP packet:
+
+ 1. Determine which cryptographic context to use as described in
+ Section 3.2.3.
+
+ 2. Determine the index of the SRTP packet using the rollover counter,
+ the highest sequence number in the cryptographic context, and the
+ sequence number in the RTP packet, as described in Section 3.3.1.
+
+ 3. Determine the master key and master salt. This is done using the
+ index determined in the previous step or the current MKI in the
+ cryptographic context, according to Section 8.1.
+
+ 4. Determine the session keys and session salt (if they are used by
+ the transform) as described in Section 4.3, using master key,
+ master salt, key_derivation_rate, and session key-lengths in the
+ cryptographic context with the index, determined in Steps 2 and 3.
+
+ 5. Encrypt the RTP payload to produce the Encrypted Portion of the
+ packet (see Section 4.1, for the defined ciphers). This step uses
+ the encryption algorithm indicated in the cryptographic context,
+ the session encryption key and the session salt (if used) found in
+ Step 4 together with the index found in Step 2.
+
+ 6. If the MKI indicator is set to one, append the MKI to the packet.
+
+ 7. For message authentication, compute the authentication tag for the
+ Authenticated Portion of the packet, as described in Section 4.2.
+ This step uses the current rollover counter, the authentication
+
+
+
+
+
+Baugher, et al. Standards Track [Page 11]
+
+RFC 3711 SRTP March 2004
+
+
+ algorithm indicated in the cryptographic context, and the session
+ authentication key found in Step 4. Append the authentication tag
+ to the packet.
+
+ 8. If necessary, update the ROC as in Section 3.3.1, using the packet
+ index determined in Step 2.
+
+ To authenticate and decrypt an SRTP packet, the receiver SHALL do the
+ following:
+
+ 1. Determine which cryptographic context to use as described in
+ Section 3.2.3.
+
+ 2. Run the algorithm in Section 3.3.1 to get the index of the SRTP
+ packet. The algorithm uses the rollover counter and highest
+ sequence number in the cryptographic context with the sequence
+ number in the SRTP packet, as described in Section 3.3.1.
+
+ 3. Determine the master key and master salt. If the MKI indicator in
+ the context is set to one, use the MKI in the SRTP packet,
+ otherwise use the index from the previous step, according to
+ Section 8.1.
+
+ 4. Determine the session keys, and session salt (if used by the
+ transform) as described in Section 4.3, using master key, master
+ salt, key_derivation_rate and session key-lengths in the
+ cryptographic context with the index, determined in Steps 2 and 3.
+
+ 5. For message authentication and replay protection, first check if
+ the packet has been replayed (Section 3.3.2), using the Replay
+ List and the index as determined in Step 2. If the packet is
+ judged to be replayed, then the packet MUST be discarded, and the
+ event SHOULD be logged.
+
+ Next, perform verification of the authentication tag, using the
+ rollover counter from Step 2, the authentication algorithm
+ indicated in the cryptographic context, and the session
+ authentication key from Step 4. If the result is "AUTHENTICATION
+ FAILURE" (see Section 4.2), the packet MUST be discarded from
+ further processing and the event SHOULD be logged.
+
+ 6. Decrypt the Encrypted Portion of the packet (see Section 4.1, for
+ the defined ciphers), using the decryption algorithm indicated in
+ the cryptographic context, the session encryption key and salt (if
+ used) found in Step 4 with the index from Step 2.
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 12]
+
+RFC 3711 SRTP March 2004
+
+
+ 7. Update the rollover counter and highest sequence number, s_l, in
+ the cryptographic context as in Section 3.3.1, using the packet
+ index estimated in Step 2. If replay protection is provided, also
+ update the Replay List as described in Section 3.3.2.
+
+ 8. When present, remove the MKI and authentication tag fields from
+ the packet.
+
+3.3.1. Packet Index Determination, and ROC, s_l Update
+
+ SRTP implementations use an "implicit" packet index for sequencing,
+ i.e., not all of the index is explicitly carried in the SRTP packet.
+ For the pre-defined transforms, the index i is used in replay
+ protection (Section 3.3.2), encryption (Section 4.1), message
+ authentication (Section 4.2), and for the key derivation (Section
+ 4.3).
+
+ When the session starts, the sender side MUST set the rollover
+ counter, ROC, to zero. Each time the RTP sequence number, SEQ, wraps
+ modulo 2^16, the sender side MUST increment ROC by one, modulo 2^32
+ (see security aspects below). The sender's packet index is then
+ defined as
+
+ i = 2^16 * ROC + SEQ.
+
+ Receiver-side implementations use the RTP sequence number to
+ determine the correct index of a packet, which is the location of the
+ packet in the sequence of all SRTP packets. A robust approach for
+ the proper use of a rollover counter requires its handling and use to
+ be well defined. In particular, out-of-order RTP packets with
+ sequence numbers close to 2^16 or zero must be properly handled.
+
+ The index estimate is based on the receiver's locally maintained ROC
+ and s_l values. At the setup of the session, the ROC MUST be set to
+ zero. Receivers joining an on-going session MUST be given the
+ current ROC value using out-of-band signaling such as key-management
+ signaling. Furthermore, the receiver SHALL initialize s_l to the RTP
+ sequence number (SEQ) of the first observed SRTP packet (unless the
+ initial value is provided by out of band signaling such as key
+ management).
+
+ On consecutive SRTP packets, the receiver SHOULD estimate the index
+ as
+ i = 2^16 * v + SEQ,
+
+ where v is chosen from the set { ROC-1, ROC, ROC+1 } (modulo 2^32)
+ such that i is closest (in modulo 2^48 sense) to the value 2^16 * ROC
+ + s_l (see Appendix A for pseudocode).
+
+
+
+Baugher, et al. Standards Track [Page 13]
+
+RFC 3711 SRTP March 2004
+
+
+ After the packet has been processed and authenticated (when enabled
+ for SRTP packets for the session), the receiver MUST use v to
+ conditionally update its s_l and ROC variables as follows. If
+ v=(ROC-1) mod 2^32, then there is no update to s_l or ROC. If v=ROC,
+ then s_l is set to SEQ if and only if SEQ is larger than the current
+ s_l; there is no change to ROC. If v=(ROC+1) mod 2^32, then s_l is
+ set to SEQ and ROC is set to v.
+
+ After a re-keying occurs (changing to a new master key), the rollover
+ counter always maintains its sequence of values, i.e., it MUST NOT be
+ reset to zero.
+
+ As the rollover counter is 32 bits long and the sequence number is 16
+ bits long, the maximum number of packets belonging to a given SRTP
+ stream that can be secured with the same key is 2^48 using the pre-
+ defined transforms. After that number of SRTP packets have been sent
+ with a given (master or session) key, the sender MUST NOT send any
+ more packets with that key. (There exists a similar limit for SRTCP,
+ which in practice may be more restrictive, see Section 9.2.) This
+ limitation enforces a security benefit by providing an upper bound on
+ the amount of traffic that can pass before cryptographic keys are
+ changed. Re-keying (see Section 8.1) MUST be triggered, before this
+ amount of traffic, and MAY be triggered earlier, e.g., for increased
+ security and access control to media. Recurring key derivation by
+ means of a non-zero key_derivation_rate (see Section 4.3), also gives
+ stronger security but does not change the above absolute maximum
+ value.
+
+ On the receiver side, there is a caveat to updating s_l and ROC: if
+ message authentication is not present, neither the initialization of
+ s_l, nor the ROC update can be made completely robust. The
+ receiver's "implicit index" approach works for the pre-defined
+ transforms as long as the reorder and loss of the packets are not too
+ great and bit-errors do not occur in unfortunate ways. In
+ particular, 2^15 packets would need to be lost, or a packet would
+ need to be 2^15 packets out of sequence before synchronization is
+ lost. Such drastic loss or reorder is likely to disrupt the RTP
+ application itself.
+
+ The algorithm for the index estimate and ROC update is a matter of
+ implementation, and should take into consideration the environment
+ (e.g., packet loss rate) and the cases when synchronization is likely
+ to be lost, e.g., when the initial sequence number (randomly chosen
+ by RTP) is not known in advance (not sent in the key management
+ protocol) but may be near to wrap modulo 2^16.
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 14]
+
+RFC 3711 SRTP March 2004
+
+
+ A more elaborate and more robust scheme than the one given above is
+ the handling of RTP's own "rollover counter", see Appendix A.1 of
+ [RFC3550].
+
+3.3.2. Replay Protection
+
+ Secure replay protection is only possible when integrity protection
+ is present. It is RECOMMENDED to use replay protection, both for RTP
+ and RTCP, as integrity protection alone cannot assure security
+ against replay attacks.
+
+ A packet is "replayed" when it is stored by an adversary, and then
+ re-injected into the network. When message authentication is
+ provided, SRTP protects against such attacks through a Replay List.
+ Each SRTP receiver maintains a Replay List, which conceptually
+ contains the indices of all of the packets which have been received
+ and authenticated. In practice, the list can use a "sliding window"
+ approach, so that a fixed amount of storage suffices for replay
+ protection. Packet indices which lag behind the packet index in the
+ context by more than SRTP-WINDOW-SIZE can be assumed to have been
+ received, where SRTP-WINDOW-SIZE is a receiver-side, implementation-
+ dependent parameter and MUST be at least 64, but which MAY be set to
+ a higher value.
+
+ The receiver checks the index of an incoming packet against the
+ replay list and the window. Only packets with index ahead of the
+ window, or, inside the window but not already received, SHALL be
+ accepted.
+
+ After the packet has been authenticated (if necessary the window is
+ first moved ahead), the replay list SHALL be updated with the new
+ index.
+
+ The Replay List can be efficiently implemented by using a bitmap to
+ represent which packets have been received, as described in the
+ Security Architecture for IP [RFC2401].
+
+3.4. Secure RTCP
+
+ Secure RTCP follows the definition of Secure RTP. SRTCP adds three
+ mandatory new fields (the SRTCP index, an "encrypt-flag", and the
+ authentication tag) and one optional field (the MKI) to the RTCP
+ packet definition. The three mandatory fields MUST be appended to an
+ RTCP packet in order to form an equivalent SRTCP packet. The added
+ fields follow any other profile-specific extensions.
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 15]
+
+RFC 3711 SRTP March 2004
+
+
+ According to Section 6.1 of [RFC3550], there is a REQUIRED packet
+ format for compound packets. SRTCP MUST be given packets according
+ to that requirement in the sense that the first part MUST be a sender
+ report or a receiver report. However, the RTCP encryption prefix (a
+ random 32-bit quantity) specified in that Section MUST NOT be used
+ since, as is stated there, it is only applicable to the encryption
+ method specified in [RFC3550] and is not needed by the cryptographic
+ mechanisms used in SRTP.
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<+
+ |V=2|P| RC | PT=SR or RR | length | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | SSRC of sender | |
+ +>+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |
+ | ~ sender info ~ |
+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | ~ report block 1 ~ |
+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | ~ report block 2 ~ |
+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | ~ ... ~ |
+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | |V=2|P| SC | PT=SDES=202 | length | |
+ | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |
+ | | SSRC/CSRC_1 | |
+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | ~ SDES items ~ |
+ | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |
+ | ~ ... ~ |
+ +>+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |
+ | |E| SRTCP index | |
+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<+
+ | ~ SRTCP MKI (OPTIONAL) ~ |
+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | : authentication tag : |
+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | |
+ +-- Encrypted Portion Authenticated Portion -----+
+
+
+ Figure 2. An example of the format of a Secure RTCP packet,
+ consisting of an underlying RTCP compound packet with a Sender Report
+ and SDES packet.
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 16]
+
+RFC 3711 SRTP March 2004
+
+
+ The Encrypted Portion of an SRTCP packet consists of the encryption
+ (Section 4.1) of the RTCP payload of the equivalent compound RTCP
+ packet, from the first RTCP packet, i.e., from the ninth (9) octet to
+ the end of the compound packet. The Authenticated Portion of an
+ SRTCP packet consists of the entire equivalent (eventually compound)
+ RTCP packet, the E flag, and the SRTCP index (after any encryption
+ has been applied to the payload).
+
+ The added fields are:
+
+ E-flag: 1 bit, REQUIRED
+ The E-flag indicates if the current SRTCP packet is
+ encrypted or unencrypted. Section 9.1 of [RFC3550] allows
+ the split of a compound RTCP packet into two lower-layer
+ packets, one to be encrypted and one to be sent in the
+ clear. The E bit set to "1" indicates encrypted packet, and
+ "0" indicates non-encrypted packet.
+
+ SRTCP index: 31 bits, REQUIRED
+ The SRTCP index is a 31-bit counter for the SRTCP packet.
+ The index is explicitly included in each packet, in contrast
+ to the "implicit" index approach used for SRTP. The SRTCP
+ index MUST be set to zero before the first SRTCP packet is
+ sent, and MUST be incremented by one, modulo 2^31, after
+ each SRTCP packet is sent. In particular, after a re-key,
+ the SRTCP index MUST NOT be reset to zero again.
+
+ Authentication Tag: configurable length, REQUIRED
+ The authentication tag is used to carry message
+ authentication data.
+
+ MKI: configurable length, OPTIONAL
+ The MKI is the Master Key Indicator, and functions according
+ to the MKI definition in Section 3.
+
+ SRTCP uses the cryptographic context parameters and packet processing
+ of SRTP by default, with the following changes:
+
+ * The receiver does not need to "estimate" the index, as it is
+ explicitly signaled in the packet.
+
+ * Pre-defined SRTCP encryption is as specified in Section 4.1, but
+ using the definition of the SRTCP Encrypted Portion given in this
+ section, and using the SRTCP index as the index i. The encryption
+ transform and related parameters SHALL by default be the same
+ selected for the protection of the associated SRTP stream(s),
+ while the NULL algorithm SHALL be applied to the RTCP packets not
+ to be encrypted. SRTCP may have a different encryption transform
+
+
+
+Baugher, et al. Standards Track [Page 17]
+
+RFC 3711 SRTP March 2004
+
+
+ than the one used by the corresponding SRTP. The expected use for
+ this feature is when the former has NULL-encryption and the latter
+ has a non NULL-encryption.
+
+ The E-flag is assigned a value by the sender depending on whether the
+ packet was encrypted or not.
+
+ * SRTCP decryption is performed as in Section 4, but only if the E
+ flag is equal to 1. If so, the Encrypted Portion is decrypted,
+ using the SRTCP index as the index i. In case the E-flag is 0,
+ the payload is simply left unmodified.
+
+ * SRTCP replay protection is as defined in Section 3.3.2, but using
+ the SRTCP index as the index i and a separate Replay List that is
+ specific to SRTCP.
+
+ * The pre-defined SRTCP authentication tag is specified as in
+ Section 4.2, but with the Authenticated Portion of the SRTCP
+ packet given in this section (which includes the index). The
+ authentication transform and related parameters (e.g., key size)
+ SHALL by default be the same as selected for the protection of the
+ associated SRTP stream(s).
+
+ * In the last step of the processing, only the sender needs to
+ update the value of the SRTCP index by incrementing it modulo 2^31
+ and for security reasons the sender MUST also check the number of
+ SRTCP packets processed, see Section 9.2.
+
+ Message authentication for RTCP is REQUIRED, as it is the control
+ protocol (e.g., it has a BYE packet) for RTP.
+
+ Precautions must be taken so that the packet expansion in SRTCP (due
+ to the added fields) does not cause SRTCP messages to use more than
+ their share of RTCP bandwidth. To avoid this, the following two
+ measures MUST be taken:
+
+ 1. When initializing the RTCP variable "avg_rtcp_size" defined in
+ chapter 6.3 of [RFC3550], it MUST include the size of the fields
+ that will be added by SRTCP (index, E-bit, authentication tag, and
+ when present, the MKI).
+
+ 2. When updating the "avg_rtcp_size" using the variable "packet_size"
+ (section 6.3.3 of [RFC3550]), the value of "packet_size" MUST
+ include the size of the additional fields added by SRTCP.
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 18]
+
+RFC 3711 SRTP March 2004
+
+
+ With these measures in place the SRTCP messages will not use more
+ than the allotted bandwidth. The effect of the size of the added
+ fields on the SRTCP traffic will be that messages will be sent with
+ longer packet intervals. The increase in the intervals will be
+ directly proportional to size of the added fields. For the pre-
+ defined transforms, the size of the added fields will be at least 14
+ octets, and upper bounded depending on MKI and the authentication tag
+ sizes.
+
+4. Pre-Defined Cryptographic Transforms
+
+ While there are numerous encryption and message authentication
+ algorithms that can be used in SRTP, below we define default
+ algorithms in order to avoid the complexity of specifying the
+ encodings for the signaling of algorithm and parameter identifiers.
+ The defined algorithms have been chosen as they fulfill the goals
+ listed in Section 2. Recommendations on how to extend SRTP with new
+ transforms are given in Section 6.
+
+4.1. Encryption
+
+ The following parameters are common to both pre-defined, non-NULL,
+ encryption transforms specified in this section.
+
+ * BLOCK_CIPHER-MODE indicates the block cipher used and its mode of
+ operation
+ * n_b is the bit-size of the block for the block cipher
+ * k_e is the session encryption key
+ * n_e is the bit-length of k_e
+ * k_s is the session salting key
+ * n_s is the bit-length of k_s
+ * SRTP_PREFIX_LENGTH is the octet length of the keystream prefix, a
+ non-negative integer, specified by the message authentication code
+ in use.
+
+ The distinct session keys and salts for SRTP/SRTCP are by default
+ derived as specified in Section 4.3.
+
+ The encryption transforms defined in SRTP map the SRTP packet index
+ and secret key into a pseudo-random keystream segment. Each
+ keystream segment encrypts a single RTP packet. The process of
+ encrypting a packet consists of generating the keystream segment
+ corresponding to the packet, and then bitwise exclusive-oring that
+ keystream segment onto the payload of the RTP packet to produce the
+ Encrypted Portion of the SRTP packet. In case the payload size is
+ not an integer multiple of n_b bits, the excess (least significant)
+ bits of the keystream are simply discarded. Decryption is done the
+ same way, but swapping the roles of the plaintext and ciphertext.
+
+
+
+Baugher, et al. Standards Track [Page 19]
+
+RFC 3711 SRTP March 2004
+
+
+ +----+ +------------------+---------------------------------+
+ | KG |-->| Keystream Prefix | Keystream Suffix |---+
+ +----+ +------------------+---------------------------------+ |
+ |
+ +---------------------------------+ v
+ | Payload of RTP Packet |->(*)
+ +---------------------------------+ |
+ |
+ +---------------------------------+ |
+ | Encrypted Portion of SRTP Packet|<--+
+ +---------------------------------+
+
+ Figure 3: Default SRTP Encryption Processing. Here KG denotes the
+ keystream generator, and (*) denotes bitwise exclusive-or.
+
+ The definition of how the keystream is generated, given the index,
+ depends on the cipher and its mode of operation. Below, two such
+ keystream generators are defined. The NULL cipher is also defined,
+ to be used when encryption of RTP is not required.
+
+ The SRTP definition of the keystream is illustrated in Figure 3. The
+ initial octets of each keystream segment MAY be reserved for use in a
+ message authentication code, in which case the keystream used for
+ encryption starts immediately after the last reserved octet. The
+ initial reserved octets are called the "keystream prefix" (not to be
+ confused with the "encryption prefix" of [RFC3550, Section 6.1]), and
+ the remaining octets are called the "keystream suffix". The
+ keystream prefix MUST NOT be used for encryption. The process is
+ illustrated in Figure 3.
+
+ The number of octets in the keystream prefix is denoted as
+ SRTP_PREFIX_LENGTH. The keystream prefix is indicated by a positive,
+ non-zero value of SRTP_PREFIX_LENGTH. This means that, even if
+ confidentiality is not to be provided, the keystream generator output
+ may still need to be computed for packet authentication, in which
+ case the default keystream generator (mode) SHALL be used.
+
+ The default cipher is the Advanced Encryption Standard (AES) [AES],
+ and we define two modes of running AES, (1) Segmented Integer Counter
+ Mode AES and (2) AES in f8-mode. In the remainder of this section,
+ let E(k,x) be AES applied to key k and input block x.
+
+
+
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 20]
+
+RFC 3711 SRTP March 2004
+
+
+4.1.1. AES in Counter Mode
+
+ Conceptually, counter mode [AES-CTR] consists of encrypting
+ successive integers. The actual definition is somewhat more
+ complicated, in order to randomize the starting point of the integer
+ sequence. Each packet is encrypted with a distinct keystream
+ segment, which SHALL be computed as follows.
+
+ A keystream segment SHALL be the concatenation of the 128-bit output
+ blocks of the AES cipher in the encrypt direction, using key k = k_e,
+ in which the block indices are in increasing order. Symbolically,
+ each keystream segment looks like
+
+ E(k, IV) || E(k, IV + 1 mod 2^128) || E(k, IV + 2 mod 2^128) ...
+
+ where the 128-bit integer value IV SHALL be defined by the SSRC, the
+ SRTP packet index i, and the SRTP session salting key k_s, as below.
+
+ IV = (k_s * 2^16) XOR (SSRC * 2^64) XOR (i * 2^16)
+
+ Each of the three terms in the XOR-sum above is padded with as many
+ leading zeros as needed to make the operation well-defined,
+ considered as a 128-bit value.
+
+ The inclusion of the SSRC allows the use of the same key to protect
+ distinct SRTP streams within the same RTP session, see the security
+ caveats in Section 9.1.
+
+ In the case of SRTCP, the SSRC of the first header of the compound
+ packet MUST be used, i SHALL be the 31-bit SRTCP index and k_e, k_s
+ SHALL be replaced by the SRTCP encryption session key and salt.
+
+ Note that the initial value, IV, is fixed for each packet and is
+ formed by "reserving" 16 zeros in the least significant bits for the
+ purpose of the counter. The number of blocks of keystream generated
+ for any fixed value of IV MUST NOT exceed 2^16 to avoid keystream
+ re-use, see below. The AES has a block size of 128 bits, so 2^16
+ output blocks are sufficient to generate the 2^23 bits of keystream
+ needed to encrypt the largest possible RTP packet (except for IPv6
+ "jumbograms" [RFC2675], which are not likely to be used for RTP-based
+ multimedia traffic). This restriction on the maximum bit-size of the
+ packet that can be encrypted ensures the security of the encryption
+ method by limiting the effectiveness of probabilistic attacks [BDJR].
+
+ For a particular Counter Mode key, each IV value used as an input
+ MUST be distinct, in order to avoid the security exposure of a two-
+ time pad situation (Section 9.1). To satisfy this constraint, an
+ implementation MUST ensure that the combination of the SRTP packet
+
+
+
+Baugher, et al. Standards Track [Page 21]
+
+RFC 3711 SRTP March 2004
+
+
+ index of ROC || SEQ, and the SSRC used in the construction of the IV
+ are distinct for any particular key. The failure to ensure this
+ uniqueness could be catastrophic for Secure RTP. This is in contrast
+ to the situation for RTP itself, which may be able to tolerate such
+ failures. It is RECOMMENDED that, if a dedicated security module is
+ present, the RTP sequence numbers and SSRC either be generated or
+ checked by that module (i.e., sequence-number and SSRC processing in
+ an SRTP system needs to be protected as well as the key).
+
+4.1.2. AES in f8-mode
+
+ To encrypt UMTS (Universal Mobile Telecommunications System, as 3G
+ networks) data, a solution (see [f8-a] [f8-b]) known as the f8-
+ algorithm has been developed. On a high level, the proposed scheme
+ is a variant of Output Feedback Mode (OFB) [HAC], with a more
+ elaborate initialization and feedback function. As in normal OFB,
+ the core consists of a block cipher. We also define here the use of
+ AES as a block cipher to be used in what we shall call "f8-mode of
+ operation" RTP encryption. The AES f8-mode SHALL use the same
+ default sizes for session key and salt as AES counter mode.
+
+ Figure 4 shows the structure of block cipher, E, running in f8-mode.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 22]
+
+RFC 3711 SRTP March 2004
+
+
+ IV
+ |
+ v
+ +------+
+ | |
+ +--->| E |
+ | +------+
+ | |
+ m -> (*) +-----------+-------------+-- ... ------+
+ | IV' | | | |
+ | | j=1 -> (*) j=2 -> (*) ... j=L-1 ->(*)
+ | | | | |
+ | | +-> (*) +-> (*) ... +-> (*)
+ | | | | | | | |
+ | v | v | v | v
+ | +------+ | +------+ | +------+ | +------+
+ k_e ---+--->| E | | | E | | | E | | | E |
+ | | | | | | | | | | |
+ +------+ | +------+ | +------+ | +------+
+ | | | | | | |
+ +------+ +--------+ +-- ... ----+ |
+ | | | |
+ v v v v
+ S(0) S(1) S(2) . . . S(L-1)
+
+ Figure 4. f8-mode of operation (asterisk, (*), denotes bitwise XOR).
+ The figure represents the KG in Figure 3, when AES-f8 is used.
+
+4.1.2.1. f8 Keystream Generation
+
+ The Initialization Vector (IV) SHALL be determined as described in
+ Section 4.1.2.2 (and in Section 4.1.2.3 for SRTCP).
+
+ Let IV', S(j), and m denote n_b-bit blocks. The keystream,
+ S(0) ||... || S(L-1), for an N-bit message SHALL be defined by
+ setting IV' = E(k_e XOR m, IV), and S(-1) = 00..0. For
+ j = 0,1,..,L-1 where L = N/n_b (rounded up to nearest integer if it
+ is not already an integer) compute
+
+ S(j) = E(k_e, IV' XOR j XOR S(j-1))
+
+ Notice that the IV is not used directly. Instead it is fed through E
+ under another key to produce an internal, "masked" value (denoted
+ IV') to prevent an attacker from gaining known input/output pairs.
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 23]
+
+RFC 3711 SRTP March 2004
+
+
+ The role of the internal counter, j, is to prevent short keystream
+ cycles. The value of the key mask m SHALL be
+
+ m = k_s || 0x555..5,
+
+ i.e., the session salting key, appended by the binary pattern 0101..
+ to fill out the entire desired key size, n_e.
+
+ The sender SHOULD NOT generate more than 2^32 blocks, which is
+ sufficient to generate 2^39 bits of keystream. Unlike counter mode,
+ there is no absolute threshold above (below) which f8 is guaranteed
+ to be insecure (secure). The above bound has been chosen to limit,
+ with sufficient security margin, the probability of degenerative
+ behavior in the f8 keystream generation.
+
+4.1.2.2. f8 SRTP IV Formation
+
+ The purpose of the following IV formation is to provide a feature
+ which we call implicit header authentication (IHA), see Section 9.5.
+
+ The SRTP IV for 128-bit block AES-f8 SHALL be formed in the following
+ way:
+
+ IV = 0x00 || M || PT || SEQ || TS || SSRC || ROC
+
+ M, PT, SEQ, TS, SSRC SHALL be taken from the RTP header; ROC is from
+ the cryptographic context.
+
+ The presence of the SSRC as part of the IV allows AES-f8 to be used
+ when a master key is shared between multiple streams within the same
+ RTP session, see Section 9.1.
+
+4.1.2.3. f8 SRTCP IV Formation
+
+ The SRTCP IV for 128-bit block AES-f8 SHALL be formed in the
+ following way:
+
+ IV= 0..0 || E || SRTCP index || V || P || RC || PT || length || SSRC
+
+ where V, P, RC, PT, length, SSRC SHALL be taken from the first header
+ in the RTCP compound packet. E and SRTCP index are the 1-bit and
+ 31-bit fields added to the packet.
+
+
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 24]
+
+RFC 3711 SRTP March 2004
+
+
+4.1.3. NULL Cipher
+
+ The NULL cipher is used when no confidentiality for RTP/RTCP is
+ requested. The keystream can be thought of as "000..0", i.e., the
+ encryption SHALL simply copy the plaintext input into the ciphertext
+ output.
+
+4.2. Message Authentication and Integrity
+
+ Throughout this section, M will denote data to be integrity
+ protected. In the case of SRTP, M SHALL consist of the Authenticated
+ Portion of the packet (as specified in Figure 1) concatenated with
+ the ROC, M = Authenticated Portion || ROC; in the case of SRTCP, M
+ SHALL consist of the Authenticated Portion (as specified in Figure 2)
+ only.
+
+ Common parameters:
+
+ * AUTH_ALG is the authentication algorithm
+ * k_a is the session message authentication key
+ * n_a is the bit-length of the authentication key
+ * n_tag is the bit-length of the output authentication tag
+ * SRTP_PREFIX_LENGTH is the octet length of the keystream prefix as
+ defined above, a parameter of AUTH_ALG
+
+ The distinct session authentication keys for SRTP/SRTCP are by
+ default derived as specified in Section 4.3.
+
+ The values of n_a, n_tag, and SRTP_PREFIX_LENGTH MUST be fixed for
+ any particular fixed value of the key.
+
+ We describe the process of computing authentication tags as follows.
+ The sender computes the tag of M and appends it to the packet. The
+ SRTP receiver verifies a message/authentication tag pair by computing
+ a new authentication tag over M using the selected algorithm and key,
+ and then compares it to the tag associated with the received message.
+ If the two tags are equal, then the message/tag pair is valid;
+ otherwise, it is invalid and the error audit message "AUTHENTICATION
+ FAILURE" MUST be returned.
+
+4.2.1. HMAC-SHA1
+
+ The pre-defined authentication transform for SRTP is HMAC-SHA1
+ [RFC2104]. With HMAC-SHA1, the SRTP_PREFIX_LENGTH (Figure 3) SHALL
+ be 0. For SRTP (respectively SRTCP), the HMAC SHALL be applied to
+ the session authentication key and M as specified above, i.e.,
+ HMAC(k_a, M). The HMAC output SHALL then be truncated to the n_tag
+ left-most bits.
+
+
+
+Baugher, et al. Standards Track [Page 25]
+
+RFC 3711 SRTP March 2004
+
+
+4.3. Key Derivation
+
+4.3.1. Key Derivation Algorithm
+
+ Regardless of the encryption or message authentication transform that
+ is employed (it may be an SRTP pre-defined transform or newly
+ introduced according to Section 6), interoperable SRTP
+ implementations MUST use the SRTP key derivation to generate session
+ keys. Once the key derivation rate is properly signaled at the start
+ of the session, there is no need for extra communication between the
+ parties that use SRTP key derivation.
+
+ packet index ---+
+ |
+ v
+ +-----------+ master +--------+ session encr_key
+ | ext | key | |---------->
+ | key mgmt |-------->| key | session auth_key
+ | (optional | | deriv |---------->
+ | rekey) |-------->| | session salt_key
+ | | master | |---------->
+ +-----------+ salt +--------+
+
+ Figure 5: SRTP key derivation.
+
+ At least one initial key derivation SHALL be performed by SRTP, i.e.,
+ the first key derivation is REQUIRED. Further applications of the
+ key derivation MAY be performed, according to the
+ "key_derivation_rate" value in the cryptographic context. The key
+ derivation function SHALL initially be invoked before the first
+ packet and then, when r > 0, a key derivation is performed whenever
+ index mod r equals zero. This can be thought of as "refreshing" the
+ session keys. The value of "key_derivation_rate" MUST be kept fixed
+ for the lifetime of the associated master key.
+
+ Interoperable SRTP implementations MAY also derive session salting
+ keys for encryption transforms, as is done in both of the pre-
+ defined transforms.
+
+ Let m and n be positive integers. A pseudo-random function family is
+ a set of keyed functions {PRF_n(k,x)} such that for the (secret)
+ random key k, given m-bit x, PRF_n(k,x) is an n-bit string,
+ computationally indistinguishable from random n-bit strings, see
+ [HAC]. For the purpose of key derivation in SRTP, a secure PRF with
+ m = 128 (or more) MUST be used, and a default PRF transform is
+ defined in Section 4.3.3.
+
+
+
+
+
+Baugher, et al. Standards Track [Page 26]
+
+RFC 3711 SRTP March 2004
+
+
+ Let "a DIV t" denote integer division of a by t, rounded down, and
+ with the convention that "a DIV 0 = 0" for all a. We also make the
+ convention of treating "a DIV t" as a bit string of the same length
+ as a, and thus "a DIV t" will in general have leading zeros.
+
+ Key derivation SHALL be defined as follows in terms of <label>, an
+ 8-bit constant (see below), master_salt and key_derivation_rate, as
+ determined in the cryptographic context, and index, the packet index
+ (i.e., the 48-bit ROC || SEQ for SRTP):
+
+ * Let r = index DIV key_derivation_rate (with DIV as defined above).
+
+ * Let key_id = <label> || r.
+
+ * Let x = key_id XOR master_salt, where key_id and master_salt are
+ aligned so that their least significant bits agree (right-
+ alignment).
+
+ <label> MUST be unique for each type of key to be derived. We
+ currently define <label> 0x00 to 0x05 (see below), and future
+ extensions MAY specify new values in the range 0x06 to 0xff for other
+ purposes. The n-bit SRTP key (or salt) for this packet SHALL then be
+ derived from the master key, k_master as follows:
+
+ PRF_n(k_master, x).
+
+ (The PRF may internally specify additional formatting and padding of
+ x, see e.g., Section 4.3.3 for the default PRF.)
+
+ The session keys and salt SHALL now be derived using:
+
+ - k_e (SRTP encryption): <label> = 0x00, n = n_e.
+
+ - k_a (SRTP message authentication): <label> = 0x01, n = n_a.
+
+ - k_s (SRTP salting key): <label> = 0x02, n = n_s.
+
+ where n_e, n_s, and n_a are from the cryptographic context.
+
+ The master key and master salt MUST be random, but the master salt
+ MAY be public.
+
+ Note that for a key_derivation_rate of 0, the application of the key
+ derivation SHALL take place exactly once.
+
+ The definition of DIV above is purely for notational convenience.
+ For a non-zero t among the set of allowed key derivation rates, "a
+ DIV t" can be implemented as a right-shift by the base-2 logarithm of
+
+
+
+Baugher, et al. Standards Track [Page 27]
+
+RFC 3711 SRTP March 2004
+
+
+ t. The derivation operation is further facilitated if the rates are
+ chosen to be powers of 256, but that granularity was considered too
+ coarse to be a requirement of this specification.
+
+ The upper limit on the number of packets that can be secured using
+ the same master key (see Section 9.2) is independent of the key
+ derivation.
+
+4.3.2. SRTCP Key Derivation
+
+ SRTCP SHALL by default use the same master key (and master salt) as
+ SRTP. To do this securely, the following changes SHALL be done to
+ the definitions in Section 4.3.1 when applying session key derivation
+ for SRTCP.
+
+ Replace the SRTP index by the 32-bit quantity: 0 || SRTCP index
+ (i.e., excluding the E-bit, replacing it with a fixed 0-bit), and use
+ <label> = 0x03 for the SRTCP encryption key, <label> = 0x04 for the
+ SRTCP authentication key, and, <label> = 0x05 for the SRTCP salting
+ key.
+
+4.3.3. AES-CM PRF
+
+ The currently defined PRF, keyed by 128, 192, or 256 bit master key,
+ has input block size m = 128 and can produce n-bit outputs for n up
+ to 2^23. PRF_n(k_master,x) SHALL be AES in Counter Mode as described
+ in Section 4.1.1, applied to key k_master, and IV equal to (x*2^16),
+ and with the output keystream truncated to the n first (left-most)
+ bits. (Requiring n/128, rounded up, applications of AES.)
+
+5. Default and mandatory-to-implement Transforms
+
+ The default transforms also are mandatory-to-implement transforms in
+ SRTP. Of course, "mandatory-to-implement" does not imply
+ "mandatory-to-use". Table 1 summarizes the pre-defined transforms.
+ The default values below are valid for the pre-defined transforms.
+
+ mandatory-to-impl. optional default
+
+ encryption AES-CM, NULL AES-f8 AES-CM
+ message integrity HMAC-SHA1 - HMAC-SHA1
+ key derivation (PRF) AES-CM - AES-CM
+
+ Table 1: Mandatory-to-implement, optional and default transforms in
+ SRTP and SRTCP.
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 28]
+
+RFC 3711 SRTP March 2004
+
+
+5.1. Encryption: AES-CM and NULL
+
+ AES running in Segmented Integer Counter Mode, as defined in Section
+ 4.1.1, SHALL be the default encryption algorithm. The default key
+ lengths SHALL be 128-bit for the session encryption key (n_e). The
+ default session salt key-length (n_s) SHALL be 112 bits.
+
+ The NULL cipher SHALL also be mandatory-to-implement.
+
+5.2. Message Authentication/Integrity: HMAC-SHA1
+
+ HMAC-SHA1, as defined in Section 4.2.1, SHALL be the default message
+ authentication code. The default session authentication key-length
+ (n_a) SHALL be 160 bits, the default authentication tag length
+ (n_tag) SHALL be 80 bits, and the SRTP_PREFIX_LENGTH SHALL be zero
+ for HMAC-SHA1. In addition, for SRTCP, the pre-defined HMAC-SHA1
+ MUST NOT be applied with a value of n_tag, nor n_a, that are smaller
+ than these defaults. For SRTP, smaller values are NOT RECOMMENDED,
+ but MAY be used after careful consideration of the issues in Section
+ 7.5 and 9.5.
+
+5.3. Key Derivation: AES-CM PRF
+
+ The AES Counter Mode based key derivation and PRF defined in Sections
+ 4.3.1 to 4.3.3, using a 128-bit master key, SHALL be the default
+ method for generating session keys. The default master salt length
+ SHALL be 112 bits and the default key-derivation rate SHALL be zero.
+
+6. Adding SRTP Transforms
+
+ Section 4 provides examples of the level of detail needed for
+ defining transforms. Whenever a new transform is to be added to
+ SRTP, a companion standard track RFC MUST be written to exactly
+ define how the new transform can be used with SRTP (and SRTCP). Such
+ a companion RFC SHOULD avoid overlap with the SRTP protocol document.
+ Note however, that it MAY be necessary to extend the SRTP or SRTCP
+ cryptographic context definition with new parameters (including fixed
+ or default values), add steps to the packet processing, or even add
+ fields to the SRTP/SRTCP packets. The companion RFC SHALL explain
+ any known issues regarding interactions between the transform and
+ other aspects of SRTP.
+
+ Each new transform document SHOULD specify its key attributes, e.g.,
+ size of keys (minimum, maximum, recommended), format of keys,
+ recommended/required processing of input keying material,
+ requirements/recommendations on key lifetime, re-keying and key
+ derivation, whether sharing of keys between SRTP and SRTCP is allowed
+ or not, etc.
+
+
+
+Baugher, et al. Standards Track [Page 29]
+
+RFC 3711 SRTP March 2004
+
+
+ An added message integrity transform SHOULD define a minimum
+ acceptable key/tag size for SRTCP, equivalent in strength to the
+ minimum values as defined in Section 5.2.
+
+7. Rationale
+
+ This section explains the rationale behind several important features
+ of SRTP.
+
+7.1. Key derivation
+
+ Key derivation reduces the burden on the key establishment. As many
+ as six different keys are needed per crypto context (SRTP and SRTCP
+ encryption keys and salts, SRTP and SRTCP authentication keys), but
+ these are derived from a single master key in a cryptographically
+ secure way. Thus, the key management protocol needs to exchange only
+ one master key (plus master salt when required), and then SRTP itself
+ derives all the necessary session keys (via the first, mandatory
+ application of the key derivation function).
+
+ Multiple applications of the key derivation function are optional,
+ but will give security benefits when enabled. They prevent an
+ attacker from obtaining large amounts of ciphertext produced by a
+ single fixed session key. If the attacker was able to collect a
+ large amount of ciphertext for a certain session key, he might be
+ helped in mounting certain attacks.
+
+ Multiple applications of the key derivation function provide
+ backwards and forward security in the sense that a compromised
+ session key does not compromise other session keys derived from the
+ same master key. This means that the attacker who is able to recover
+ a certain session key, is anyway not able to have access to messages
+ secured under previous and later session keys (derived from the same
+ master key). (Note that, of course, a leaked master key reveals all
+ the session keys derived from it.)
+
+ Considerations arise with high-rate key refresh, especially in large
+ multicast settings, see Section 11.
+
+7.2. Salting key
+
+ The master salt guarantees security against off-line key-collision
+ attacks on the key derivation that might otherwise reduce the
+ effective key size [MF00].
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 30]
+
+RFC 3711 SRTP March 2004
+
+
+ The derived session salting key used in the encryption, has been
+ introduced to protect against some attacks on additive stream
+ ciphers, see Section 9.2. The explicit inclusion method of the salt
+ in the IV has been selected for ease of hardware implementation.
+
+7.3. Message Integrity from Universal Hashing
+
+ The particular definition of the keystream given in Section 4.1 (the
+ keystream prefix) is to give provision for particular universal hash
+ functions, suitable for message authentication in the Wegman-Carter
+ paradigm [WC81]. Such functions are provably secure, simple, quick,
+ and especially appropriate for Digital Signal Processors and other
+ processors with a fast multiply operation.
+
+ No authentication transforms are currently provided in SRTP other
+ than HMAC-SHA1. Future transforms, like the above mentioned
+ universal hash functions, MAY be added following the guidelines in
+ Section 6.
+
+7.4. Data Origin Authentication Considerations
+
+ Note that in pair-wise communications, integrity and data origin
+ authentication are provided together. However, in group scenarios
+ where the keys are shared between members, the MAC tag only proves
+ that a member of the group sent the packet, but does not prevent
+ against a member impersonating another. Data origin authentication
+ (DOA) for multicast and group RTP sessions is a hard problem that
+ needs a solution; while some promising proposals are being
+ investigated [PCST1] [PCST2], more work is needed to rigorously
+ specify these technologies. Thus SRTP data origin authentication in
+ groups is for further study.
+
+ DOA can be done otherwise using signatures. However, this has high
+ impact in terms of bandwidth and processing time, therefore we do not
+ offer this form of authentication in the pre-defined packet-integrity
+ transform.
+
+ The presence of mixers and translators does not allow data origin
+ authentication in case the RTP payload and/or the RTP header are
+ manipulated. Note that these types of middle entities also disrupt
+ end-to-end confidentiality (as the IV formation depends e.g., on the
+ RTP header preservation). A certain trust model may choose to trust
+ the mixers/translators to decrypt/re-encrypt the media (this would
+ imply breaking the end-to-end security, with related security
+ implications).
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 31]
+
+RFC 3711 SRTP March 2004
+
+
+7.5. Short and Zero-length Message Authentication
+
+ As shown in Figure 1, the authentication tag is RECOMMENDED in SRTP.
+ A full 80-bit authentication-tag SHOULD be used, but a shorter tag or
+ even a zero-length tag (i.e., no message authentication) MAY be used
+ under certain conditions to support either of the following two
+ application environments.
+
+ 1. Strong authentication can be impractical in environments where
+ bandwidth preservation is imperative. An important special
+ case is wireless communication systems, in which bandwidth is a
+ scarce and expensive resource. Studies have shown that for
+ certain applications and link technologies, additional bytes
+ may result in a significant decrease in spectrum efficiency
+ [SWO]. Considerable effort has been made to design IP header
+ compression techniques to improve spectrum efficiency
+ [RFC3095]. A typical voice application produces 20 byte
+ samples, and the RTP, UDP and IP headers need to be jointly
+ compressed to one or two bytes on average in order to obtain
+ acceptable wireless bandwidth economy [RFC3095]. In this case,
+ strong authentication would impose nearly fifty percent
+ overhead.
+
+ 2. Authentication is impractical for applications that use data
+ links with fixed-width fields that cannot accommodate the
+ expansion due to the authentication tag. This is the case for
+ some important existing wireless channels. For example, zero-
+ byte header compression is used to adapt EVRC/SMV voice with
+ the legacy IS-95 bearer channel in CDMA2000 VoIP services. It
+ was found that not a single additional octet could be added to
+ the data, which motivated the creation of a zero-byte profile
+ for ROHC [RFC3242].
+
+ A short tag is secure for a restricted set of applications. Consider
+ a voice telephony application, for example, such as a G.729 audio
+ codec with a 20-millisecond packetization interval, protected by a
+ 32-bit message authentication tag. The likelihood of any given
+ packet being successfully forged is only one in 2^32. Thus an
+ adversary can control no more than 20 milliseconds of audio output
+ during a 994-day period, on average. In contrast, the effect of a
+ single forged packet can be much larger if the application is
+ stateful. A codec that uses relative or predictive compression
+ across packets will propagate the maliciously generated state,
+ affecting a longer duration of output.
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 32]
+
+RFC 3711 SRTP March 2004
+
+
+ Certainly not all SRTP or telephony applications meet the criteria
+ for short or zero-length authentication tags. Section 9.5.1
+ discusses the risks of weak or no message authentication, and section
+ 9.5 describes the circumstances when it is acceptable and when it is
+ unacceptable.
+
+8. Key Management Considerations
+
+ There are emerging key management standards [MIKEY] [KEYMGT] [SDMS]
+ for establishing an SRTP cryptographic context (e.g., an SRTP master
+ key). Both proprietary and open-standard key management methods are
+ likely to be used for telephony applications [MIKEY] [KINK] and
+ multicast applications [GDOI]. This section provides guidance for
+ key management systems that service SRTP session.
+
+ For initialization, an interoperable SRTP implementation SHOULD be
+ given the SSRC and MAY be given the initial RTP sequence number for
+ the RTP stream by key management (thus, key management has a
+ dependency on RTP operational parameters). Sending the RTP sequence
+ number in the key management may be useful e.g., when the initial
+ sequence number is close to wrapping (to avoid synchronization
+ problems), and to communicate the current sequence number to a
+ joining endpoint (to properly initialize its replay list).
+
+ If the pre-defined transforms are used, SRTP allows sharing of the
+ same master key between SRTP/SRTCP streams belonging to the same RTP
+ session.
+
+ First, sharing between SRTP streams belonging to the same RTP session
+ is secure if the design of the synchronization mechanism, i.e., the
+ IV, avoids keystream re-use (the two-time pad, Section 9.1). This is
+ taken care of by the fact that RTP provides for unique SSRCs for
+ streams belonging to the same RTP session. See Section 9.1 for
+ further discussion.
+
+ Second, sharing between SRTP and the corresponding SRTCP is secure.
+ The fact that an SRTP stream and its associated SRTCP stream both
+ carry the same SSRC does not constitute a problem for the two-time
+ pad due to the key derivation. Thus, SRTP and SRTCP corresponding to
+ one RTP session MAY share master keys (as they do by default).
+
+ Note that message authentication also has a dependency on SSRC
+ uniqueness that is unrelated to the problem of keystream reuse: SRTP
+ streams authenticated under the same key MUST have a distinct SSRC in
+ order to identify the sender of the message. This requirement is
+ needed because the SSRC is the cryptographically authenticated field
+
+
+
+
+
+Baugher, et al. Standards Track [Page 33]
+
+RFC 3711 SRTP March 2004
+
+
+ used to distinguish between different SRTP streams. Were two streams
+ to use identical SSRC values, then an adversary could substitute
+ messages from one stream into the other without detection.
+
+ SRTP/SRTCP MUST NOT share master keys under any other circumstances
+ than the ones given above, i.e., between SRTP and its corresponding
+ SRTCP, and, between streams belonging to the same RTP session.
+
+8.1. Re-keying
+
+ The recommended way for a particular key management system to provide
+ re-key within SRTP is by associating a master key in a crypto context
+ with an MKI.
+
+ This provides for easy master key retrieval (see Scenarios in Section
+ 11), but has the disadvantage of adding extra bits to each packet.
+ As noted in Section 7.5, some wireless links do not cater for added
+ bits, therefore SRTP also defines a more economic way of triggering
+ re-keying, via use of <From, To>, which works in some specific,
+ simple scenarios (see Section 8.1.1).
+
+ SRTP senders SHALL count the amount of SRTP and SRTCP traffic being
+ used for a master key and invoke key management to re-key if needed
+ (Section 9.2). These interactions are defined by the key management
+ interface to SRTP and are not defined by this protocol specification.
+
+8.1.1. Use of the <From, To> for re-keying
+
+ In addition to the use of the MKI, SRTP defines another optional
+ mechanism for master key retrieval, the <From, To>. The <From, To>
+ specifies the range of SRTP indices (a pair of sequence number and
+ ROC) within which a certain master key is valid, and is (when used)
+ part of the crypto context. By looking at the 48-bit SRTP index of
+ the current SRTP packet, the corresponding master key can be found by
+ determining which From-To interval it belongs to. For SRTCP, the
+ most recently observed/used SRTP index (which can be obtained from
+ the cryptographic context) is used for this purpose, even though
+ SRTCP has its own (31-bit) index (see caveat below).
+
+ This method, compared to the MKI, has the advantage of identifying
+ the master key and defining its lifetime without adding extra bits to
+ each packet. This could be useful, as already noted, for some
+ wireless links that do not cater for added bits. However, its use
+ SHOULD be limited to specific, very simple scenarios. We recommend
+ to limit its use when the RTP session is a simple unidirectional or
+ bi-directional stream. This is because in case of multiple streams,
+ it is difficult to trigger the re-key based on the <From, To> of a
+ single RTP stream. For example, if several streams share a master
+
+
+
+Baugher, et al. Standards Track [Page 34]
+
+RFC 3711 SRTP March 2004
+
+
+ key, there is no simple one-to-one correspondence between the index
+ sequence space of a certain stream, and the index sequence space on
+ which the <From, To> values are based. Consequently, when a master
+ key is shared between streams, one of these streams MUST be
+ designated by key management as the one whose index space defines the
+ re-keying points. Also, the re-key triggering on SRTCP is based on
+ the correspondent SRTP stream, i.e., when the SRTP stream changes the
+ master key, so does the correspondent SRTCP. This becomes obviously
+ more and more complex with multiple streams.
+
+ The default values for the <From, To> are "from the first observed
+ packet" and "until further notice". However, the maximum limit of
+ SRTP/SRTCP packets that are sent under each given master/session key
+ (Section 9.2) MUST NOT be exceeded.
+
+ In case the <From, To> is used as key retrieval, then the MKI is not
+ inserted in the packet (and its indicator in the crypto context is
+ zero). However, using the MKI does not exclude using <From, To> key
+ lifetime simultaneously. This can for instance be useful to signal
+ at the sender side at which point in time an MKI is to be made
+ active.
+
+8.2. Key Management parameters
+
+ The table below lists all SRTP parameters that key management can
+ supply. For reference, it also provides a summary of the default and
+ mandatory-to-support values for an SRTP implementation as described
+ in Section 5.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 35]
+
+RFC 3711 SRTP March 2004
+
+
+ Parameter Mandatory-to-support Default
+ --------- -------------------- -------
+
+ SRTP and SRTCP encr transf. AES_CM, NULL AES_CM
+ (Other possible values: AES_f8)
+
+ SRTP and SRTCP auth transf. HMAC-SHA1 HMAC-SHA1
+
+ SRTP and SRTCP auth params:
+ n_tag (tag length) 80 80
+ SRTP prefix_length 0 0
+
+ Key derivation PRF AES_CM AES_CM
+
+ Key material params
+ (for each master key):
+ master key length 128 128
+ n_e (encr session key length) 128 128
+ n_a (auth session key length) 160 160
+ master salt key
+ length of the master salt 112 112
+ n_s (session salt key length) 112 112
+ key derivation rate 0 0
+
+ key lifetime
+ SRTP-packets-max-lifetime 2^48 2^48
+ SRTCP-packets-max-lifetime 2^31 2^31
+ from-to-lifetime <From, To>
+ MKI indicator 0 0
+ length of the MKI 0 0
+ value of the MKI
+
+ Crypto context index params:
+ SSRC value
+ ROC
+ SEQ
+ SRTCP Index
+ Transport address
+ Port number
+
+ Relation to other RTP profiles:
+ sender's order between FEC and SRTP FEC-SRTP FEC-SRTP
+ (see Section 10)
+
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 36]
+
+RFC 3711 SRTP March 2004
+
+
+9. Security Considerations
+
+9.1. SSRC collision and two-time pad
+
+ Any fixed keystream output, generated from the same key and index
+ MUST only be used to encrypt once. Re-using such keystream (jokingly
+ called a "two-time pad" system by cryptographers), can seriously
+ compromise security. The NSA's VENONA project [C99] provides a
+ historical example of such a compromise. It is REQUIRED that
+ automatic key management be used for establishing and maintaining
+ SRTP and SRTCP keying material; this requirement is to avoid
+ keystream reuse, which is more likely to occur with manual key
+ management. Furthermore, in SRTP, a "two-time pad" is avoided by
+ requiring the key, or some other parameter of cryptographic
+ significance, to be unique per RTP/RTCP stream and packet. The pre-
+ defined SRTP transforms accomplish packet-uniqueness by including the
+ packet index and stream-uniqueness by inclusion of the SSRC.
+
+ The pre-defined transforms (AES-CM and AES-f8) allow master keys to
+ be shared across streams belonging to the same RTP session by the
+ inclusion of the SSRC in the IV. A master key MUST NOT be shared
+ among different RTP sessions.
+
+ Thus, the SSRC MUST be unique between all the RTP streams within the
+ same RTP session that share the same master key. RTP itself provides
+ an algorithm for detecting SSRC collisions within the same RTP
+ session. Thus, temporary collisions could lead to temporary two-time
+ pad, in the unfortunate event that SSRCs collide at a point in time
+ when the streams also have identical sequence numbers (occurring with
+ probability roughly 2^(-48)). Therefore, the key management SHOULD
+ take care of avoiding such SSRC collisions by including the SSRCs to
+ be used in the session as negotiation parameters, proactively
+ assuring their uniqueness. This is a strong requirements in
+ scenarios where for example, there are multiple senders that can
+ start to transmit simultaneously, before SSRC collision are detected
+ at the RTP level.
+
+ Note also that even with distinct SSRCs, extensive use of the same
+ key might improve chances of probabilistic collision and time-
+ memory-tradeoff attacks succeeding.
+
+ As described, master keys MAY be shared between streams belonging to
+ the same RTP session, but it is RECOMMENDED that each SSRC have its
+ own master key. When master keys are shared among SSRC participants
+ and SSRCs are managed by a key management module as recommended
+ above, the RECOMMENDED policy for an SSRC collision error is for the
+ participant to leave the SRTP session as it is a sign of malfunction.
+
+
+
+
+Baugher, et al. Standards Track [Page 37]
+
+RFC 3711 SRTP March 2004
+
+
+9.2. Key Usage
+
+ The effective key size is determined (upper bounded) by the size of
+ the master key and, for encryption, the size of the salting key. Any
+ additive stream cipher is vulnerable to attacks that use statistical
+ knowledge about the plaintext source to enable key collision and
+ time-memory tradeoff attacks [MF00] [H80] [BS00]. These attacks take
+ advantage of commonalities among plaintexts, and provide a way for a
+ cryptanalyst to amortize the computational effort of decryption over
+ many keys, or over many bytes of output, thus reducing the effective
+ key size of the cipher. A detailed analysis of these attacks and
+ their applicability to the encryption of Internet traffic is provided
+ in [MF00]. In summary, the effective key size of SRTP when used in a
+ security system in which m distinct keys are used, is equal to the
+ key size of the cipher less the logarithm (base two) of m.
+ Protection against such attacks can be provided simply by increasing
+ the size of the keys used, which here can be accomplished by the use
+ of the salting key. Note that the salting key MUST be random but MAY
+ be public. A salt size of (the suggested) size 112 bits protects
+ against attacks in scenarios where at most 2^112 keys are in use.
+ This is sufficient for all practical purposes.
+
+ Implementations SHOULD use keys that are as large as possible.
+ Please note that in many cases increasing the key size of a cipher
+ does not affect the throughput of that cipher.
+
+ The use of the SRTP and SRTCP indices in the pre-defined transforms
+ fixes the maximum number of packets that can be secured with the same
+ key. This limit is fixed to 2^48 SRTP packets for an SRTP stream,
+ and 2^31 SRTCP packets, when SRTP and SRTCP are considered
+ independently. Due to for example re-keying, reaching this limit may
+ or may not coincide with wrapping of the indices, and thus the sender
+ MUST keep packet counts. However, when the session keys for related
+ SRTP and SRTCP streams are derived from the same master key (the
+ default behavior, Section 4.3), the upper bound that has to be
+ considered is in practice the minimum of the two quantities. That
+ is, when 2^48 SRTP packets or 2^31 SRTCP packets have been secured
+ with the same key (whichever occurs before), the key management MUST
+ be called to provide new master key(s) (previously stored and used
+ keys MUST NOT be used again), or the session MUST be terminated. If
+ a sender of RTCP discovers that the sender of SRTP (or SRTCP) has not
+ updated the master or session key prior to sending 2^48 SRTP (or 2^31
+ SRTCP) packets belonging to the same SRTP (SRTCP) stream, it is up to
+ the security policy of the RTCP sender how to behave, e.g., whether
+ an RTCP BYE-packet should be sent and/or if the event should be
+ logged.
+
+
+
+
+
+Baugher, et al. Standards Track [Page 38]
+
+RFC 3711 SRTP March 2004
+
+
+ Note: in most typical applications (assuming at least one RTCP packet
+ for every 128,000 RTP packets), it will be the SRTCP index that first
+ reaches the upper limit, although the time until this occurs is very
+ long: even at 200 SRTCP packets/sec, the 2^31 index space of SRTCP is
+ enough to secure approximately 4 months of communication.
+
+ Note that if the master key is to be shared between SRTP streams
+ within the same RTP session (Section 9.1), although the above bounds
+ are on a per stream (i.e., per SSRC) basis, the sender MUST base re-
+ key decision on the stream whose sequence number space is the first
+ to be exhausted.
+
+ Key derivation limits the amount of plaintext that is encrypted with
+ a fixed session key, and made available to an attacker for analysis,
+ but key derivation does not extend the master key's lifetime. To see
+ this, simply consider our requirements to avoid two-time pad: two
+ distinct packets MUST either be processed with distinct IVs, or with
+ distinct session keys, and both the distinctness of IV and of the
+ session keys are (for the pre-defined transforms) dependent on the
+ distinctness of the packet indices.
+
+ Note that with the key derivation, the effective key size is at most
+ that of the master key, even if the derived session key is
+ considerably longer. With the pre-defined authentication transform,
+ the session authentication key is 160 bits, but the master key by
+ default is only 128 bits. This design choice was made to comply with
+ certain recommendations in [RFC2104] so that an existing HMAC
+ implementation can be plugged into SRTP without problems. Since the
+ default tag size is 80 bits, it is, for the applications in mind,
+ also considered acceptable from security point of view. Users having
+ concerns about this are RECOMMENDED to instead use a 192 bit master
+ key in the key derivation. It was, however, chosen not to mandate
+ 192-bit keys since existing AES implementations to be used in the
+ key-derivation may not always support key-lengths other than 128
+ bits. Since AES is not defined (or properly analyzed) for use with
+ 160 bit keys it is NOT RECOMMENDED that ad-hoc key-padding schemes
+ are used to pad shorter keys to 192 or 256 bits.
+
+9.3. Confidentiality of the RTP Payload
+
+ SRTP's pre-defined ciphers are "seekable" stream ciphers, i.e.,
+ ciphers able to efficiently seek to arbitrary locations in their
+ keystream (so that the encryption or decryption of one packet does
+ not depend on preceding packets). By using seekable stream ciphers,
+ SRTP avoids the denial of service attacks that are possible on stream
+ ciphers that lack this property. It is important to be aware that,
+ as with any stream cipher, the exact length of the payload is
+ revealed by the encryption. This means that it may be possible to
+
+
+
+Baugher, et al. Standards Track [Page 39]
+
+RFC 3711 SRTP March 2004
+
+
+ deduce certain "formatting bits" of the payload, as the length of the
+ codec output might vary due to certain parameter settings etc. This,
+ in turn, implies that the corresponding bit of the keystream can be
+ deduced. However, if the stream cipher is secure (counter mode and
+ f8 are provably secure under certain assumptions [BDJR] [KSYH] [IK]),
+ knowledge of a few bits of the keystream will not aid an attacker in
+ predicting subsequent keystream bits. Thus, the payload length (and
+ information deducible from this) will leak, but nothing else.
+
+ As some RTP packet could contain highly predictable data, e.g., SID,
+ it is important to use a cipher designed to resist known plaintext
+ attacks (which is the current practice).
+
+9.4. Confidentiality of the RTP Header
+
+ In SRTP, RTP headers are sent in the clear to allow for header
+ compression. This means that data such as payload type,
+ synchronization source identifier, and timestamp are available to an
+ eavesdropper. Moreover, since RTP allows for future extensions of
+ headers, we cannot foresee what kind of possibly sensitive
+ information might also be "leaked".
+
+ SRTP is a low-cost method, which allows header compression to reduce
+ bandwidth. It is up to the endpoints' policies to decide about the
+ security protocol to employ. If one really needs to protect headers,
+ and is allowed to do so by the surrounding environment, then one
+ should also look at alternatives, e.g., IPsec [RFC2401].
+
+9.5. Integrity of the RTP payload and header
+
+ SRTP messages are subject to attacks on their integrity and source
+ identification, and these risks are discussed in Section 9.5.1. To
+ protect against these attacks, each SRTP stream SHOULD be protected
+ by HMAC-SHA1 [RFC2104] with an 80-bit output tag and a 160-bit key,
+ or a message authentication code with equivalent strength. Secure
+ RTP SHOULD NOT be used without message authentication, except under
+ the circumstances described in this section. It is important to note
+ that encryption algorithms, including AES Counter Mode and f8, do not
+ provide message authentication. SRTCP MUST NOT be used with weak (or
+ NULL) authentication.
+
+ SRTP MAY be used with weak authentication (e.g., a 32-bit
+ authentication tag), or with no authentication (the NULL
+ authentication algorithm). These options allow SRTP to be used to
+ provide confidentiality in situations where
+
+ * weak or null authentication is an acceptable security risk, and
+ * it is impractical to provide strong message authentication.
+
+
+
+Baugher, et al. Standards Track [Page 40]
+
+RFC 3711 SRTP March 2004
+
+
+ These conditions are described below and in Section 7.5. Note that
+ both conditions MUST hold in order for weak or null authentication to
+ be used. The risks associated with exercising the weak or null
+ authentication options need to be considered by a security audit
+ prior to their use for a particular application or environment given
+ the risks, which are discussed in Section 9.5.1.
+
+ Weak authentication is acceptable when the RTP application is such
+ that the effect of a small fraction of successful forgeries is
+ negligible. If the application is stateless, then the effect of a
+ single forged RTP packet is limited to the decoding of that
+ particular packet. Under this condition, the size of the
+ authentication tag MUST ensure that only a negligible fraction of the
+ packets passed to the RTP application by the SRTP receiver can be
+ forgeries. This fraction is negligible when an adversary, if given
+ control of the forged packets, is not able to make a significant
+ impact on the output of the RTP application (see the example of
+ Section 7.5).
+
+ Weak or null authentication MAY be acceptable when it is unlikely
+ that an adversary can modify ciphertext so that it decrypts to an
+ intelligible value. One important case is when it is difficult for
+ an adversary to acquire the RTP plaintext data, since for many
+ codecs, an adversary that does not know the input signal cannot
+ manipulate the output signal in a controlled way. In many cases it
+ may be difficult for the adversary to determine the actual value of
+ the plaintext. For example, a hidden snooping device might be
+ required in order to know a live audio or video signal. The
+ adversary's signal must have a quality equivalent to or greater than
+ that of the signal under attack, since otherwise the adversary would
+ not have enough information to encode that signal with the codec used
+ by the victim. Plaintext prediction may also be especially difficult
+ for an interactive application such as a telephone call.
+
+ Weak or null authentication MUST NOT be used when the RTP application
+ makes data forwarding or access control decisions based on the RTP
+ data. In such a case, an attacker may be able to subvert
+ confidentiality by causing the receiver to forward data to an
+ attacker. See Section 3 of [B96] for a real-life example of such
+ attacks.
+
+ Null authentication MUST NOT be used when a replay attack, in which
+ an adversary stores packets then replays them later in the session,
+ could have a non-negligible impact on the receiver. An example of a
+ successful replay attack is the storing of the output of a
+ surveillance camera for a period of time, later followed by the
+
+
+
+
+
+Baugher, et al. Standards Track [Page 41]
+
+RFC 3711 SRTP March 2004
+
+
+ injection of that output to the monitoring station to avoid
+ surveillance. Encryption does not protect against this attack, and
+ non-null authentication is REQUIRED in order to defeat it.
+
+ If existential message forgery is an issue, i.e., when the accuracy
+ of the received data is of non-negligible importance, null
+ authentication MUST NOT be used.
+
+9.5.1. Risks of Weak or Null Message Authentication
+
+ During a security audit considering the use of weak or null
+ authentication, it is important to keep in mind the following attacks
+ which are possible when no message authentication algorithm is used.
+
+ An attacker who cannot predict the plaintext is still always able to
+ modify the message sent between the sender and the receiver so that
+ it decrypts to a random plaintext value, or to send a stream of bogus
+ packets to the receiver that will decrypt to random plaintext values.
+ This attack is essentially a denial of service attack, though in the
+ absence of message authentication, the RTP application will have
+ inputs that are bit-wise correlated with the true value. Some
+ multimedia codecs and common operating systems will crash when such
+ data are accepted as valid video data. This denial of service attack
+ may be a much larger threat than that due to an attacker dropping,
+ delaying, or re-ordering packets.
+
+ An attacker who cannot predict the plaintext can still replay a
+ previous message with certainty that the receiver will accept it.
+ Applications with stateless codecs might be robust against this type
+ of attack, but for other, more complex applications these attacks may
+ be far more grave.
+
+ An attacker who can predict the plaintext can modify the ciphertext
+ so that it will decrypt to any value of her choosing. With an
+ additive stream cipher, an attacker will always be able to change
+ individual bits.
+
+ An attacker may be able to subvert confidentiality due to the lack of
+ authentication when a data forwarding or access control decision is
+ made on decrypted but unauthenticated plaintext. This is because the
+ receiver may be fooled into forwarding data to an attacker, leading
+ to an indirect breach of confidentiality (see Section 3 of [B96]).
+ This is because data-forwarding decisions are made on the decrypted
+ plaintext; information in the plaintext will determine to what subnet
+ (or process) the plaintext is forwarded in ESP [RFC2401] tunnel mode
+ (respectively, transport mode). When Secure RTP is used without
+
+
+
+
+
+Baugher, et al. Standards Track [Page 42]
+
+RFC 3711 SRTP March 2004
+
+
+ message authentication, it should be verified that the application
+ does not make data forwarding or access control decisions based on
+ the decrypted plaintext.
+
+ Some cipher modes of operation that require padding, e.g., standard
+ cipher block chaining (CBC) are very sensitive to attacks on
+ confidentiality if certain padding types are used in the absence of
+ integrity. The attack [V02] shows that this is indeed the case for
+ the standard RTP padding as discussed in reference to Figure 1, when
+ used together with CBC mode. Later transform additions to SRTP MUST
+ therefore carefully consider the risk of using this padding without
+ proper integrity protection.
+
+9.5.2. Implicit Header Authentication
+
+ The IV formation of the f8-mode gives implicit authentication (IHA)
+ of the RTP header, even when message authentication is not used.
+ When IHA is used, an attacker that modifies the value of the RTP
+ header will cause the decryption process at the receiver to produce
+ random plaintext values. While this protection is not equivalent to
+ message authentication, it may be useful for some applications.
+
+10. Interaction with Forward Error Correction mechanisms
+
+ The default processing when using Forward Error Correction (e.g., RFC
+ 2733) processing with SRTP SHALL be to perform FEC processing prior
+ to SRTP processing on the sender side and to perform SRTP processing
+ prior to FEC processing on the receiver side. Any change to this
+ ordering (reversing it, or, placing FEC between SRTP encryption and
+ SRTP authentication) SHALL be signaled out of band.
+
+11. Scenarios
+
+ SRTP can be used as security protocol for the RTP/RTCP traffic in
+ many different scenarios. SRTP has a number of configuration
+ options, in particular regarding key usage, and can have impact on
+ the total performance of the application according to the way it is
+ used. Hence, the use of SRTP is dependent on the kind of scenario
+ and application it is used with. In the following, we briefly
+ illustrate some use cases for SRTP, and give some guidelines for
+ recommended setting of its options.
+
+11.1. Unicast
+
+ A typical example would be a voice call or video-on-demand
+ application.
+
+
+
+
+
+Baugher, et al. Standards Track [Page 43]
+
+RFC 3711 SRTP March 2004
+
+
+ Consider one bi-directional RTP stream, as one RTP session. It is
+ possible for the two parties to share the same master key in the two
+ directions according to the principles of Section 9.1. The first
+ round of the key derivation splits the master key into any or all of
+ the following session keys (according to the provided security
+ functions):
+
+ SRTP_encr_key, SRTP_auth_key, SRTCP_encr_key, and SRTCP_auth key.
+
+ (For simplicity, we omit discussion of the salts, which are also
+ derived.) In this scenario, it will in most cases suffice to have a
+ single master key with the default lifetime. This guarantees
+ sufficiently long lifetime of the keys and a minimum set of keys in
+ place for most practical purposes. Also, in this case RTCP
+ protection can be applied smoothly. Under these assumptions, use of
+ the MKI can be omitted. As the key-derivation in combination with
+ large difference in the packet rate in the respective directions may
+ require simultaneous storage of several session keys, if storage is
+ an issue, we recommended to use low-rate key derivation.
+
+ The same considerations can be extended to the unicast scenario with
+ multiple RTP sessions, where each session would have a distinct
+ master key.
+
+11.2. Multicast (one sender)
+
+ Just as with (unprotected) RTP, a scalability issue arises in big
+ groups due to the possibly very large amount of SRTCP Receiver
+ Reports that the sender might need to process. In SRTP, the sender
+ may have to keep state (the cryptographic context) for each receiver,
+ or more precisely, for the SRTCP used to protect Receiver Reports.
+ The overhead increases proportionally to the size of the group. In
+ particular, re-keying requires special concern, see below.
+
+ Consider first a small group of receivers. There are a few possible
+ setups with the distribution of master keys among the receivers.
+ Given a single RTP session, one possibility is that the receivers
+ share the same master key as per Section 9.1 to secure all their
+ respective RTCP traffic. This shared master key could then be the
+ same one used by the sender to protect its outbound SRTP traffic.
+ Alternatively, it could be a master key shared only among the
+ receivers and used solely for their SRTCP traffic. Both alternatives
+ require the receivers to trust each other.
+
+ Considering SRTCP and key storage, it is recommended to use low-rate
+ (or zero) key_derivation (except the mandatory initial one), so that
+ the sender does not need to store too many session keys (each SRTCP
+ stream might otherwise have a different session key at a given point
+
+
+
+Baugher, et al. Standards Track [Page 44]
+
+RFC 3711 SRTP March 2004
+
+
+ in time, as the SRTCP sources send at different times). Thus, in
+ case key derivation is wanted for SRTP, the cryptographic context for
+ SRTP can be kept separate from the SRTCP crypto context, so that it
+ is possible to have a key_derivation_rate of 0 for SRTCP and a non-
+ zero value for SRTP.
+
+ Use of the MKI for re-keying is RECOMMENDED for most applications
+ (see Section 8.1).
+
+ If there are more than one SRTP/SRTCP stream (within the same RTP
+ session) that share the master key, the upper limit of 2^48 SRTP
+ packets / 2^31 SRTCP packets means that, before one of the streams
+ reaches its maximum number of packets, re-keying MUST be triggered on
+ ALL streams sharing the master key. (From strict security point of
+ view, only the stream reaching the maximum would need to be re-keyed,
+ but then the streams would no longer be sharing master key, which is
+ the intention.) A local policy at the sender side should force
+ rekeying in a way that the maximum packet limit is not reached on any
+ of the streams. Use of the MKI for re-keying is RECOMMENDED.
+
+ In large multicast with one sender, the same considerations as for
+ the small group multicast hold. The biggest issue in this scenario
+ is the additional load placed at the sender side, due to the state
+ (cryptographic contexts) that has to be maintained for each receiver,
+ sending back RTCP Receiver Reports. At minimum, a replay window
+ might need to be maintained for each RTCP source.
+
+11.3. Re-keying and access control
+
+ Re-keying may occur due to access control (e.g., when a member is
+ removed during a multicast RTP session), or for pure cryptographic
+ reasons (e.g., the key is at the end of its lifetime). When using
+ SRTP default transforms, the master key MUST be replaced before any
+ of the index spaces are exhausted for any of the streams protected by
+ one and the same master key.
+
+ How key management re-keys SRTP implementations is out of scope, but
+ it is clear that there are straightforward ways to manage keys for a
+ multicast group. In one-sender multicast, for example, it is
+ typically the responsibility of the sender to determine when a new
+ key is needed. The sender is the one entity that can keep track of
+ when the maximum number of packets has been sent, as receivers may
+ join and leave the session at any time, there may be packet loss and
+ delay etc. In scenarios other than one-sender multicast, other
+ methods can be used. Here, one must take into consideration that key
+ exchange can be a costly operation, taking several seconds for a
+ single exchange. Hence, some time before the master key is
+ exhausted/expires, out-of-band key management is initiated, resulting
+
+
+
+Baugher, et al. Standards Track [Page 45]
+
+RFC 3711 SRTP March 2004
+
+
+ in a new master key that is shared with the receiver(s). In any
+ event, to maintain synchronization when switching to the new key,
+ group policy might choose between using the MKI and the <From, To>,
+ as described in Section 8.1.
+
+ For access control purposes, the <From, To> periods are set at the
+ desired granularity, dependent on the packet rate. High rate re-
+ keying can be problematic for SRTCP in some large-group scenarios.
+ As mentioned, there are potential problems in using the SRTP index,
+ rather than the SRTCP index, for determining the master key. In
+ particular, for short periods during switching of master keys, it may
+ be the case that SRTCP packets are not under the current master key
+ of the correspondent SRTP. Therefore, using the MKI for re-keying in
+ such scenarios will produce better results.
+
+11.4. Summary of basic scenarios
+
+ The description of these scenarios highlights some recommendations on
+ the use of SRTP, mainly related to re-keying and large scale
+ multicast:
+
+ - Do not use fast re-keying with the <From, To> feature. It may, in
+ particular, give problems in retrieving the correct SRTCP key, if
+ an SRTCP packet arrives close to the re-keying time. The MKI
+ SHOULD be used in this case.
+
+ - If multiple SRTP streams in the same RTP session share the same
+ master key, also moderate rate re-keying MAY have the same
+ problems, and the MKI SHOULD be used.
+
+ - Though offering increased security, a non-zero key_derivation_rate
+ is NOT RECOMMENDED when trying to minimize the number of keys in
+ use with multiple streams.
+
+12. IANA Considerations
+
+ The RTP specification establishes a registry of profile names for use
+ by higher-level control protocols, such as the Session Description
+ Protocol (SDP), to refer to transport methods. This profile
+ registers the name "RTP/SAVP".
+
+ SRTP uses cryptographic transforms which a key management protocol
+ signals. It is the task of each particular key management protocol
+ to register the cryptographic transforms or suites of transforms with
+ IANA. The key management protocol conveys these protocol numbers,
+ not SRTP, and each key management protocol chooses the numbering
+ scheme and syntax that it requires.
+
+
+
+
+Baugher, et al. Standards Track [Page 46]
+
+RFC 3711 SRTP March 2004
+
+
+ Specification of a key management protocol for SRTP is out of scope
+ here. Section 8.2, however, provides guidance on the parameters that
+ need to be defined for the default and mandatory transforms.
+
+13. Acknowledgements
+
+ David Oran (Cisco) and Rolf Blom (Ericsson) are co-authors of this
+ document but their valuable contributions are acknowledged here to
+ keep the length of the author list down.
+
+ The authors would in addition like to thank Magnus Westerlund, Brian
+ Weis, Ghyslain Pelletier, Morgan Lindqvist, Robert Fairlie-
+ Cuninghame, Adrian Perrig, the AVT WG and in particular the chairmen
+ Colin Perkins and Stephen Casner, the Transport and Security Area
+ Directors, and Eric Rescorla for their reviews and support.
+
+14. References
+
+14.1. Normative References
+
+ [AES] NIST, "Advanced Encryption Standard (AES)", FIPS PUB 197,
+ http://www.nist.gov/aes/
+
+ [RFC2104] Krawczyk, H., Bellare, M. and R. Canetti, "HMAC: Keyed-
+ Hashing for Message Authentication", RFC 2104, February
+ 1997.
+
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", BCP 14, RFC 2119, March 1997.
+
+ [RFC2401] Kent, S. and R. Atkinson, "Security Architecture for
+ Internet Protocol", RFC 2401, November 1998.
+
+ [RFC2828] Shirey, R., "Internet Security Glossary", FYI 36, RFC 2828,
+ May 2000.
+
+ [RFC3550] Schulzrinne, H., Casner, S., Frederick, R. and V. Jacobson,
+ "RTP: A Transport Protocol for Real-time Applications", RFC
+ 3550, July 2003.
+
+ [RFC3551] Schulzrinne, H. and S. Casner, "RTP Profile for Audio and
+ Video Conferences with Minimal Control", RFC 3551, July
+ 2003.
+
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 47]
+
+RFC 3711 SRTP March 2004
+
+
+14.2. Informative References
+
+ [AES-CTR] Lipmaa, H., Rogaway, P. and D. Wagner, "CTR-Mode
+ Encryption", NIST, http://csrc.nist.gov/encryption/modes/
+ workshop1/papers/lipmaa-ctr.pdf
+
+ [B96] Bellovin, S., "Problem Areas for the IP Security
+ Protocols," in Proceedings of the Sixth Usenix Unix
+ Security Symposium, pp. 1-16, San Jose, CA, July 1996
+ (http://www.research.att.com/~smb/papers/index.html).
+
+ [BDJR] Bellare, M., Desai, A., Jokipii, E. and P. Rogaway, "A
+ Concrete Treatment of Symmetric Encryption: Analysis of DES
+ Modes of Operation", Proceedings 38th IEEE FOCS, pp. 394-
+ 403, 1997.
+
+ [BS00] Biryukov, A. and A. Shamir, "Cryptanalytic Time/Memory/Data
+ Tradeoffs for Stream Ciphers", Proceedings, ASIACRYPT 2000,
+ LNCS 1976, pp. 1-13, Springer Verlag.
+
+ [C99] Crowell, W. P., "Introduction to the VENONA Project",
+ http://www.nsa.gov:8080/docs/venona/index.html.
+
+ [CTR] Dworkin, M., NIST Special Publication 800-38A,
+ "Recommendation for Block Cipher Modes of Operation:
+ Methods and Techniques", 2001.
+ http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-
+ 38a.pdf.
+
+ [f8-a] 3GPP TS 35.201 V4.1.0 (2001-12) Technical Specification 3rd
+ Generation Partnership Project; Technical Specification
+ Group Services and System Aspects; 3G Security;
+ Specification of the 3GPP Confidentiality and Integrity
+ Algorithms; Document 1: f8 and f9 Specification (Release
+ 4).
+
+ [f8-b] 3GPP TR 33.908 V4.0.0 (2001-09) Technical Report 3rd
+ Generation Partnership Project; Technical Specification
+ Group Services and System Aspects; 3G Security; General
+ Report on the Design, Specification and Evaluation of 3GPP
+ Standard Confidentiality and Integrity Algorithms (Release
+ 4).
+
+ [GDOI] Baugher, M., Weis, B., Hardjono, T. and H. Harney, "The
+ Group Domain of Interpretation, RFC 3547, July 2003.
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 48]
+
+RFC 3711 SRTP March 2004
+
+
+ [HAC] Menezes, A., Van Oorschot, P. and S. Vanstone, "Handbook
+ of Applied Cryptography", CRC Press, 1997, ISBN 0-8493-
+ 8523-7.
+
+ [H80] Hellman, M. E., "A cryptanalytic time-memory trade-off",
+ IEEE Transactions on Information Theory, July 1980, pp.
+ 401-406.
+
+ [IK] T. Iwata and T. Kohno: "New Security Proofs for the 3GPP
+ Confidentiality and Integrity Algorithms", Proceedings of
+ FSE 2004.
+
+ [KINK] Thomas, M. and J. Vilhuber, "Kerberized Internet
+ Negotiation of Keys (KINK)", Work in Progress.
+
+ [KEYMGT] Arrko, J., et al., "Key Management Extensions for Session
+ Description Protocol (SDP) and Real Time Streaming Protocol
+ (RTSP)", Work in Progress.
+
+ [KSYH] Kang, J-S., Shin, S-U., Hong, D. and O. Yi, "Provable
+ Security of KASUMI and 3GPP Encryption Mode f8",
+ Proceedings Asiacrypt 2001, Springer Verlag LNCS 2248, pp.
+ 255-271, 2001.
+
+ [MIKEY] Arrko, J., et. al., "MIKEY: Multimedia Internet KEYing",
+ Work in Progress.
+
+ [MF00] McGrew, D. and S. Fluhrer, "Attacks on Encryption of
+ Redundant Plaintext and Implications on Internet Security",
+ the Proceedings of the Seventh Annual Workshop on Selected
+ Areas in Cryptography (SAC 2000), Springer-Verlag.
+
+ [PCST1] Perrig, A., Canetti, R., Tygar, D. and D. Song, "Efficient
+ and Secure Source Authentication for Multicast", in Proc.
+ of Network and Distributed System Security Symposium NDSS
+ 2001, pp. 35-46, 2001.
+
+ [PCST2] Perrig, A., Canetti, R., Tygar, D. and D. Song, "Efficient
+ Authentication and Signing of Multicast Streams over Lossy
+ Channels", in Proc. of IEEE Security and Privacy Symposium
+ S&P2000, pp. 56-73, 2000.
+
+ [RFC1750] Eastlake, D., Crocker, S. and J. Schiller, "Randomness
+ Recommendations for Security", RFC 1750, December 1994.
+
+ [RFC2675] Borman, D., Deering, S. and R. Hinden, "IPv6 Jumbograms",
+ RFC 2675, August 1999.
+
+
+
+
+Baugher, et al. Standards Track [Page 49]
+
+RFC 3711 SRTP March 2004
+
+
+ [RFC3095] Bormann, C., Burmeister, C., Degermark, M., Fukuhsima, H.,
+ Hannu, H., Jonsson, L-E., Hakenberg, R., Koren, T., Le, K.,
+ Liu, Z., Martensson, A., Miyazaki, A., Svanbro, K., Wiebke,
+ T., Yoshimura, T. and H. Zheng, "RObust Header Compression:
+ Framework and Four Profiles: RTP, UDP, ESP, and
+ uncompressed (ROHC)", RFC 3095, July 2001.
+
+ [RFC3242] Jonsson, L-E. and G. Pelletier, "RObust Header Compression
+ (ROHC): A Link-Layer Assisted Profile for IP/UDP/RTP ", RFC
+ 3242, April 2002.
+
+ [SDMS] Andreasen, F., Baugher, M. and D. Wing, "Session
+ Description Protocol Security Descriptions for Media
+ Streams", Work in Progress.
+
+ [SWO] Svanbro, K., Wiorek, J. and B. Olin, "Voice-over-IP-over-
+ wireless", Proc. PIMRC 2000, London, Sept. 2000.
+
+ [V02] Vaudenay, S., "Security Flaws Induced by CBC Padding -
+ Application to SSL, IPsec, WTLS...", Advances in
+ Cryptology, EUROCRYPT'02, LNCS 2332, pp. 534-545.
+
+ [WC81] Wegman, M. N., and J.L. Carter, "New Hash Functions and
+ Their Use in Authentication and Set Equality", JCSS 22,
+ 265-279, 1981.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 50]
+
+RFC 3711 SRTP March 2004
+
+
+Appendix A: Pseudocode for Index Determination
+
+ The following is an example of pseudo-code for the algorithm to
+ determine the index i of an SRTP packet with sequence number SEQ. In
+ the following, signed arithmetic is assumed.
+
+ if (s_l < 32,768)
+ if (SEQ - s_l > 32,768)
+ set v to (ROC-1) mod 2^32
+ else
+ set v to ROC
+ endif
+ else
+ if (s_l - 32,768 > SEQ)
+ set v to (ROC+1) mod 2^32
+ else
+ set v to ROC
+ endif
+ endif
+ return SEQ + v*65,536
+
+Appendix B: Test Vectors
+
+ All values are in hexadecimal.
+
+B.1. AES-f8 Test Vectors
+
+ SRTP PREFIX LENGTH : 0
+
+ RTP packet header : 806e5cba50681de55c621599
+
+ RTP packet payload : 70736575646f72616e646f6d6e657373
+ 20697320746865206e65787420626573
+ 74207468696e67
+
+ ROC : d462564a
+ key : 234829008467be186c3de14aae72d62c
+ salt key : 32f2870d
+ key-mask (m) : 32f2870d555555555555555555555555
+ key XOR key-mask : 11baae0dd132eb4d3968b41ffb278379
+
+ IV : 006e5cba50681de55c621599d462564a
+ IV' : 595b699bbd3bc0df26062093c1ad8f73
+
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 51]
+
+RFC 3711 SRTP March 2004
+
+
+ j = 0
+ IV' xor j : 595b699bbd3bc0df26062093c1ad8f73
+ S(-1) : 00000000000000000000000000000000
+ IV' xor S(-1) xor j : 595b699bbd3bc0df26062093c1ad8f73
+ S(0) : 71ef82d70a172660240709c7fbb19d8e
+ plaintext : 70736575646f72616e646f6d6e657373
+ ciphertext : 019ce7a26e7854014a6366aa95d4eefd
+
+ j = 1
+ IV' xor j : 595b699bbd3bc0df26062093c1ad8f72
+ S(0) : 71ef82d70a172660240709c7fbb19d8e
+ IV' xor S(0) xor j : 28b4eb4cb72ce6bf020129543a1c12fc
+ S(1) : 3abd640a60919fd43bd289a09649b5fc
+ plaintext : 20697320746865206e65787420626573
+ ciphertext : 1ad4172a14f9faf455b7f1d4b62bd08f
+
+ j = 2
+ IV' xor j : 595b699bbd3bc0df26062093c1ad8f71
+ S(1) : 3abd640a60919fd43bd289a09649b5fc
+ IV' xor S(1) xor j : 63e60d91ddaa5f0b1dd4a93357e43a8d
+ S(2) : 220c7a8715266565b09ecc8a2a62b11b
+ plaintext : 74207468696e67
+ ciphertext : 562c0eef7c4802
+
+B.2. AES-CM Test Vectors
+
+ Keystream segment length: 1044512 octets (65282 AES blocks)
+ Session Key: 2B7E151628AED2A6ABF7158809CF4F3C
+ Rollover Counter: 00000000
+ Sequence Number: 0000
+ SSRC: 00000000
+ Session Salt: F0F1F2F3F4F5F6F7F8F9FAFBFCFD0000 (already shifted)
+ Offset: F0F1F2F3F4F5F6F7F8F9FAFBFCFD0000
+
+ Counter Keystream
+
+ F0F1F2F3F4F5F6F7F8F9FAFBFCFD0000 E03EAD0935C95E80E166B16DD92B4EB4
+ F0F1F2F3F4F5F6F7F8F9FAFBFCFD0001 D23513162B02D0F72A43A2FE4A5F97AB
+ F0F1F2F3F4F5F6F7F8F9FAFBFCFD0002 41E95B3BB0A2E8DD477901E4FCA894C0
+ ... ...
+ F0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF EC8CDF7398607CB0F2D21675EA9EA1E4
+ F0F1F2F3F4F5F6F7F8F9FAFBFCFDFF00 362B7C3C6773516318A077D7FC5073AE
+ F0F1F2F3F4F5F6F7F8F9FAFBFCFDFF01 6A2CC3787889374FBEB4C81B17BA6C44
+
+ Nota Bene: this test case is contrived so that the latter part of the
+ keystream segment coincides with the test case in Section F.5.1 of
+ [CTR].
+
+
+
+
+Baugher, et al. Standards Track [Page 52]
+
+RFC 3711 SRTP March 2004
+
+
+B.3. Key Derivation Test Vectors
+
+ This section provides test data for the default key derivation
+ function, which uses AES-128 in Counter Mode. In the following, we
+ walk through the initial key derivation for the AES-128 Counter Mode
+ cipher, which requires a 16 octet session encryption key and a 14
+ octet session salt, and an authentication function which requires a
+ 94-octet session authentication key. These values are called the
+ cipher key, the cipher salt, and the auth key in the following.
+ Since this is the initial key derivation and the key derivation rate
+ is equal to zero, the value of (index DIV key_derivation_rate) is
+ zero (actually, a six-octet string of zeros). In the following, we
+ shorten key_derivation_rate to kdr.
+
+ The inputs to the key derivation function are the 16 octet master key
+ and the 14 octet master salt:
+
+ master key: E1F97A0D3E018BE0D64FA32C06DE4139
+ master salt: 0EC675AD498AFEEBB6960B3AABE6
+
+ We first show how the cipher key is generated. The input block for
+ AES-CM is generated by exclusive-oring the master salt with the
+ concatenation of the encryption key label 0x00 with (index DIV kdr),
+ then padding on the right with two null octets (which implements the
+ multiply-by-2^16 operation, see Section 4.3.3). The resulting value
+ is then AES-CM- encrypted using the master key to get the cipher key.
+
+ index DIV kdr: 000000000000
+ label: 00
+ master salt: 0EC675AD498AFEEBB6960B3AABE6
+ -----------------------------------------------
+ xor: 0EC675AD498AFEEBB6960B3AABE6 (x, PRF input)
+
+ x*2^16: 0EC675AD498AFEEBB6960B3AABE60000 (AES-CM input)
+
+ cipher key: C61E7A93744F39EE10734AFE3FF7A087 (AES-CM output)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 53]
+
+RFC 3711 SRTP March 2004
+
+
+ Next, we show how the cipher salt is generated. The input block for
+ AES-CM is generated by exclusive-oring the master salt with the
+ concatenation of the encryption salt label. That value is padded and
+ encrypted as above.
+
+ index DIV kdr: 000000000000
+ label: 02
+ master salt: 0EC675AD498AFEEBB6960B3AABE6
+
+ ----------------------------------------------
+ xor: 0EC675AD498AFEE9B6960B3AABE6 (x, PRF input)
+
+ x*2^16: 0EC675AD498AFEE9B6960B3AABE60000 (AES-CM input)
+
+ 30CBBC08863D8C85D49DB34A9AE17AC6 (AES-CM ouptut)
+
+ cipher salt: 30CBBC08863D8C85D49DB34A9AE1
+
+ We now show how the auth key is generated. The input block for AES-
+ CM is generated as above, but using the authentication key label.
+
+ index DIV kdr: 000000000000
+ label: 01
+ master salt: 0EC675AD498AFEEBB6960B3AABE6
+ -----------------------------------------------
+ xor: 0EC675AD498AFEEAB6960B3AABE6 (x, PRF input)
+
+ x*2^16: 0EC675AD498AFEEAB6960B3AABE60000 (AES-CM input)
+
+ Below, the auth key is shown on the left, while the corresponding AES
+ input blocks are shown on the right.
+
+ auth key AES input blocks
+ CEBE321F6FF7716B6FD4AB49AF256A15 0EC675AD498AFEEAB6960B3AABE60000
+ 6D38BAA48F0A0ACF3C34E2359E6CDBCE 0EC675AD498AFEEAB6960B3AABE60001
+ E049646C43D9327AD175578EF7227098 0EC675AD498AFEEAB6960B3AABE60002
+ 6371C10C9A369AC2F94A8C5FBCDDDC25 0EC675AD498AFEEAB6960B3AABE60003
+ 6D6E919A48B610EF17C2041E47403576 0EC675AD498AFEEAB6960B3AABE60004
+ 6B68642C59BBFC2F34DB60DBDFB2 0EC675AD498AFEEAB6960B3AABE60005
+
+
+
+
+
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 54]
+
+RFC 3711 SRTP March 2004
+
+
+Authors' Addresses
+
+ Questions and comments should be directed to the authors and
+ avt@ietf.org:
+
+ Mark Baugher
+ Cisco Systems, Inc.
+ 5510 SW Orchid Street
+ Portland, OR 97219 USA
+
+ Phone: +1 408-853-4418
+ EMail: mbaugher@cisco.com
+
+
+ Elisabetta Carrara
+ Ericsson Research
+ SE-16480 Stockholm
+ Sweden
+
+ Phone: +46 8 50877040
+ EMail: elisabetta.carrara@ericsson.com
+
+
+ David A. McGrew
+ Cisco Systems, Inc.
+ San Jose, CA 95134-1706
+ USA
+
+ Phone: +1 301-349-5815
+ EMail: mcgrew@cisco.com
+
+
+ Mats Naslund
+ Ericsson Research
+ SE-16480 Stockholm
+ Sweden
+
+ Phone: +46 8 58533739
+ EMail: mats.naslund@ericsson.com
+
+
+ Karl Norrman
+ Ericsson Research
+ SE-16480 Stockholm
+ Sweden
+
+ Phone: +46 8 4044502
+ EMail: karl.norrman@ericsson.com
+
+
+
+Baugher, et al. Standards Track [Page 55]
+
+RFC 3711 SRTP March 2004
+
+
+Full Copyright Statement
+
+ Copyright (C) The Internet Society (2004). This document is subject
+ to the rights, licenses and restrictions contained in BCP 78 and
+ except as set forth therein, the authors retain all their rights.
+
+ This document and the information contained herein are provided on an
+ "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
+ OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
+ ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
+ INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
+ INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
+ WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+
+Intellectual Property
+
+ The IETF takes no position regarding the validity or scope of any
+ Intellectual Property Rights or other rights that might be claimed to
+ pertain to the implementation or use of the technology described in
+ this document or the extent to which any license under such rights
+ might or might not be available; nor does it represent that it has
+ made any independent effort to identify any such rights. Information
+ on the procedures with respect to rights in RFC documents can be
+ found in BCP 78 and BCP 79.
+
+ Copies of IPR disclosures made to the IETF Secretariat and any
+ assurances of licenses to be made available, or the result of an
+ attempt made to obtain a general license or permission for the use of
+ such proprietary rights by implementers or users of this
+ specification can be obtained from the IETF on-line IPR repository at
+ http://www.ietf.org/ipr.
+
+ The IETF invites any interested party to bring to its attention any
+ copyrights, patents or patent applications, or other proprietary
+ rights that may cover technology that may be required to implement
+ this standard. Please address the information to the IETF at ietf-
+ ipr@ietf.org.
+
+Acknowledgement
+
+ Funding for the RFC Editor function is currently provided by the
+ Internet Society.
+
+
+
+
+
+
+
+
+
+Baugher, et al. Standards Track [Page 56]
+
diff --git a/srtp/include/CVS/Entries b/srtp/include/CVS/Entries
new file mode 100644
index 0000000..980eb60
--- /dev/null
+++ b/srtp/include/CVS/Entries
@@ -0,0 +1,7 @@
+/getopt_s.h/1.1/Mon Jul 17 20:41:21 2006//
+/rtp.h/1.6/Thu Jul 13 19:04:53 2006//
+/rtp_priv.h/1.1/Mon Jul 17 14:47:33 2006//
+/srtp.h/1.16/Wed Jul 12 22:22:10 2006//
+/srtp_priv.h/1.1/Wed Jul 12 00:50:56 2006//
+/ut_sim.h/1.4/Thu Jun 8 17:00:29 2006//
+D
diff --git a/srtp/include/CVS/Repository b/srtp/include/CVS/Repository
new file mode 100644
index 0000000..29fe7cd
--- /dev/null
+++ b/srtp/include/CVS/Repository
@@ -0,0 +1 @@
+srtp/include
diff --git a/srtp/include/CVS/Root b/srtp/include/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/include/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/include/getopt_s.h b/srtp/include/getopt_s.h
new file mode 100644
index 0000000..2a6ece3
--- /dev/null
+++ b/srtp/include/getopt_s.h
@@ -0,0 +1,60 @@
+/*
+ * getopt.h
+ *
+ * interface to a minimal implementation of the getopt() function,
+ * written so that test applications that use that function can run on
+ * non-POSIX platforms
+ *
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef GETOPT_S_H
+#define GETOPT_S_H
+
+/*
+ * getopt_s(), optarg_s, and optind_s are small, locally defined
+ * versions of the POSIX standard getopt() interface.
+ */
+
+int
+getopt_s(int argc, char * const argv[], const char *optstring);
+
+extern char *optarg_s; /* defined in getopt.c */
+
+extern int optind_s; /* defined in getopt.c */
+
+#endif /* GETOPT_S_H */
diff --git a/srtp/include/rtp.h b/srtp/include/rtp.h
new file mode 100644
index 0000000..94279f5
--- /dev/null
+++ b/srtp/include/rtp.h
@@ -0,0 +1,127 @@
+/*
+ * rtp.h
+ *
+ * rtp interface for srtp reference implementation
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ * data types:
+ *
+ * rtp_msg_t an rtp message (the data that goes on the wire)
+ * rtp_sender_t sender side socket and rtp info
+ * rtp_receiver_t receiver side socket and rtp info
+ *
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef RTP_H
+#define RTP_H
+
+#ifdef HAVE_NETINET_IN_H
+# include <netinet/in.h>
+#elif defined HAVE_WINSOCK2_H
+# include <winsock2.h>
+#endif
+
+#include "srtp.h"
+
+typedef struct rtp_sender_ctx_t *rtp_sender_t;
+
+typedef struct rtp_receiver_ctx_t *rtp_receiver_t;
+
+unsigned int
+rtp_sendto(rtp_sender_t sender, const void* msg, int len);
+
+unsigned int
+rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len);
+
+int
+rtp_receiver_init(rtp_receiver_t rcvr, int socket,
+ struct sockaddr_in addr, unsigned int ssrc);
+
+int
+rtp_sender_init(rtp_sender_t sender, int socket,
+ struct sockaddr_in addr, unsigned int ssrc);
+
+/*
+ * srtp_sender_init(...) initializes an rtp_sender_t
+ */
+
+int
+srtp_sender_init(rtp_sender_t rtp_ctx, /* structure to be init'ed */
+ struct sockaddr_in name, /* socket name */
+ sec_serv_t security_services, /* sec. servs. to be used */
+ unsigned char *input_key /* master key/salt in hex */
+ );
+
+int
+srtp_receiver_init(rtp_receiver_t rtp_ctx, /* structure to be init'ed */
+ struct sockaddr_in name, /* socket name */
+ sec_serv_t security_services, /* sec. servs. to be used */
+ unsigned char *input_key /* master key/salt in hex */
+ );
+
+
+int
+rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy);
+
+int
+rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy);
+
+
+rtp_sender_t
+rtp_sender_alloc();
+
+rtp_receiver_t
+rtp_receiver_alloc();
+
+
+/*
+ * RTP_HEADER_LEN indicates the size of an RTP header
+ */
+#define RTP_HEADER_LEN 12
+
+/*
+ * RTP_MAX_BUF_LEN defines the largest RTP packet in the rtp.c implementation
+ */
+#define RTP_MAX_BUF_LEN 16384
+
+
+#endif /* RTP_H */
diff --git a/srtp/include/rtp_priv.h b/srtp/include/rtp_priv.h
new file mode 100644
index 0000000..1421386
--- /dev/null
+++ b/srtp/include/rtp_priv.h
@@ -0,0 +1,74 @@
+/*
+ * rtp_priv.h
+ *
+ * private, internal header file for RTP
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef RTP_PRIV_H
+#define RTP_PRIV_H
+
+#include "srtp_priv.h"
+#include "rtp.h"
+
+typedef srtp_hdr_t rtp_hdr_t;
+
+typedef struct {
+ srtp_hdr_t header;
+ char body[RTP_MAX_BUF_LEN];
+} rtp_msg_t;
+
+typedef struct rtp_sender_ctx_t {
+ rtp_msg_t message;
+ int socket;
+ srtp_ctx_t *srtp_ctx;
+ struct sockaddr_in addr; /* reciever's address */
+} rtp_sender_ctx_t;
+
+typedef struct rtp_receiver_ctx_t {
+ rtp_msg_t message;
+ int socket;
+ srtp_ctx_t *srtp_ctx;
+ struct sockaddr_in addr; /* receiver's address */
+} rtp_receiver_ctx_t;
+
+
+#endif /* RTP_PRIV_H */
diff --git a/srtp/include/srtp.h b/srtp/include/srtp.h
new file mode 100644
index 0000000..bb9387f
--- /dev/null
+++ b/srtp/include/srtp.h
@@ -0,0 +1,919 @@
+/*
+ * srtp.h
+ *
+ * interface to libsrtp
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef SRTP_H
+#define SRTP_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifdef _MSC_VER
+#pragma pack(4)
+#endif
+
+#include "crypto_kernel.h"
+
+/**
+ * @defgroup SRTP Secure RTP
+ *
+ * @brief libSRTP provides functions for protecting RTP and RTCP. See
+ * Section @ref Overview for an introduction to the use of the library.
+ *
+ * @{
+ */
+
+/*
+ * SRTP_MASTER_KEY_LEN is the nominal master key length supported by libSRTP
+ */
+
+#define SRTP_MASTER_KEY_LEN 30
+
+/*
+ * SRTP_MAX_KEY_LEN is the maximum key length supported by libSRTP
+ */
+#define SRTP_MAX_KEY_LEN 64
+
+/*
+ * SRTP_MAX_TAG_LEN is the maximum tag length supported by libSRTP
+ */
+
+#define SRTP_MAX_TAG_LEN 12
+
+/**
+ * SRTP_MAX_TRAILER_LEN is the maximum length of the SRTP trailer
+ * (authentication tag and MKI) supported by libSRTP. This value is
+ * the maximum number of octets that will be added to an RTP packet by
+ * srtp_protect().
+ *
+ * @brief the maximum number of octets added by srtp_protect().
+ */
+#define SRTP_MAX_TRAILER_LEN SRTP_MAX_TAG_LEN
+
+/*
+ * nota bene: since libSRTP doesn't support the use of the MKI, the
+ * SRTP_MAX_TRAILER_LEN value is just the maximum tag length
+ */
+
+/**
+ * @brief sec_serv_t describes a set of security services.
+ *
+ * A sec_serv_t enumeration is used to describe the particular
+ * security services that will be applied by a particular crypto
+ * policy (or other mechanism).
+ */
+
+typedef enum {
+ sec_serv_none = 0, /**< no services */
+ sec_serv_conf = 1, /**< confidentiality */
+ sec_serv_auth = 2, /**< authentication */
+ sec_serv_conf_and_auth = 3 /**< confidentiality and authentication */
+} sec_serv_t;
+
+/**
+ * @brief crypto_policy_t describes a particular crypto policy that
+ * can be applied to an SRTP stream.
+ *
+ * A crypto_policy_t describes a particular cryptographic policy that
+ * can be applied to an SRTP or SRTCP stream. An SRTP session policy
+ * consists of a list of these policies, one for each SRTP stream
+ * in the session.
+ */
+
+typedef struct crypto_policy_t {
+ cipher_type_id_t cipher_type; /**< An integer representing
+ * the type of cipher. */
+ int cipher_key_len; /**< The length of the cipher key
+ * in octets. */
+ auth_type_id_t auth_type; /**< An integer representing the
+ * authentication function. */
+ int auth_key_len; /**< The length of the authentication
+ * function key in octets. */
+ int auth_tag_len; /**< The length of the authentication
+ * tag in octets. */
+ sec_serv_t sec_serv; /**< The flag indicating the security
+ * services to be applied. */
+} crypto_policy_t;
+
+
+/**
+ * @brief ssrc_type_t describes the type of an SSRC.
+ *
+ * An ssrc_type_t enumeration is used to indicate a type of SSRC. See
+ * @ref srtp_policy_t for more informataion.
+ */
+
+typedef enum {
+ ssrc_undefined = 0, /**< Indicates an undefined SSRC type. */
+ ssrc_specific = 1, /**< Indicates a specific SSRC value */
+ ssrc_any_inbound = 2, /**< Indicates any inbound SSRC value
+ (i.e. a value that is used in the
+ function srtp_unprotect()) */
+ ssrc_any_outbound = 3 /**< Indicates any outbound SSRC value
+ (i.e. a value that is used in the
+ function srtp_protect()) */
+} ssrc_type_t;
+
+/**
+ * @brief An ssrc_t represents a particular SSRC value, or a `wildcard' SSRC.
+ *
+ * An ssrc_t represents a particular SSRC value (if its type is
+ * ssrc_specific), or a wildcard SSRC value that will match all
+ * outbound SSRCs (if its type is ssrc_any_outbound) or all inbound
+ * SSRCs (if its type is ssrc_any_inbound).
+ *
+ */
+
+typedef struct {
+ ssrc_type_t type; /**< The type of this particular SSRC */
+ unsigned int value; /**< The value of this SSRC, if it is not a wildcard */
+} ssrc_t;
+
+
+/**
+ * @brief represents the policy for an SRTP session.
+ *
+ * A single srtp_policy_t struct represents the policy for a single
+ * SRTP stream, and a linked list of these elements represents the
+ * policy for an entire SRTP session. Each element contains the SRTP
+ * and SRTCP crypto policies for that stream, a pointer to the SRTP
+ * master key for that stream, the SSRC describing that stream, or a
+ * flag indicating a `wildcard' SSRC value, and a `next' field that
+ * holds a pointer to the next element in the list of policy elements,
+ * or NULL if it is the last element.
+ *
+ * The wildcard value SSRC_ANY_INBOUND matches any SSRC from an
+ * inbound stream that for which there is no explicit SSRC entry in
+ * another policy element. Similarly, the value SSRC_ANY_OUTBOUND
+ * will matches any SSRC from an outbound stream that does not appear
+ * in another policy element. Note that wildcard SSRCs &b cannot be
+ * used to match both inbound and outbound traffic. This restriction
+ * is intentional, and it allows libSRTP to ensure that no security
+ * lapses result from accidental re-use of SSRC values during key
+ * sharing.
+ *
+ *
+ * @warning The final element of the list @b must have its `next' pointer
+ * set to NULL.
+ */
+
+typedef struct srtp_policy_t {
+ ssrc_t ssrc; /**< The SSRC value of stream, or the
+ * flags SSRC_ANY_INBOUND or
+ * SSRC_ANY_OUTBOUND if key sharing
+ * is used for this policy element.
+ */
+ crypto_policy_t rtp; /**< SRTP crypto policy. */
+ crypto_policy_t rtcp; /**< SRTCP crypto policy. */
+ unsigned char *key; /**< Pointer to the SRTP master key for
+ * this stream. */
+ struct srtp_policy_t *next; /**< Pointer to next stream policy. */
+} srtp_policy_t;
+
+
+
+
+/**
+ * @brief An srtp_t points to an SRTP session structure.
+ *
+ * The typedef srtp_t is a pointer to a structure that represents
+ * an SRTP session. This datatype is intentially opaque in
+ * order to separate the interface from the implementation.
+ *
+ * An SRTP session consists of all of the traffic sent to the RTP and
+ * RTCP destination transport addresses, using the RTP/SAVP (Secure
+ * Audio/Video Profile). A session can be viewed as a set of SRTP
+ * streams, each of which originates with a different participant.
+ */
+
+typedef struct srtp_ctx_t *srtp_t;
+
+
+/**
+ * @brief An srtp_stream_t points to an SRTP stream structure.
+ *
+ * The typedef srtp_stream_t is a pointer to a structure that
+ * represents an SRTP stream. This datatype is intentionally
+ * opaque in order to separate the interface from the implementation.
+ *
+ * An SRTP stream consists of all of the traffic sent to an SRTP
+ * session by a single participant. A session can be viewed as
+ * a set of streams.
+ *
+ */
+typedef struct srtp_stream_ctx_t *srtp_stream_t;
+
+
+
+/**
+ * @brief srtp_init() initializes the srtp library.
+ *
+ * @warning This function @b must be called before any other srtp
+ * functions.
+ */
+
+err_status_t
+srtp_init(void);
+
+/**
+ * @brief srtp_protect() is the Secure RTP sender-side packet processing
+ * function.
+ *
+ * The function call srtp_protect(ctx, rtp_hdr, len_ptr) applies SRTP
+ * protection to the RTP packet rtp_hdr (which has length *len_ptr) using
+ * the SRTP context ctx. If err_status_ok is returned, then rtp_hdr
+ * points to the resulting SRTP packet and *len_ptr is the number of
+ * octets in that packet; otherwise, no assumptions should be made
+ * about the value of either data elements.
+ *
+ * The sequence numbers of the RTP packets presented to this function
+ * need not be consecutive, but they @b must be out of order by less
+ * than 2^15 = 32,768 packets.
+ *
+ * @warning This function assumes that it can write the authentication
+ * tag into the location in memory immediately following the RTP
+ * packet, and assumes that the RTP packet is aligned on a 32-bit
+ * boundary.
+ *
+ * @param ctx is the SRTP context to use in processing the packet.
+ *
+ * @param rtp_hdr is a pointer to the RTP packet (before the call); after
+ * the function returns, it points to the srtp packet.
+ *
+ * @param len_ptr is a pointer to the length in octets of the complete
+ * RTP packet (header and body) before the function call, and of the
+ * complete SRTP packet after the call, if err_status_ok was returned.
+ * Otherwise, the value of the data to which it points is undefined.
+ *
+ * @return
+ * - err_status_ok no problems
+ * - err_status_replay_fail rtp sequence number was non-increasing
+ * - @e other failure in cryptographic mechanisms
+ */
+
+err_status_t
+srtp_protect(srtp_t ctx, void *rtp_hdr, int *len_ptr);
+
+/**
+ * @brief srtp_unprotect() is the Secure RTP receiver-side packet
+ * processing function.
+ *
+ * The function call srtp_unprotect(ctx, srtp_hdr, len_ptr) verifies
+ * the Secure RTP protection of the SRTP packet pointed to by srtp_hdr
+ * (which has length *len_ptr), using the SRTP context ctx. If
+ * err_status_ok is returned, then srtp_hdr points to the resulting
+ * RTP packet and *len_ptr is the number of octets in that packet;
+ * otherwise, no assumptions should be made about the value of either
+ * data elements.
+ *
+ * The sequence numbers of the RTP packets presented to this function
+ * need not be consecutive, but they @b must be out of order by less
+ * than 2^15 = 32,768 packets.
+ *
+ * @warning This function assumes that the SRTP packet is aligned on a
+ * 32-bit boundary.
+ *
+ * @param ctx is a pointer to the srtp_t which applies to the
+ * particular packet.
+ *
+ * @param srtp_hdr is a pointer to the header of the SRTP packet
+ * (before the call). after the function returns, it points to the
+ * rtp packet if err_status_ok was returned; otherwise, the value of
+ * the data to which it points is undefined.
+ *
+ * @param len_ptr is a pointer to the length in octets of the complete
+ * srtp packet (header and body) before the function call, and of the
+ * complete rtp packet after the call, if err_status_ok was returned.
+ * Otherwise, the value of the data to which it points is undefined.
+ *
+ * @return
+ * - err_status_ok if the RTP packet is valid.
+ * - err_status_auth_fail if the SRTP packet failed the message
+ * authentication check.
+ * - err_status_replay_fail if the SRTP packet is a replay (e.g. packet has
+ * already been processed and accepted).
+ * - [other] if there has been an error in the cryptographic mechanisms.
+ *
+ */
+
+err_status_t
+srtp_unprotect(srtp_t ctx, void *srtp_hdr, int *len_ptr);
+
+
+/**
+ * @brief srtp_create() allocates and initializes an SRTP session.
+
+ * The function call srtp_create(session, policy, key) allocates and
+ * initializes an SRTP session context, applying the given policy and
+ * key.
+ *
+ * @param session is the SRTP session to which the policy is to be added.
+ *
+ * @param policy is the srtp_policy_t struct that describes the policy
+ * for the session. The struct may be a single element, or it may be
+ * the head of a list, in which case each element of the list is
+ * processed. It may also be NULL, in which case streams should be added
+ * later using srtp_add_stream(). The final element of the list @b must
+ * have its `next' field set to NULL.
+ *
+ * @return
+ * - err_status_ok if creation succeded.
+ * - err_status_alloc_fail if allocation failed.
+ * - err_status_init_fail if initialization failed.
+ */
+
+err_status_t
+srtp_create(srtp_t *session, const srtp_policy_t *policy);
+
+
+/**
+ * @brief srtp_add_stream() allocates and initializes an SRTP stream
+ * within a given SRTP session.
+ *
+ * The function call srtp_add_stream(session, policy) allocates and
+ * initializes a new SRTP stream within a given, previously created
+ * session, applying the policy given as the other argument to that
+ * stream.
+ *
+ * @return values:
+ * - err_status_ok if stream creation succeded.
+ * - err_status_alloc_fail if stream allocation failed
+ * - err_status_init_fail if stream initialization failed.
+ */
+
+err_status_t
+srtp_add_stream(srtp_t session,
+ const srtp_policy_t *policy);
+
+
+/**
+ * @brief srtp_remove_stream() deallocates an SRTP stream.
+ *
+ * The function call srtp_remove_stream(session, ssrc) removes
+ * the SRTP stream with the SSRC value ssrc from the SRTP session
+ * context given by the argument session.
+ *
+ * @param session is the SRTP session from which the stream
+ * will be removed.
+ *
+ * @param ssrc is the SSRC value of the stream to be removed.
+ *
+ * @warning Wildcard SSRC values cannot be removed from a
+ * session.
+ *
+ * @return
+ * - err_status_ok if the stream deallocation succeded.
+ * - [other] otherwise.
+ *
+ */
+
+err_status_t
+srtp_remove_stream(srtp_t session, unsigned int ssrc);
+
+/**
+ * @brief crypto_policy_set_rtp_default() sets a crypto policy
+ * structure to the SRTP default policy for RTP protection.
+ *
+ * @param p is a pointer to the policy structure to be set
+ *
+ * The function call crypto_policy_set_rtp_default(&p) sets the
+ * crypto_policy_t at location p to the SRTP default policy for RTP
+ * protection, as defined in the specification. This function is a
+ * convenience that helps to avoid dealing directly with the policy
+ * data structure. You are encouraged to initialize policy elements
+ * with this function call. Doing so may allow your code to be
+ * forward compatible with later versions of libSRTP that include more
+ * elements in the crypto_policy_t datatype.
+ *
+ * @return void.
+ *
+ */
+
+void
+crypto_policy_set_rtp_default(crypto_policy_t *p);
+
+/**
+ * @brief crypto_policy_set_rtcp_default() sets a crypto policy
+ * structure to the SRTP default policy for RTCP protection.
+ *
+ * @param p is a pointer to the policy structure to be set
+ *
+ * The function call crypto_policy_set_rtcp_default(&p) sets the
+ * crypto_policy_t at location p to the SRTP default policy for RTCP
+ * protection, as defined in the specification. This function is a
+ * convenience that helps to avoid dealing directly with the policy
+ * data structure. You are encouraged to initialize policy elements
+ * with this function call. Doing so may allow your code to be
+ * forward compatible with later versions of libSRTP that include more
+ * elements in the crypto_policy_t datatype.
+ *
+ * @return void.
+ *
+ */
+
+void
+crypto_policy_set_rtcp_default(crypto_policy_t *p);
+
+/**
+ * @brief crypto_policy_set_aes_cm_128_hmac_sha1_80() sets a crypto
+ * policy structure to the SRTP default policy for RTP protection.
+ *
+ * @param p is a pointer to the policy structure to be set
+ *
+ * The function crypto_policy_set_aes_cm_128_hmac_sha1_80() is a
+ * synonym for crypto_policy_set_rtp_default(). It conforms to the
+ * naming convention used in
+ * http://www.ietf.org/internet-drafts/draft-ietf-mmusic-sdescriptions-12.txt
+ *
+ * @return void.
+ *
+ */
+
+#define crypto_policy_set_aes_cm_128_hmac_sha1_80(p) crypto_policy_set_rtp_default(p)
+
+
+/**
+ * @brief crypto_policy_set_aes_cm_128_hmac_sha1_32() sets a crypto
+ * policy structure to a short-authentication tag policy
+ *
+ * @param p is a pointer to the policy structure to be set
+ *
+ * The function call crypto_policy_set_aes_cm_128_hmac_sha1_32(&p)
+ * sets the crypto_policy_t at location p to use policy
+ * AES_CM_128_HMAC_SHA1_32 as defined in
+ * draft-ietf-mmusic-sdescriptions-12.txt. This policy uses AES-128
+ * Counter Mode encryption and HMAC-SHA1 authentication, with an
+ * authentication tag that is only 32 bits long. This length is
+ * considered adequate only for protecting audio and video media that
+ * use a stateless playback function. See Section 7.5 of RFC 3711
+ * (http://www.ietf.org/rfc/rfc3711.txt).
+ *
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure. You are encouraged to initialize
+ * policy elements with this function call. Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @warning This crypto policy is intended for use in SRTP, but not in
+ * SRTCP. It is recommended that a policy that uses longer
+ * authentication tags be used for SRTCP. See Section 7.5 of RFC 3711
+ * (http://www.ietf.org/rfc/rfc3711.txt).
+ *
+ * @return void.
+ *
+ */
+
+void
+crypto_policy_set_aes_cm_128_hmac_sha1_32(crypto_policy_t *p);
+
+
+
+/**
+ * @brief crypto_policy_set_aes_cm_128_null_auth() sets a crypto
+ * policy structure to an encryption-only policy
+ *
+ * @param p is a pointer to the policy structure to be set
+ *
+ * The function call crypto_policy_set_aes_cm_128_null_auth(&p) sets
+ * the crypto_policy_t at location p to use the SRTP default cipher
+ * (AES-128 Counter Mode), but to use no authentication method. This
+ * policy is NOT RECOMMENDED unless it is unavoidable; see Section 7.5
+ * of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt).
+ *
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure. You are encouraged to initialize
+ * policy elements with this function call. Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @warning This policy is NOT RECOMMENDED for SRTP unless it is
+ * unavoidable, and it is NOT RECOMMENDED at all for SRTCP; see
+ * Section 7.5 of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt).
+ *
+ * @return void.
+ *
+ */
+
+void
+crypto_policy_set_aes_cm_128_null_auth(crypto_policy_t *p);
+
+
+/**
+ * @brief crypto_policy_set_null_cipher_hmac_sha1_80() sets a crypto
+ * policy structure to an authentication-only policy
+ *
+ * @param p is a pointer to the policy structure to be set
+ *
+ * The function call crypto_policy_set_null_cipher_hmac_sha1_80(&p)
+ * sets the crypto_policy_t at location p to use HMAC-SHA1 with an 80
+ * bit authentication tag to provide message authentication, but to
+ * use no encryption. This policy is NOT RECOMMENDED for SRTP unless
+ * there is a requirement to forego encryption.
+ *
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure. You are encouraged to initialize
+ * policy elements with this function call. Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @warning This policy is NOT RECOMMENDED for SRTP unless there is a
+ * requirement to forego encryption.
+ *
+ * @return void.
+ *
+ */
+
+void
+crypto_policy_set_null_cipher_hmac_sha1_80(crypto_policy_t *p);
+
+/**
+ * @brief srtp_dealloc() deallocates storage for an SRTP session
+ * context.
+ *
+ * The function call srtp_dealloc(s) deallocates storage for the
+ * SRTP session context s. This function should be called no more
+ * than one time for each of the contexts allocated by the function
+ * srtp_create().
+ *
+ * @param s is the srtp_t for the session to be deallocated.
+ *
+ * @return
+ * - err_status_ok if there no problems.
+ * - err_status_dealloc_fail a memory deallocation failure occured.
+ */
+
+err_status_t
+srtp_dealloc(srtp_t s);
+
+
+/*
+ * @brief identifies a particular SRTP profile
+ *
+ * An srtp_profile_t enumeration is used to identify a particular SRTP
+ * profile (that is, a set of algorithms and parameters). These
+ * profiles are defined in the DTLS-SRTP draft.
+ */
+
+typedef enum {
+ srtp_profile_reserved = 0,
+ srtp_profile_aes128_cm_sha1_80 = 1,
+ srtp_profile_aes128_cm_sha1_32 = 2,
+ srtp_profile_aes256_cm_sha1_80 = 3,
+ srtp_profile_aes256_cm_sha1_32 = 4,
+ srtp_profile_null_sha1_80 = 5,
+ srtp_profile_null_sha1_32 = 6,
+} srtp_profile_t;
+
+
+/**
+ * @brief crypto_policy_set_from_profile_for_rtp() sets a crypto policy
+ * structure to the appropriate value for RTP based on an srtp_profile_t
+ *
+ * @param p is a pointer to the policy structure to be set
+ *
+ * The function call crypto_policy_set_rtp_default(&policy, profile)
+ * sets the crypto_policy_t at location policy to the policy for RTP
+ * protection, as defined by the srtp_profile_t profile.
+ *
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure. You are encouraged to initialize
+ * policy elements with this function call. Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @return values
+ * - err_status_ok no problems were encountered
+ * - err_status_bad_param the profile is not supported
+ *
+ */
+err_status_t
+crypto_policy_set_from_profile_for_rtp(crypto_policy_t *policy,
+ srtp_profile_t profile);
+
+
+
+
+/**
+ * @brief crypto_policy_set_from_profile_for_rtcp() sets a crypto policy
+ * structure to the appropriate value for RTCP based on an srtp_profile_t
+ *
+ * @param p is a pointer to the policy structure to be set
+ *
+ * The function call crypto_policy_set_rtcp_default(&policy, profile)
+ * sets the crypto_policy_t at location policy to the policy for RTCP
+ * protection, as defined by the srtp_profile_t profile.
+ *
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure. You are encouraged to initialize
+ * policy elements with this function call. Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @return values
+ * - err_status_ok no problems were encountered
+ * - err_status_bad_param the profile is not supported
+ *
+ */
+err_status_t
+crypto_policy_set_from_profile_for_rtcp(crypto_policy_t *policy,
+ srtp_profile_t profile);
+
+/**
+ * @brief returns the master key length for a given SRTP profile
+ */
+unsigned int
+srtp_profile_get_master_key_length(srtp_profile_t profile);
+
+
+/**
+ * @brief returns the master salt length for a given SRTP profile
+ */
+unsigned int
+srtp_profile_get_master_salt_length(srtp_profile_t profile);
+
+/**
+ * @brief appends the salt to the key
+ *
+ * The function call append_salt_to_key(k, klen, s, slen)
+ * copies the string s to the location at klen bytes following
+ * the location k.
+ *
+ * @warning There must be at least bytes_in_salt + bytes_in_key bytes
+ * available at the location pointed to by key.
+ *
+ */
+
+void
+append_salt_to_key(unsigned char *key, unsigned int bytes_in_key,
+ unsigned char *salt, unsigned int bytes_in_salt);
+
+
+
+/**
+ * @}
+ */
+
+
+
+/**
+ * @defgroup SRTCP Secure RTCP
+ * @ingroup SRTP
+ *
+ * @brief Secure RTCP functions are used to protect RTCP traffic.
+ *
+ * RTCP is the control protocol for RTP. libSRTP protects RTCP
+ * traffic in much the same way as it does RTP traffic. The function
+ * srtp_protect_rtcp() applies cryptographic protections to outbound
+ * RTCP packets, and srtp_unprotect_rtcp() verifies the protections on
+ * inbound RTCP packets.
+ *
+ * A note on the naming convention: srtp_protect_rtcp() has an srtp_t
+ * as its first argument, and thus has `srtp_' as its prefix. The
+ * trailing `_rtcp' indicates the protocol on which it acts.
+ *
+ * @{
+ */
+
+/**
+ * @brief srtp_protect_rtcp() is the Secure RTCP sender-side packet
+ * processing function.
+ *
+ * The function call srtp_protect_rtcp(ctx, rtp_hdr, len_ptr) applies
+ * SRTCP protection to the RTCP packet rtcp_hdr (which has length
+ * *len_ptr) using the SRTP session context ctx. If err_status_ok is
+ * returned, then rtp_hdr points to the resulting SRTCP packet and
+ * *len_ptr is the number of octets in that packet; otherwise, no
+ * assumptions should be made about the value of either data elements.
+ *
+ * @warning This function assumes that it can write the authentication
+ * tag into the location in memory immediately following the RTCP
+ * packet, and assumes that the RTCP packet is aligned on a 32-bit
+ * boundary.
+ *
+ * @param ctx is the SRTP context to use in processing the packet.
+ *
+ * @param rtcp_hdr is a pointer to the RTCP packet (before the call); after
+ * the function returns, it points to the srtp packet.
+ *
+ * @param pkt_octet_len is a pointer to the length in octets of the
+ * complete RTCP packet (header and body) before the function call,
+ * and of the complete SRTCP packet after the call, if err_status_ok
+ * was returned. Otherwise, the value of the data to which it points
+ * is undefined.
+ *
+ * @return
+ * - err_status_ok if there were no problems.
+ * - [other] if there was a failure in
+ * the cryptographic mechanisms.
+ */
+
+
+err_status_t
+srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len);
+
+/**
+ * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet
+ * processing function.
+ *
+ * The function call srtp_unprotect_rtcp(ctx, srtp_hdr, len_ptr)
+ * verifies the Secure RTCP protection of the SRTCP packet pointed to
+ * by srtcp_hdr (which has length *len_ptr), using the SRTP session
+ * context ctx. If err_status_ok is returned, then srtcp_hdr points
+ * to the resulting RTCP packet and *len_ptr is the number of octets
+ * in that packet; otherwise, no assumptions should be made about the
+ * value of either data elements.
+ *
+ * @warning This function assumes that the SRTCP packet is aligned on a
+ * 32-bit boundary.
+ *
+ * @param ctx is a pointer to the srtp_t which applies to the
+ * particular packet.
+ *
+ * @param srtcp_hdr is a pointer to the header of the SRTCP packet
+ * (before the call). After the function returns, it points to the
+ * rtp packet if err_status_ok was returned; otherwise, the value of
+ * the data to which it points is undefined.
+ *
+ * @param pkt_octet_len is a pointer to the length in octets of the
+ * complete SRTCP packet (header and body) before the function call,
+ * and of the complete rtp packet after the call, if err_status_ok was
+ * returned. Otherwise, the value of the data to which it points is
+ * undefined.
+ *
+ * @return
+ * - err_status_ok if the RTCP packet is valid.
+ * - err_status_auth_fail if the SRTCP packet failed the message
+ * authentication check.
+ * - err_status_replay_fail if the SRTCP packet is a replay (e.g. has
+ * already been processed and accepted).
+ * - [other] if there has been an error in the cryptographic mechanisms.
+ *
+ */
+
+err_status_t
+srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len);
+
+/**
+ * @}
+ */
+
+/**
+ * @defgroup SRTPevents SRTP events and callbacks
+ * @ingroup SRTP
+ *
+ * @brief libSRTP can use a user-provided callback function to
+ * handle events.
+ *
+ *
+ * libSRTP allows a user to provide a callback function to handle
+ * events that need to be dealt with outside of the data plane (see
+ * the enum srtp_event_t for a description of these events). Dealing
+ * with these events is not a strict necessity; they are not
+ * security-critical, but the application may suffer if they are not
+ * handled. The function srtp_set_event_handler() is used to provide
+ * the callback function.
+ *
+ * A default event handler that merely reports on the events as they
+ * happen is included. It is also possible to set the event handler
+ * function to NULL, in which case all events will just be silently
+ * ignored.
+ *
+ * @{
+ */
+
+/**
+ * @brief srtp_event_t defines events that need to be handled
+ *
+ * The enum srtp_event_t defines events that need to be handled
+ * outside the `data plane', such as SSRC collisions and
+ * key expirations.
+ *
+ * When a key expires or the maximum number of packets has been
+ * reached, an SRTP stream will enter an `expired' state in which no
+ * more packets can be protected or unprotected. When this happens,
+ * it is likely that you will want to either deallocate the stream
+ * (using srtp_stream_dealloc()), and possibly allocate a new one.
+ *
+ * When an SRTP stream expires, the other streams in the same session
+ * are unaffected, unless key sharing is used by that stream. In the
+ * latter case, all of the streams in the session will expire.
+ */
+
+typedef enum {
+ event_ssrc_collision, /**<
+ * An SSRC collision occured.
+ */
+ event_key_soft_limit, /**< An SRTP stream reached the soft key
+ * usage limit and will expire soon.
+ */
+ event_key_hard_limit, /**< An SRTP stream reached the hard
+ * key usage limit and has expired.
+ */
+ event_packet_index_limit /**< An SRTP stream reached the hard
+ * packet limit (2^48 packets).
+ */
+} srtp_event_t;
+
+/**
+ * @brief srtp_event_data_t is the structure passed as a callback to
+ * the event handler function
+ *
+ * The struct srtp_event_data_t holds the data passed to the event
+ * handler function.
+ */
+
+typedef struct srtp_event_data_t {
+ srtp_t session; /**< The session in which the event happend. */
+ srtp_stream_t stream; /**< The stream in which the event happend. */
+ srtp_event_t event; /**< An enum indicating the type of event. */
+} srtp_event_data_t;
+
+/**
+ * @brief srtp_event_handler_func_t is the function prototype for
+ * the event handler.
+ *
+ * The typedef srtp_event_handler_func_t is the prototype for the
+ * event handler function. It has as its only argument an
+ * srtp_event_data_t which describes the event that needs to be handled.
+ * There can only be a single, global handler for all events in
+ * libSRTP.
+ */
+
+typedef void (srtp_event_handler_func_t)(srtp_event_data_t *data);
+
+/**
+ * @brief sets the event handler to the function supplied by the caller.
+ *
+ * The function call srtp_install_event_handler(func) sets the event
+ * handler function to the value func. The value NULL is acceptable
+ * as an argument; in this case, events will be ignored rather than
+ * handled.
+ *
+ * @param func is a pointer to a fuction that takes an srtp_event_data_t
+ * pointer as an argument and returns void. This function
+ * will be used by libSRTP to handle events.
+ */
+
+err_status_t
+srtp_install_event_handler(srtp_event_handler_func_t func);
+
+/**
+ * @}
+ */
+/* in host order, so outside the #if */
+#define SRTCP_E_BIT 0x80000000
+/* for byte-access */
+#define SRTCP_E_BYTE_BIT 0x80
+#define SRTCP_INDEX_MASK 0x7fffffff
+
+#ifdef _MSC_VER
+#pragma pack()
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* SRTP_H */
diff --git a/srtp/include/srtp_priv.h b/srtp/include/srtp_priv.h
new file mode 100644
index 0000000..de273ab
--- /dev/null
+++ b/srtp/include/srtp_priv.h
@@ -0,0 +1,245 @@
+/*
+ * srtp_priv.h
+ *
+ * private internal data structures and functions for libSRTP
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef SRTP_PRIV_H
+#define SRTP_PRIV_H
+
+#include "srtp.h"
+#include "rdbx.h"
+#include "rdb.h"
+#include "integers.h"
+
+/*
+ * an srtp_hdr_t represents the srtp header
+ *
+ * in this implementation, an srtp_hdr_t is assumed to be 32-bit aligned
+ *
+ * (note that this definition follows that of RFC 1889 Appendix A, but
+ * is not identical)
+ */
+
+#ifndef WORDS_BIGENDIAN
+
+/*
+ * srtp_hdr_t represents an RTP or SRTP header. The bit-fields in
+ * this structure should be declared "unsigned int" instead of
+ * "unsigned char", but doing so causes the MS compiler to not
+ * fully pack the bit fields.
+ */
+
+typedef struct {
+ unsigned char cc:4; /* CSRC count */
+ unsigned char x:1; /* header extension flag */
+ unsigned char p:1; /* padding flag */
+ unsigned char version:2; /* protocol version */
+ unsigned char pt:7; /* payload type */
+ unsigned char m:1; /* marker bit */
+ uint16_t seq; /* sequence number */
+ uint32_t ts; /* timestamp */
+ uint32_t ssrc; /* synchronization source */
+} srtp_hdr_t;
+
+#else /* BIG_ENDIAN */
+
+typedef struct {
+ unsigned char version:2; /* protocol version */
+ unsigned char p:1; /* padding flag */
+ unsigned char x:1; /* header extension flag */
+ unsigned char cc:4; /* CSRC count */
+ unsigned char m:1; /* marker bit */
+ unsigned pt:7; /* payload type */
+ uint16_t seq; /* sequence number */
+ uint32_t ts; /* timestamp */
+ uint32_t ssrc; /* synchronization source */
+} srtp_hdr_t;
+
+#endif
+
+typedef struct {
+ uint16_t profile_specific; /* profile-specific info */
+ uint16_t length; /* number of 32-bit words in extension */
+} srtp_hdr_xtnd_t;
+
+
+/*
+ * srtcp_hdr_t represents a secure rtcp header
+ *
+ * in this implementation, an srtcp header is assumed to be 32-bit
+ * alinged
+ */
+
+#ifndef WORDS_BIGENDIAN
+
+typedef struct {
+ unsigned char rc:5; /* reception report count */
+ unsigned char p:1; /* padding flag */
+ unsigned char version:2; /* protocol version */
+ unsigned char pt:8; /* payload type */
+ uint16_t len; /* length */
+ uint32_t ssrc; /* synchronization source */
+} srtcp_hdr_t;
+
+typedef struct {
+ unsigned int index:31; /* srtcp packet index in network order! */
+ unsigned int e:1; /* encrypted? 1=yes */
+ /* optional mikey/etc go here */
+ /* and then the variable-length auth tag */
+} srtcp_trailer_t;
+
+
+#else /* BIG_ENDIAN */
+
+typedef struct {
+ unsigned char version:2; /* protocol version */
+ unsigned char p:1; /* padding flag */
+ unsigned char rc:5; /* reception report count */
+ unsigned char pt:8; /* payload type */
+ uint16_t len; /* length */
+ uint32_t ssrc; /* synchronization source */
+} srtcp_hdr_t;
+
+typedef struct {
+ unsigned int version:2; /* protocol version */
+ unsigned int p:1; /* padding flag */
+ unsigned int count:5; /* varies by packet type */
+ unsigned int pt:8; /* payload type */
+ uint16_t length; /* len of uint32s of packet less header */
+} rtcp_common_t;
+
+typedef struct {
+ unsigned int e:1; /* encrypted? 1=yes */
+ unsigned int index:31; /* srtcp packet index */
+ /* optional mikey/etc go here */
+ /* and then the variable-length auth tag */
+} srtcp_trailer_t;
+
+#endif
+
+
+/*
+ * the following declarations are libSRTP internal functions
+ */
+
+/*
+ * srtp_get_stream(ssrc) returns a pointer to the stream corresponding
+ * to ssrc, or NULL if no stream exists for that ssrc
+ */
+
+srtp_stream_t
+srtp_get_stream(srtp_t srtp, uint32_t ssrc);
+
+
+/*
+ * srtp_stream_init_keys(s, k) (re)initializes the srtp_stream_t s by
+ * deriving all of the needed keys using the KDF and the key k.
+ */
+
+
+err_status_t
+srtp_stream_init_keys(srtp_stream_t srtp, const void *key);
+
+/*
+ * libsrtp internal datatypes
+ */
+
+typedef enum direction_t {
+ dir_unknown = 0,
+ dir_srtp_sender = 1,
+ dir_srtp_receiver = 2
+} direction_t;
+
+/*
+ * an srtp_stream_t has its own SSRC, encryption key, authentication
+ * key, sequence number, and replay database
+ *
+ * note that the keys might not actually be unique, in which case the
+ * cipher_t and auth_t pointers will point to the same structures
+ */
+
+typedef struct srtp_stream_ctx_t {
+ uint32_t ssrc;
+ cipher_t *rtp_cipher;
+ auth_t *rtp_auth;
+ rdbx_t rtp_rdbx;
+ sec_serv_t rtp_services;
+ cipher_t *rtcp_cipher;
+ auth_t *rtcp_auth;
+ rdb_t rtcp_rdb;
+ sec_serv_t rtcp_services;
+ key_limit_ctx_t *limit;
+ direction_t direction;
+ struct srtp_stream_ctx_t *next; /* linked list of streams */
+} srtp_stream_ctx_t;
+
+
+/*
+ * an srtp_ctx_t holds a stream list and a service description
+ */
+
+typedef struct srtp_ctx_t {
+ srtp_stream_ctx_t *stream_list; /* linked list of streams */
+ srtp_stream_ctx_t *stream_template; /* act as template for other streams */
+} srtp_ctx_t;
+
+
+
+/*
+ * srtp_handle_event(srtp, srtm, evnt) calls the event handling
+ * function, if there is one.
+ *
+ * This macro is not included in the documentation as it is
+ * an internal-only function.
+ */
+
+#define srtp_handle_event(srtp, strm, evnt) \
+ if(srtp_event_handler) { \
+ srtp_event_data_t data; \
+ data.session = srtp; \
+ data.stream = strm; \
+ data.event = evnt; \
+ srtp_event_handler(&data); \
+}
+
+
+#endif /* SRTP_PRIV_H */
diff --git a/srtp/include/ut_sim.h b/srtp/include/ut_sim.h
new file mode 100644
index 0000000..c25feeb
--- /dev/null
+++ b/srtp/include/ut_sim.h
@@ -0,0 +1,80 @@
+/*
+ * ut-sim.h
+ *
+ * an unreliable transport simulator
+ * (for testing replay databases and suchlike)
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+
+#ifndef UT_SIM_H
+#define UT_SIM_H
+
+#include "integers.h" /* for uint32_t */
+
+#define UT_BUF 160 /* maximum amount of packet reorder */
+
+typedef struct {
+ uint32_t index;
+ uint32_t buffer[UT_BUF];
+} ut_connection;
+
+/*
+ * ut_init(&u) initializes the ut_connection
+ *
+ * this function should always be the first one called on a new
+ * ut_connection
+ */
+
+void
+ut_init(ut_connection *utc);
+
+/*
+ * ut_next_index(&u) returns the next index from the simulated
+ * unreliable connection
+ */
+
+uint32_t
+ut_next_index(ut_connection *utc);
+
+
+#endif /* UT_SIM_H */
diff --git a/srtp/install-sh b/srtp/install-sh
new file mode 100755
index 0000000..e9de238
--- /dev/null
+++ b/srtp/install-sh
@@ -0,0 +1,251 @@
+#!/bin/sh
+#
+# install - install a program, script, or datafile
+# This comes from X11R5 (mit/util/scripts/install.sh).
+#
+# Copyright 1991 by the Massachusetts Institute of Technology
+#
+# Permission to use, copy, modify, distribute, and sell this software and its
+# documentation for any purpose is hereby granted without fee, provided that
+# the above copyright notice appear in all copies and that both that
+# copyright notice and this permission notice appear in supporting
+# documentation, and that the name of M.I.T. not be used in advertising or
+# publicity pertaining to distribution of the software without specific,
+# written prior permission. M.I.T. makes no representations about the
+# suitability of this software for any purpose. It is provided "as is"
+# without express or implied warranty.
+#
+# Calling this script install-sh is preferred over install.sh, to prevent
+# `make' implicit rules from creating a file called install from it
+# when there is no Makefile.
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch. It can only install one file at a time, a restriction
+# shared with many OS's install programs.
+
+
+# set DOITPROG to echo to test this script
+
+# Don't use :- since 4.3BSD and earlier shells don't like it.
+doit="${DOITPROG-}"
+
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG-mv}"
+cpprog="${CPPROG-cp}"
+chmodprog="${CHMODPROG-chmod}"
+chownprog="${CHOWNPROG-chown}"
+chgrpprog="${CHGRPPROG-chgrp}"
+stripprog="${STRIPPROG-strip}"
+rmprog="${RMPROG-rm}"
+mkdirprog="${MKDIRPROG-mkdir}"
+
+transformbasename=""
+transform_arg=""
+instcmd="$mvprog"
+chmodcmd="$chmodprog 0755"
+chowncmd=""
+chgrpcmd=""
+stripcmd=""
+rmcmd="$rmprog -f"
+mvcmd="$mvprog"
+src=""
+dst=""
+dir_arg=""
+
+while [ x"$1" != x ]; do
+ case $1 in
+ -c) instcmd="$cpprog"
+ shift
+ continue;;
+
+ -d) dir_arg=true
+ shift
+ continue;;
+
+ -m) chmodcmd="$chmodprog $2"
+ shift
+ shift
+ continue;;
+
+ -o) chowncmd="$chownprog $2"
+ shift
+ shift
+ continue;;
+
+ -g) chgrpcmd="$chgrpprog $2"
+ shift
+ shift
+ continue;;
+
+ -s) stripcmd="$stripprog"
+ shift
+ continue;;
+
+ -t=*) transformarg=`echo $1 | sed 's/-t=//'`
+ shift
+ continue;;
+
+ -b=*) transformbasename=`echo $1 | sed 's/-b=//'`
+ shift
+ continue;;
+
+ *) if [ x"$src" = x ]
+ then
+ src=$1
+ else
+ # this colon is to work around a 386BSD /bin/sh bug
+ :
+ dst=$1
+ fi
+ shift
+ continue;;
+ esac
+done
+
+if [ x"$src" = x ]
+then
+ echo "install: no input file specified"
+ exit 1
+else
+ true
+fi
+
+if [ x"$dir_arg" != x ]; then
+ dst=$src
+ src=""
+
+ if [ -d $dst ]; then
+ instcmd=:
+ chmodcmd=""
+ else
+ instcmd=mkdir
+ fi
+else
+
+# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
+# might cause directories to be created, which would be especially bad
+# if $src (and thus $dsttmp) contains '*'.
+
+ if [ -f $src -o -d $src ]
+ then
+ true
+ else
+ echo "install: $src does not exist"
+ exit 1
+ fi
+
+ if [ x"$dst" = x ]
+ then
+ echo "install: no destination specified"
+ exit 1
+ else
+ true
+ fi
+
+# If destination is a directory, append the input filename; if your system
+# does not like double slashes in filenames, you may need to add some logic
+
+ if [ -d $dst ]
+ then
+ dst="$dst"/`basename $src`
+ else
+ true
+ fi
+fi
+
+## this sed command emulates the dirname command
+dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
+
+# Make sure that the destination directory exists.
+# this part is taken from Noah Friedman's mkinstalldirs script
+
+# Skip lots of stat calls in the usual case.
+if [ ! -d "$dstdir" ]; then
+defaultIFS='
+'
+IFS="${IFS-${defaultIFS}}"
+
+oIFS="${IFS}"
+# Some sh's can't handle IFS=/ for some reason.
+IFS='%'
+set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
+IFS="${oIFS}"
+
+pathcomp=''
+
+while [ $# -ne 0 ] ; do
+ pathcomp="${pathcomp}${1}"
+ shift
+
+ if [ ! -d "${pathcomp}" ] ;
+ then
+ $mkdirprog "${pathcomp}"
+ else
+ true
+ fi
+
+ pathcomp="${pathcomp}/"
+done
+fi
+
+if [ x"$dir_arg" != x ]
+then
+ $doit $instcmd $dst &&
+
+ if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
+ if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
+ if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
+ if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
+else
+
+# If we're going to rename the final executable, determine the name now.
+
+ if [ x"$transformarg" = x ]
+ then
+ dstfile=`basename $dst`
+ else
+ dstfile=`basename $dst $transformbasename |
+ sed $transformarg`$transformbasename
+ fi
+
+# don't allow the sed command to completely eliminate the filename
+
+ if [ x"$dstfile" = x ]
+ then
+ dstfile=`basename $dst`
+ else
+ true
+ fi
+
+# Make a temp file name in the proper directory.
+
+ dsttmp=$dstdir/#inst.$$#
+
+# Move or copy the file name to the temp name
+
+ $doit $instcmd $src $dsttmp &&
+
+ trap "rm -f ${dsttmp}" 0 &&
+
+# and set any options; do chmod last to preserve setuid bits
+
+# If any of these fail, we abort the whole thing. If we want to
+# ignore errors from any of these, just make sure not to ignore
+# errors from the above "$doit $instcmd $src $dsttmp" command.
+
+ if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
+ if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
+ if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
+ if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
+
+# Now rename the file to the real destination.
+
+ $doit $rmcmd -f $dstdir/$dstfile &&
+ $doit $mvcmd $dsttmp $dstdir/$dstfile
+
+fi &&
+
+
+exit 0
diff --git a/srtp/libsrtp.a b/srtp/libsrtp.a
new file mode 100644
index 0000000..ddb0b3c
--- /dev/null
+++ b/srtp/libsrtp.a
Binary files differ
diff --git a/srtp/srtp.def b/srtp/srtp.def
new file mode 100644
index 0000000..c1198c5
--- /dev/null
+++ b/srtp/srtp.def
@@ -0,0 +1,92 @@
+EXPORTS
+srtp_init
+srtp_protect
+srtp_unprotect
+srtp_create
+srtp_add_stream
+srtp_remove_stream
+crypto_policy_set_rtp_default
+crypto_policy_set_rtcp_default
+crypto_policy_set_aes_cm_128_hmac_sha1_32
+crypto_policy_set_aes_cm_128_null_auth
+crypto_policy_set_null_cipher_hmac_sha1_80
+srtp_dealloc
+srtp_get_stream
+srtp_protect_rtcp
+srtp_unprotect_rtcp
+srtp_install_event_handler
+crypto_kernel_init
+crypto_kernel_shutdown
+crypto_kernel_status
+crypto_kernel_list_debug_modules
+crypto_kernel_load_cipher_type
+crypto_kernel_load_auth_type
+crypto_kernel_load_debug_module
+crypto_kernel_alloc_cipher
+crypto_kernel_alloc_auth
+crypto_kernel_set_debug_module
+crypto_get_random
+rand_source_init
+rand_source_get_octet_string
+rand_source_deinit
+x917_prng_init
+x917_prng_get_octet_string
+ctr_prng_init
+ctr_prng_get_octet_string
+cipher_output
+cipher_get_key_length
+cipher_type_self_test
+cipher_bits_per_second
+auth_get_key_length
+auth_get_tag_length
+auth_get_prefix_length
+auth_type_self_test
+auth_type_get_ref_count
+stat_test_monobit
+stat_test_poker
+stat_test_runs
+stat_test_rand_source
+stat_test_rand_source_with_repetition
+err_reporting_init
+err_report
+key_limit_set
+key_limit_clone
+key_limit_check
+key_limit_update
+rdbx_init
+rdbx_estimate_index
+rdbx_check
+rdbx_add_index
+index_init
+index_advance
+index_guess
+octet_get_weight
+octet_string_hex_string
+v128_bit_string
+v128_hex_string
+nibble_to_hex_char
+hex_string_to_octet_string
+v128_copy_octet_string
+v128_left_shift
+v128_right_shift
+octet_string_is_eq
+octet_string_set_to_zero
+rdb_init
+rdb_check
+rdb_add_index
+rdb_increment
+rdb_get_value
+aes_expand_encryption_key
+aes_expand_decryption_key
+aes_encrypt
+aes_decrypt
+aes_icm_context_init
+aes_icm_set_iv
+aes_icm_encrypt
+aes_icm_output
+aes_icm_dealloc
+aes_icm_encrypt_ismacryp
+aes_icm_alloc_ismacryp
+crypto_alloc
+crypto_free
+\ No newline at end of file \ No newline at end of file
diff --git a/srtp/srtp.vcproj b/srtp/srtp.vcproj
new file mode 100644
index 0000000..989646e
--- /dev/null
+++ b/srtp/srtp.vcproj
@@ -0,0 +1,588 @@
+<?xml version="1.0" encoding="Windows-1252"?>
+<VisualStudioProject
+ ProjectType="Visual C++"
+ Version="8.00"
+ Name="srtp"
+ ProjectGUID="{EEF031CB-FED8-451E-A471-91EC8D4F6750}"
+ RootNamespace="srtp"
+ Keyword="Win32Proj"
+ >
+ <Platforms>
+ <Platform
+ Name="Win32"
+ />
+ </Platforms>
+ <ToolFiles>
+ </ToolFiles>
+ <Configurations>
+ <Configuration
+ Name="Debug|Win32"
+ OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+ IntermediateDirectory="$(ConfigurationName)"
+ ConfigurationType="4"
+ CharacterSet="1"
+ >
+ <Tool
+ Name="VCPreBuildEventTool"
+ Description="Creating config.h from config.hw"
+ CommandLine="copy /Y &quot;$(InputDir)config.hw&quot; &quot;$(InputDir)crypto\include\config.h&quot; &gt; NUL"
+ />
+ <Tool
+ Name="VCCustomBuildTool"
+ Description=""
+ CommandLine=""
+ Outputs=""
+ />
+ <Tool
+ Name="VCXMLDataGeneratorTool"
+ />
+ <Tool
+ Name="VCWebServiceProxyGeneratorTool"
+ />
+ <Tool
+ Name="VCMIDLTool"
+ />
+ <Tool
+ Name="VCCLCompilerTool"
+ Optimization="0"
+ AdditionalIncludeDirectories="crypto/include;include"
+ PreprocessorDefinitions="WIN32;_DEBUG;_LIB;HAVE_CONFIG_H"
+ MinimalRebuild="true"
+ BasicRuntimeChecks="3"
+ RuntimeLibrary="3"
+ StructMemberAlignment="0"
+ UsePrecompiledHeader="0"
+ WarningLevel="3"
+ Detect64BitPortabilityProblems="true"
+ DebugInformationFormat="4"
+ />
+ <Tool
+ Name="VCManagedResourceCompilerTool"
+ />
+ <Tool
+ Name="VCResourceCompilerTool"
+ />
+ <Tool
+ Name="VCPreLinkEventTool"
+ />
+ <Tool
+ Name="VCLibrarianTool"
+ />
+ <Tool
+ Name="VCALinkTool"
+ />
+ <Tool
+ Name="VCXDCMakeTool"
+ />
+ <Tool
+ Name="VCBscMakeTool"
+ />
+ <Tool
+ Name="VCFxCopTool"
+ />
+ <Tool
+ Name="VCPostBuildEventTool"
+ />
+ </Configuration>
+ <Configuration
+ Name="Release|Win32"
+ OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+ IntermediateDirectory="$(ConfigurationName)"
+ ConfigurationType="4"
+ CharacterSet="1"
+ WholeProgramOptimization="1"
+ >
+ <Tool
+ Name="VCPreBuildEventTool"
+ Description="Creating config.h from config.hw"
+ CommandLine="copy /Y &quot;$(InputDir)config.hw&quot; &quot;$(InputDir)crypto\include\config.h&quot; &gt; NUL"
+ />
+ <Tool
+ Name="VCCustomBuildTool"
+ Description=""
+ CommandLine=""
+ Outputs=""
+ />
+ <Tool
+ Name="VCXMLDataGeneratorTool"
+ />
+ <Tool
+ Name="VCWebServiceProxyGeneratorTool"
+ />
+ <Tool
+ Name="VCMIDLTool"
+ />
+ <Tool
+ Name="VCCLCompilerTool"
+ AdditionalIncludeDirectories="crypto/include;include"
+ PreprocessorDefinitions="WIN32;NDEBUG;_LIB;HAVE_CONFIG_H"
+ RuntimeLibrary="2"
+ StructMemberAlignment="0"
+ UsePrecompiledHeader="0"
+ WarningLevel="3"
+ Detect64BitPortabilityProblems="true"
+ DebugInformationFormat="3"
+ />
+ <Tool
+ Name="VCManagedResourceCompilerTool"
+ />
+ <Tool
+ Name="VCResourceCompilerTool"
+ />
+ <Tool
+ Name="VCPreLinkEventTool"
+ />
+ <Tool
+ Name="VCLibrarianTool"
+ />
+ <Tool
+ Name="VCALinkTool"
+ />
+ <Tool
+ Name="VCXDCMakeTool"
+ />
+ <Tool
+ Name="VCBscMakeTool"
+ />
+ <Tool
+ Name="VCFxCopTool"
+ />
+ <Tool
+ Name="VCPostBuildEventTool"
+ />
+ </Configuration>
+ <Configuration
+ Name="Debug Dll|Win32"
+ OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+ IntermediateDirectory="$(ConfigurationName)"
+ ConfigurationType="2"
+ CharacterSet="1"
+ >
+ <Tool
+ Name="VCPreBuildEventTool"
+ Description="Creating config.h from config.hw"
+ CommandLine="copy /Y &quot;$(InputDir)config.hw&quot; &quot;$(InputDir)crypto\include\config.h&quot; &gt; NUL"
+ />
+ <Tool
+ Name="VCCustomBuildTool"
+ Description=""
+ CommandLine=""
+ Outputs=""
+ />
+ <Tool
+ Name="VCXMLDataGeneratorTool"
+ />
+ <Tool
+ Name="VCWebServiceProxyGeneratorTool"
+ />
+ <Tool
+ Name="VCMIDLTool"
+ />
+ <Tool
+ Name="VCCLCompilerTool"
+ Optimization="0"
+ EnableIntrinsicFunctions="true"
+ AdditionalIncludeDirectories="crypto/include;include"
+ PreprocessorDefinitions="WIN32;_DEBUG;_LIB;HAVE_CONFIG_H"
+ MinimalRebuild="true"
+ BasicRuntimeChecks="3"
+ RuntimeLibrary="3"
+ StructMemberAlignment="0"
+ UsePrecompiledHeader="0"
+ WarningLevel="3"
+ Detect64BitPortabilityProblems="true"
+ DebugInformationFormat="4"
+ />
+ <Tool
+ Name="VCManagedResourceCompilerTool"
+ />
+ <Tool
+ Name="VCResourceCompilerTool"
+ />
+ <Tool
+ Name="VCPreLinkEventTool"
+ />
+ <Tool
+ Name="VCLinkerTool"
+ AdditionalDependencies="Ws2_32.lib"
+ ModuleDefinitionFile="srtp.def"
+ OptimizeReferences="1"
+ EnableCOMDATFolding="1"
+ OptimizeForWindows98="1"
+ LinkTimeCodeGeneration="0"
+ />
+ <Tool
+ Name="VCALinkTool"
+ />
+ <Tool
+ Name="VCManifestTool"
+ />
+ <Tool
+ Name="VCXDCMakeTool"
+ />
+ <Tool
+ Name="VCBscMakeTool"
+ />
+ <Tool
+ Name="VCFxCopTool"
+ />
+ <Tool
+ Name="VCAppVerifierTool"
+ />
+ <Tool
+ Name="VCWebDeploymentTool"
+ />
+ <Tool
+ Name="VCPostBuildEventTool"
+ />
+ </Configuration>
+ <Configuration
+ Name="Release Dll|Win32"
+ OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+ IntermediateDirectory="$(ConfigurationName)"
+ ConfigurationType="2"
+ CharacterSet="1"
+ WholeProgramOptimization="1"
+ >
+ <Tool
+ Name="VCPreBuildEventTool"
+ Description="Creating config.h from config.hw"
+ CommandLine="copy /Y &quot;$(InputDir)config.hw&quot; &quot;$(InputDir)crypto\include\config.h&quot; &gt; NUL"
+ />
+ <Tool
+ Name="VCCustomBuildTool"
+ Description=""
+ CommandLine=""
+ Outputs=""
+ />
+ <Tool
+ Name="VCXMLDataGeneratorTool"
+ />
+ <Tool
+ Name="VCWebServiceProxyGeneratorTool"
+ />
+ <Tool
+ Name="VCMIDLTool"
+ />
+ <Tool
+ Name="VCCLCompilerTool"
+ AdditionalIncludeDirectories="crypto/include;include"
+ PreprocessorDefinitions="WIN32;NDEBUG;_LIB;HAVE_CONFIG_H"
+ RuntimeLibrary="2"
+ StructMemberAlignment="0"
+ UsePrecompiledHeader="0"
+ WarningLevel="3"
+ Detect64BitPortabilityProblems="true"
+ DebugInformationFormat="3"
+ />
+ <Tool
+ Name="VCManagedResourceCompilerTool"
+ />
+ <Tool
+ Name="VCResourceCompilerTool"
+ />
+ <Tool
+ Name="VCPreLinkEventTool"
+ />
+ <Tool
+ Name="VCLinkerTool"
+ AdditionalDependencies="Ws2_32.lib"
+ ModuleDefinitionFile="srtp.def"
+ />
+ <Tool
+ Name="VCALinkTool"
+ />
+ <Tool
+ Name="VCManifestTool"
+ />
+ <Tool
+ Name="VCXDCMakeTool"
+ />
+ <Tool
+ Name="VCBscMakeTool"
+ />
+ <Tool
+ Name="VCFxCopTool"
+ />
+ <Tool
+ Name="VCAppVerifierTool"
+ />
+ <Tool
+ Name="VCWebDeploymentTool"
+ />
+ <Tool
+ Name="VCPostBuildEventTool"
+ />
+ </Configuration>
+ </Configurations>
+ <References>
+ </References>
+ <Files>
+ <Filter
+ Name="Source Files"
+ Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
+ UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
+ >
+ <File
+ RelativePath=".\srtp\srtp.c"
+ >
+ </File>
+ <Filter
+ Name="Kernel"
+ >
+ <File
+ RelativePath=".\crypto\kernel\alloc.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\kernel\crypto_kernel.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\rng\ctr_prng.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\kernel\err.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\kernel\key.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\rng\prng.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\rng\rand_source.c"
+ >
+ </File>
+ </Filter>
+ <Filter
+ Name="Ciphers"
+ >
+ <File
+ RelativePath=".\crypto\cipher\aes.c"
+ >
+ <FileConfiguration
+ Name="Debug Dll|Win32"
+ >
+ <Tool
+ Name="VCCLCompilerTool"
+ InlineFunctionExpansion="0"
+ EnableIntrinsicFunctions="false"
+ EnableFunctionLevelLinking="false"
+ />
+ </FileConfiguration>
+ </File>
+ <File
+ RelativePath=".\crypto\cipher\aes_cbc.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\cipher\aes_icm.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\cipher\cipher.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\cipher\null_cipher.c"
+ >
+ </File>
+ </Filter>
+ <Filter
+ Name="Hashes"
+ >
+ <File
+ RelativePath=".\crypto\hash\auth.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\hash\hmac.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\hash\null_auth.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\hash\sha1.c"
+ >
+ </File>
+ </Filter>
+ <Filter
+ Name="Replay"
+ >
+ <File
+ RelativePath=".\crypto\replay\rdb.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\replay\rdbx.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\replay\ut_sim.c"
+ >
+ </File>
+ </Filter>
+ <Filter
+ Name="Math"
+ >
+ <File
+ RelativePath=".\crypto\math\datatypes.c"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\math\stat.c"
+ >
+ </File>
+ </Filter>
+ </Filter>
+ <Filter
+ Name="Header Files"
+ Filter="h;hpp;hxx;hm;inl;inc;xsd"
+ UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
+ >
+ <File
+ RelativePath=".\crypto\include\aes.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\aes_cbc.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\aes_icm.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\alloc.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\auth.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\cipher.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\config.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\crypto.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\crypto_kernel.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\crypto_math.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\crypto_types.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\cryptoalg.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\datatypes.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\err.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\gf2_8.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\hmac.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\integers.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\kernel_compat.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\key.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\null_auth.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\null_cipher.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\prng.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\rand_source.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\rdb.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\rdbx.h"
+ >
+ </File>
+ <File
+ RelativePath=".\include\rtp.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\sha1.h"
+ >
+ </File>
+ <File
+ RelativePath=".\include\srtp.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\stat.h"
+ >
+ </File>
+ <File
+ RelativePath=".\include\ut_sim.h"
+ >
+ </File>
+ <File
+ RelativePath=".\crypto\include\xfm.h"
+ >
+ </File>
+ </Filter>
+ <Filter
+ Name="Resource Files"
+ Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
+ UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
+ >
+ </Filter>
+ <File
+ RelativePath=".\srtp.def"
+ >
+ </File>
+ </Files>
+ <Globals>
+ </Globals>
+</VisualStudioProject>
diff --git a/srtp/srtp/CVS/Entries b/srtp/srtp/CVS/Entries
new file mode 100644
index 0000000..ea71f7f
--- /dev/null
+++ b/srtp/srtp/CVS/Entries
@@ -0,0 +1,2 @@
+/srtp.c/1.23/Tue Jul 18 19:45:46 2006//
+D
diff --git a/srtp/srtp/CVS/Repository b/srtp/srtp/CVS/Repository
new file mode 100644
index 0000000..a3933d5
--- /dev/null
+++ b/srtp/srtp/CVS/Repository
@@ -0,0 +1 @@
+srtp/srtp
diff --git a/srtp/srtp/CVS/Root b/srtp/srtp/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/srtp/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/srtp/srtp.c b/srtp/srtp/srtp.c
new file mode 100644
index 0000000..afedf6f
--- /dev/null
+++ b/srtp/srtp/srtp.c
@@ -0,0 +1,1907 @@
+/*
+ * srtp.c
+ *
+ * the secure real-time transport protocol
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "srtp_priv.h"
+#include "aes_icm.h" /* aes_icm is used in the KDF */
+#include "alloc.h" /* for crypto_alloc() */
+
+#ifndef SRTP_KERNEL
+# include <limits.h>
+# ifdef HAVE_NETINET_IN_H
+# include <netinet/in.h>
+# elif defined(HAVE_WINSOCK2_H)
+# include <winsock2.h>
+# endif
+#endif /* ! SRTP_KERNEL */
+
+
+extern cipher_type_t aes_icm;
+extern auth_type_t tmmhv2;
+
+/* the debug module for srtp */
+
+debug_module_t mod_srtp = {
+ 0, /* debugging is off by default */
+ "srtp" /* printable name for module */
+};
+
+#define octets_in_rtp_header 12
+#define uint32s_in_rtp_header 3
+#define octets_in_rtcp_header 8
+#define uint32s_in_rtcp_header 2
+
+
+err_status_t
+srtp_stream_alloc(srtp_stream_ctx_t **str_ptr,
+ const srtp_policy_t *p) {
+ srtp_stream_ctx_t *str;
+ err_status_t stat;
+
+ /*
+ * This function allocates the stream context, rtp and rtcp ciphers
+ * and auth functions, and key limit structure. If there is a
+ * failure during allocation, we free all previously allocated
+ * memory and return a failure code. The code could probably
+ * be improved, but it works and should be clear.
+ */
+
+ /* allocate srtp stream and set str_ptr */
+ str = (srtp_stream_ctx_t *) crypto_alloc(sizeof(srtp_stream_ctx_t));
+ if (str == NULL)
+ return err_status_alloc_fail;
+ *str_ptr = str;
+
+ /* allocate cipher */
+ stat = crypto_kernel_alloc_cipher(p->rtp.cipher_type,
+ &str->rtp_cipher,
+ p->rtp.cipher_key_len);
+ if (stat) {
+ crypto_free(str);
+ return stat;
+ }
+
+ /* allocate auth function */
+ stat = crypto_kernel_alloc_auth(p->rtp.auth_type,
+ &str->rtp_auth,
+ p->rtp.auth_key_len,
+ p->rtp.auth_tag_len);
+ if (stat) {
+ cipher_dealloc(str->rtp_cipher);
+ crypto_free(str);
+ return stat;
+ }
+
+ /* allocate key limit structure */
+ str->limit = (key_limit_ctx_t*) crypto_alloc(sizeof(key_limit_ctx_t));
+ if (str->limit == NULL) {
+ auth_dealloc(str->rtp_auth);
+ cipher_dealloc(str->rtp_cipher);
+ crypto_free(str);
+ return err_status_alloc_fail;
+ }
+
+ /*
+ * ...and now the RTCP-specific initialization - first, allocate
+ * the cipher
+ */
+ stat = crypto_kernel_alloc_cipher(p->rtcp.cipher_type,
+ &str->rtcp_cipher,
+ p->rtcp.cipher_key_len);
+ if (stat) {
+ auth_dealloc(str->rtp_auth);
+ cipher_dealloc(str->rtp_cipher);
+ crypto_free(str->limit);
+ crypto_free(str);
+ return stat;
+ }
+
+ /* allocate auth function */
+ stat = crypto_kernel_alloc_auth(p->rtcp.auth_type,
+ &str->rtcp_auth,
+ p->rtcp.auth_key_len,
+ p->rtcp.auth_tag_len);
+ if (stat) {
+ cipher_dealloc(str->rtcp_cipher);
+ auth_dealloc(str->rtp_auth);
+ cipher_dealloc(str->rtp_cipher);
+ crypto_free(str->limit);
+ crypto_free(str);
+ return stat;
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+srtp_stream_dealloc(srtp_t session, srtp_stream_ctx_t *stream) {
+ err_status_t status;
+
+ /*
+ * we use a conservative deallocation strategy - if any deallocation
+ * fails, then we report that fact without trying to deallocate
+ * anything else
+ */
+
+ /* deallocate cipher, if it is not the same as that in template */
+ if (session->stream_template
+ && stream->rtp_cipher == session->stream_template->rtp_cipher) {
+ /* do nothing */
+ } else {
+ status = cipher_dealloc(stream->rtp_cipher);
+ if (status)
+ return status;
+ }
+
+ /* deallocate auth function, if it is not the same as that in template */
+ if (session->stream_template
+ && stream->rtp_auth == session->stream_template->rtp_auth) {
+ /* do nothing */
+ } else {
+ status = auth_dealloc(stream->rtp_auth);
+ if (status)
+ return status;
+ }
+
+ /* deallocate key usage limit, if it is not the same as that in template */
+ if (session->stream_template
+ && stream->limit == session->stream_template->limit) {
+ /* do nothing */
+ } else {
+ crypto_free(stream->limit);
+ }
+
+ /*
+ * deallocate rtcp cipher, if it is not the same as that in
+ * template
+ */
+ if (session->stream_template
+ && stream->rtcp_cipher == session->stream_template->rtcp_cipher) {
+ /* do nothing */
+ } else {
+ status = cipher_dealloc(stream->rtcp_cipher);
+ if (status)
+ return status;
+ }
+
+ /*
+ * deallocate rtcp auth function, if it is not the same as that in
+ * template
+ */
+ if (session->stream_template
+ && stream->rtcp_auth == session->stream_template->rtcp_auth) {
+ /* do nothing */
+ } else {
+ status = auth_dealloc(stream->rtcp_auth);
+ if (status)
+ return status;
+ }
+
+ /* deallocate srtp stream context */
+ crypto_free(stream);
+
+ return err_status_ok;
+}
+
+
+/*
+ * srtp_stream_clone(stream_template, new) allocates a new stream and
+ * initializes it using the cipher and auth of the stream_template
+ *
+ * the only unique data in a cloned stream is the replay database and
+ * the SSRC
+ */
+
+err_status_t
+srtp_stream_clone(const srtp_stream_ctx_t *stream_template,
+ uint32_t ssrc,
+ srtp_stream_ctx_t **str_ptr) {
+ err_status_t status;
+ srtp_stream_ctx_t *str;
+
+ debug_print(mod_srtp, "cloning stream (SSRC: 0x%08x)", ssrc);
+
+ /* allocate srtp stream and set str_ptr */
+ str = (srtp_stream_ctx_t *) crypto_alloc(sizeof(srtp_stream_ctx_t));
+ if (str == NULL)
+ return err_status_alloc_fail;
+ *str_ptr = str;
+
+ /* set cipher and auth pointers to those of the template */
+ str->rtp_cipher = stream_template->rtp_cipher;
+ str->rtp_auth = stream_template->rtp_auth;
+ str->rtcp_cipher = stream_template->rtcp_cipher;
+ str->rtcp_auth = stream_template->rtcp_auth;
+
+ /* set key limit to point to that of the template */
+ status = key_limit_clone(stream_template->limit, &str->limit);
+ if (status)
+ return status;
+
+ /* initialize replay databases */
+ rdbx_init(&str->rtp_rdbx);
+ rdb_init(&str->rtcp_rdb);
+
+ /* set ssrc to that provided */
+ str->ssrc = ssrc;
+
+ /* set direction and security services */
+ str->direction = stream_template->direction;
+ str->rtp_services = stream_template->rtp_services;
+ str->rtcp_services = stream_template->rtcp_services;
+
+ /* defensive coding */
+ str->next = NULL;
+
+ return err_status_ok;
+}
+
+
+/*
+ * key derivation functions, internal to libSRTP
+ *
+ * srtp_kdf_t is a key derivation context
+ *
+ * srtp_kdf_init(&kdf, k) initializes kdf with the key k
+ *
+ * srtp_kdf_generate(&kdf, l, kl, keylen) derives the key
+ * corresponding to label l and puts it into kl; the length
+ * of the key in octets is provided as keylen. this function
+ * should be called once for each subkey that is derived.
+ *
+ * srtp_kdf_clear(&kdf) zeroizes the kdf state
+ */
+
+typedef enum {
+ label_rtp_encryption = 0x00,
+ label_rtp_msg_auth = 0x01,
+ label_rtp_salt = 0x02,
+ label_rtcp_encryption = 0x03,
+ label_rtcp_msg_auth = 0x04,
+ label_rtcp_salt = 0x05
+} srtp_prf_label;
+
+
+/*
+ * srtp_kdf_t represents a key derivation function. The SRTP
+ * default KDF is the only one implemented at present.
+ */
+
+typedef struct {
+ aes_icm_ctx_t c; /* cipher used for key derivation */
+} srtp_kdf_t;
+
+err_status_t
+srtp_kdf_init(srtp_kdf_t *kdf, const uint8_t key[30]) {
+
+ aes_icm_context_init(&kdf->c, key);
+
+ return err_status_ok;
+}
+
+err_status_t
+srtp_kdf_generate(srtp_kdf_t *kdf, srtp_prf_label label,
+ uint8_t *key, int length) {
+
+ v128_t nonce;
+
+ /* set eigth octet of nonce to <label>, set the rest of it to zero */
+ v128_set_to_zero(&nonce);
+ nonce.v8[7] = label;
+
+ aes_icm_set_iv(&kdf->c, &nonce);
+
+ /* generate keystream output */
+ aes_icm_output(&kdf->c, key, length);
+
+ return err_status_ok;
+}
+
+err_status_t
+srtp_kdf_clear(srtp_kdf_t *kdf) {
+
+ /* zeroize aes context */
+ octet_string_set_to_zero((uint8_t *)kdf, sizeof(srtp_kdf_t));
+
+ return err_status_ok;
+}
+
+/*
+ * end of key derivation functions
+ */
+
+#define MAX_SRTP_KEY_LEN 256
+
+
+err_status_t
+srtp_stream_init_keys(srtp_stream_ctx_t *srtp, const void *key) {
+ err_status_t stat;
+ srtp_kdf_t kdf;
+ uint8_t tmp_key[MAX_SRTP_KEY_LEN];
+
+ /* initialize KDF state */
+ srtp_kdf_init(&kdf, (const uint8_t *)key);
+
+ /* generate encryption key */
+ srtp_kdf_generate(&kdf, label_rtp_encryption,
+ tmp_key, cipher_get_key_length(srtp->rtp_cipher));
+ /*
+ * if the cipher in the srtp context is aes_icm, then we need
+ * to generate the salt value
+ */
+ if (srtp->rtp_cipher->type == &aes_icm) {
+ /* FIX!!! this is really the cipher key length; rest is salt */
+ int base_key_len = 16;
+ int salt_len = cipher_get_key_length(srtp->rtp_cipher) - base_key_len;
+
+ debug_print(mod_srtp, "found aes_icm, generating salt", NULL);
+
+ /* generate encryption salt, put after encryption key */
+ srtp_kdf_generate(&kdf, label_rtp_salt,
+ tmp_key + base_key_len, salt_len);
+ }
+ debug_print(mod_srtp, "cipher key: %s",
+ octet_string_hex_string(tmp_key,
+ cipher_get_key_length(srtp->rtp_cipher)));
+
+ /* initialize cipher */
+ stat = cipher_init(srtp->rtp_cipher, tmp_key, direction_any);
+ if (stat) {
+ /* zeroize temp buffer */
+ octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
+ return err_status_init_fail;
+ }
+
+ /* generate authentication key */
+ srtp_kdf_generate(&kdf, label_rtp_msg_auth,
+ tmp_key, auth_get_key_length(srtp->rtp_auth));
+ debug_print(mod_srtp, "auth key: %s",
+ octet_string_hex_string(tmp_key,
+ auth_get_key_length(srtp->rtp_auth)));
+
+ /* initialize auth function */
+ stat = auth_init(srtp->rtp_auth, tmp_key);
+ if (stat) {
+ /* zeroize temp buffer */
+ octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
+ return err_status_init_fail;
+ }
+
+ /*
+ * ...now initialize SRTCP keys
+ */
+
+ /* generate encryption key */
+ srtp_kdf_generate(&kdf, label_rtcp_encryption,
+ tmp_key, cipher_get_key_length(srtp->rtcp_cipher));
+ /*
+ * if the cipher in the srtp context is aes_icm, then we need
+ * to generate the salt value
+ */
+ if (srtp->rtcp_cipher->type == &aes_icm) {
+ /* FIX!!! this is really the cipher key length; rest is salt */
+ int base_key_len = 16;
+ int salt_len = cipher_get_key_length(srtp->rtcp_cipher) - base_key_len;
+
+ debug_print(mod_srtp, "found aes_icm, generating rtcp salt", NULL);
+
+ /* generate encryption salt, put after encryption key */
+ srtp_kdf_generate(&kdf, label_rtcp_salt,
+ tmp_key + base_key_len, salt_len);
+ }
+ debug_print(mod_srtp, "rtcp cipher key: %s",
+ octet_string_hex_string(tmp_key,
+ cipher_get_key_length(srtp->rtcp_cipher)));
+
+ /* initialize cipher */
+ stat = cipher_init(srtp->rtcp_cipher, tmp_key, direction_any);
+ if (stat) {
+ /* zeroize temp buffer */
+ octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
+ return err_status_init_fail;
+ }
+
+ /* generate authentication key */
+ srtp_kdf_generate(&kdf, label_rtcp_msg_auth,
+ tmp_key, auth_get_key_length(srtp->rtcp_auth));
+ debug_print(mod_srtp, "rtcp auth key: %s",
+ octet_string_hex_string(tmp_key,
+ auth_get_key_length(srtp->rtcp_auth)));
+
+ /* initialize auth function */
+ stat = auth_init(srtp->rtcp_auth, tmp_key);
+ if (stat) {
+ /* zeroize temp buffer */
+ octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
+ return err_status_init_fail;
+ }
+
+ /* clear memory then return */
+ srtp_kdf_clear(&kdf);
+ octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
+
+ return err_status_ok;
+}
+
+err_status_t
+srtp_stream_init(srtp_stream_ctx_t *srtp,
+ const srtp_policy_t *p) {
+ err_status_t err;
+
+ debug_print(mod_srtp, "initializing stream (SSRC: 0x%08x)",
+ p->ssrc.value);
+
+ /* initialize replay database */
+ rdbx_init(&srtp->rtp_rdbx);
+
+ /* initialize key limit to maximum value */
+#ifdef NO_64BIT_MATH
+{
+ uint64_t temp;
+ temp = make64(UINT_MAX,UINT_MAX);
+ key_limit_set(srtp->limit, temp);
+}
+#else
+ key_limit_set(srtp->limit, 0xffffffffffffLL);
+#endif
+
+ /* set the SSRC value */
+ srtp->ssrc = htonl(p->ssrc.value);
+
+ /* set the security service flags */
+ srtp->rtp_services = p->rtp.sec_serv;
+ srtp->rtcp_services = p->rtcp.sec_serv;
+
+ /*
+ * set direction to unknown - this flag gets checked in srtp_protect(),
+ * srtp_unprotect(), srtp_protect_rtcp(), and srtp_unprotect_rtcp(), and
+ * gets set appropriately if it is set to unknown.
+ */
+ srtp->direction = dir_unknown;
+
+ /* initialize SRTCP replay database */
+ rdb_init(&srtp->rtcp_rdb);
+
+ /* DAM - no RTCP key limit at present */
+
+ /* initialize keys */
+ err = srtp_stream_init_keys(srtp, p->key);
+ if (err) return err;
+
+ return err_status_ok;
+ }
+
+
+ /*
+ * srtp_event_reporter is an event handler function that merely
+ * reports the events that are reported by the callbacks
+ */
+
+ void
+ srtp_event_reporter(srtp_event_data_t *data) {
+
+ err_report(err_level_warning, "srtp: in stream 0x%x: ",
+ data->stream->ssrc);
+
+ switch(data->event) {
+ case event_ssrc_collision:
+ err_report(err_level_warning, "\tSSRC collision\n");
+ break;
+ case event_key_soft_limit:
+ err_report(err_level_warning, "\tkey usage soft limit reached\n");
+ break;
+ case event_key_hard_limit:
+ err_report(err_level_warning, "\tkey usage hard limit reached\n");
+ break;
+ case event_packet_index_limit:
+ err_report(err_level_warning, "\tpacket index limit reached\n");
+ break;
+ default:
+ err_report(err_level_warning, "\tunknown event reported to handler\n");
+ }
+ }
+
+ /*
+ * srtp_event_handler is a global variable holding a pointer to the
+ * event handler function; this function is called for any unexpected
+ * event that needs to be handled out of the SRTP data path. see
+ * srtp_event_t in srtp.h for more info
+ *
+ * it is okay to set srtp_event_handler to NULL, but we set
+ * it to the srtp_event_reporter.
+ */
+
+ static srtp_event_handler_func_t *srtp_event_handler = srtp_event_reporter;
+
+ err_status_t
+ srtp_install_event_handler(srtp_event_handler_func_t func) {
+
+ /*
+ * note that we accept NULL arguments intentionally - calling this
+ * function with a NULL arguments removes an event handler that's
+ * been previously installed
+ */
+
+ /* set global event handling function */
+ srtp_event_handler = func;
+ return err_status_ok;
+ }
+
+ err_status_t
+ srtp_protect(srtp_ctx_t *ctx, void *rtp_hdr, int *pkt_octet_len) {
+ srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr;
+ uint32_t *enc_start; /* pointer to start of encrypted portion */
+ uint32_t *auth_start; /* pointer to start of auth. portion */
+ unsigned enc_octet_len = 0; /* number of octets in encrypted portion */
+ xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */
+ int delta; /* delta of local pkt idx and that in hdr */
+ uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
+ err_status_t status;
+ int tag_len;
+ srtp_stream_ctx_t *stream;
+ int prefix_len;
+
+ debug_print(mod_srtp, "function srtp_protect", NULL);
+
+ /* we assume the hdr is 32-bit aligned to start */
+
+ /* check the packet length - it must at least contain a full header */
+ if (*pkt_octet_len < octets_in_rtp_header)
+ return err_status_bad_param;
+
+ /*
+ * look up ssrc in srtp_stream list, and process the packet with
+ * the appropriate stream. if we haven't seen this stream before,
+ * there's a template key for this srtp_session, and the cipher
+ * supports key-sharing, then we assume that a new stream using
+ * that key has just started up
+ */
+ stream = srtp_get_stream(ctx, hdr->ssrc);
+ if (stream == NULL) {
+ if (ctx->stream_template != NULL) {
+ srtp_stream_ctx_t *new_stream;
+
+ /* allocate and initialize a new stream */
+ status = srtp_stream_clone(ctx->stream_template,
+ hdr->ssrc, &new_stream);
+ if (status)
+ return status;
+
+ /* add new stream to the head of the stream_list */
+ new_stream->next = ctx->stream_list;
+ ctx->stream_list = new_stream;
+
+ /* set direction to outbound */
+ new_stream->direction = dir_srtp_sender;
+
+ /* set stream (the pointer used in this function) */
+ stream = new_stream;
+ } else {
+ /* no template stream, so we return an error */
+ return err_status_no_ctx;
+ }
+ }
+
+ /*
+ * verify that stream is for sending traffic - this check will
+ * detect SSRC collisions, since a stream that appears in both
+ * srtp_protect() and srtp_unprotect() will fail this test in one of
+ * those functions.
+ */
+ if (stream->direction != dir_srtp_sender) {
+ if (stream->direction == dir_unknown) {
+ stream->direction = dir_srtp_sender;
+ } else {
+ srtp_handle_event(ctx, stream, event_ssrc_collision);
+ }
+ }
+
+ /*
+ * update the key usage limit, and check it to make sure that we
+ * didn't just hit either the soft limit or the hard limit, and call
+ * the event handler if we hit either.
+ */
+ switch(key_limit_update(stream->limit)) {
+ case key_event_normal:
+ break;
+ case key_event_soft_limit:
+ srtp_handle_event(ctx, stream, event_key_soft_limit);
+ break;
+ case key_event_hard_limit:
+ srtp_handle_event(ctx, stream, event_key_hard_limit);
+ return err_status_key_expired;
+ default:
+ break;
+ }
+
+ /* get tag length from stream */
+ tag_len = auth_get_tag_length(stream->rtp_auth);
+
+ /*
+ * find starting point for encryption and length of data to be
+ * encrypted - the encrypted portion starts after the rtp header
+ * extension, if present; otherwise, it starts after the last csrc,
+ * if any are present
+ *
+ * if we're not providing confidentiality, set enc_start to NULL
+ */
+ if (stream->rtp_services & sec_serv_conf) {
+ enc_start = (uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc;
+ if (hdr->x == 1) {
+ srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
+ enc_start += (ntohs(xtn_hdr->length) + 1);
+ }
+ enc_octet_len = (unsigned int)(*pkt_octet_len
+ - ((enc_start - (uint32_t *)hdr) << 2));
+ } else {
+ enc_start = NULL;
+ }
+
+ /*
+ * if we're providing authentication, set the auth_start and auth_tag
+ * pointers to the proper locations; otherwise, set auth_start to NULL
+ * to indicate that no authentication is needed
+ */
+ if (stream->rtp_services & sec_serv_auth) {
+ auth_start = (uint32_t *)hdr;
+ auth_tag = (uint8_t *)hdr + *pkt_octet_len;
+ } else {
+ auth_start = NULL;
+ auth_tag = NULL;
+ }
+
+ /*
+ * estimate the packet index using the start of the replay window
+ * and the sequence number from the header
+ */
+ delta = rdbx_estimate_index(&stream->rtp_rdbx, &est, ntohs(hdr->seq));
+ status = rdbx_check(&stream->rtp_rdbx, delta);
+ if (status)
+ return status; /* we've been asked to reuse an index */
+ rdbx_add_index(&stream->rtp_rdbx, delta);
+
+#ifdef NO_64BIT_MATH
+ debug_print2(mod_srtp, "estimated packet index: %08x%08x",
+ high32(est),low32(est));
+#else
+ debug_print(mod_srtp, "estimated packet index: %016llx", est);
+#endif
+
+ /*
+ * if we're using rindael counter mode, set nonce and seq
+ */
+ if (stream->rtp_cipher->type == &aes_icm) {
+ v128_t iv;
+
+ iv.v32[0] = 0;
+ iv.v32[1] = hdr->ssrc;
+#ifdef NO_64BIT_MATH
+ iv.v64[1] = be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16),
+ low32(est) << 16));
+#else
+ iv.v64[1] = be64_to_cpu(est << 16);
+#endif
+ status = cipher_set_iv(stream->rtp_cipher, &iv);
+
+ } else {
+ v128_t iv;
+
+ /* otherwise, set the index to est */
+#ifdef NO_64BIT_MATH
+ iv.v32[0] = 0;
+ iv.v32[1] = 0;
+#else
+ iv.v64[0] = 0;
+#endif
+ iv.v64[1] = be64_to_cpu(est);
+ status = cipher_set_iv(stream->rtp_cipher, &iv);
+ }
+ if (status)
+ return err_status_cipher_fail;
+
+ /* shift est, put into network byte order */
+#ifdef NO_64BIT_MATH
+ est = be64_to_cpu(make64((high32(est) << 16) |
+ (low32(est) >> 16),
+ low32(est) << 16));
+#else
+ est = be64_to_cpu(est << 16);
+#endif
+
+ /*
+ * if we're authenticating using a universal hash, put the keystream
+ * prefix into the authentication tag
+ */
+ if (auth_start) {
+
+ prefix_len = auth_get_prefix_length(stream->rtp_auth);
+ if (prefix_len) {
+ status = cipher_output(stream->rtp_cipher, auth_tag, prefix_len);
+ if (status)
+ return err_status_cipher_fail;
+ debug_print(mod_srtp, "keystream prefix: %s",
+ octet_string_hex_string(auth_tag, prefix_len));
+ }
+ }
+
+ /* if we're encrypting, exor keystream into the message */
+ if (enc_start) {
+ status = cipher_encrypt(stream->rtp_cipher,
+ (uint8_t *)enc_start, &enc_octet_len);
+ if (status)
+ return err_status_cipher_fail;
+ }
+
+ /*
+ * if we're authenticating, run authentication function and put result
+ * into the auth_tag
+ */
+ if (auth_start) {
+
+ /* initialize auth func context */
+ status = auth_start(stream->rtp_auth);
+ if (status) return status;
+
+ /* run auth func over packet */
+ status = auth_update(stream->rtp_auth,
+ (uint8_t *)auth_start, *pkt_octet_len);
+ if (status) return status;
+
+ /* run auth func over ROC, put result into auth_tag */
+ debug_print(mod_srtp, "estimated packet index: %016llx", est);
+ status = auth_compute(stream->rtp_auth, (uint8_t *)&est, 4, auth_tag);
+ debug_print(mod_srtp, "srtp auth tag: %s",
+ octet_string_hex_string(auth_tag, tag_len));
+ if (status)
+ return err_status_auth_fail;
+
+ }
+
+ if (auth_tag) {
+
+ /* increase the packet length by the length of the auth tag */
+ *pkt_octet_len += tag_len;
+ }
+
+ return err_status_ok;
+}
+
+
+err_status_t
+srtp_unprotect(srtp_ctx_t *ctx, void *srtp_hdr, int *pkt_octet_len) {
+ srtp_hdr_t *hdr = (srtp_hdr_t *)srtp_hdr;
+ uint32_t *enc_start; /* pointer to start of encrypted portion */
+ uint32_t *auth_start; /* pointer to start of auth. portion */
+ unsigned enc_octet_len = 0;/* number of octets in encrypted portion */
+ uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
+ xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */
+ int delta; /* delta of local pkt idx and that in hdr */
+ v128_t iv;
+ err_status_t status;
+ srtp_stream_ctx_t *stream;
+ uint8_t tmp_tag[SRTP_MAX_TAG_LEN];
+ int tag_len, prefix_len;
+
+ debug_print(mod_srtp, "function srtp_unprotect", NULL);
+
+ /* we assume the hdr is 32-bit aligned to start */
+
+ /* check the packet length - it must at least contain a full header */
+ if (*pkt_octet_len < octets_in_rtp_header)
+ return err_status_bad_param;
+
+ /*
+ * look up ssrc in srtp_stream list, and process the packet with
+ * the appropriate stream. if we haven't seen this stream before,
+ * there's only one key for this srtp_session, and the cipher
+ * supports key-sharing, then we assume that a new stream using
+ * that key has just started up
+ */
+ stream = srtp_get_stream(ctx, hdr->ssrc);
+ if (stream == NULL) {
+ if (ctx->stream_template != NULL) {
+ stream = ctx->stream_template;
+ debug_print(mod_srtp, "using provisional stream (SSRC: 0x%08x)",
+ hdr->ssrc);
+
+ /*
+ * set estimated packet index to sequence number from header,
+ * and set delta equal to the same value
+ */
+#ifdef NO_64BIT_MATH
+ est = (xtd_seq_num_t) make64(0,ntohs(hdr->seq));
+ delta = low32(est);
+#else
+ est = (xtd_seq_num_t) ntohs(hdr->seq);
+ delta = (int)est;
+#endif
+ } else {
+
+ /*
+ * no stream corresponding to SSRC found, and we don't do
+ * key-sharing, so return an error
+ */
+ return err_status_no_ctx;
+ }
+ } else {
+
+ /* estimate packet index from seq. num. in header */
+ delta = rdbx_estimate_index(&stream->rtp_rdbx, &est, ntohs(hdr->seq));
+
+ /* check replay database */
+ status = rdbx_check(&stream->rtp_rdbx, delta);
+ if (status)
+ return status;
+ }
+
+#ifdef NO_64BIT_MATH
+ debug_print2(mod_srtp, "estimated u_packet index: %08x%08x", high32(est),low32(est));
+#else
+ debug_print(mod_srtp, "estimated u_packet index: %016llx", est);
+#endif
+
+ /* get tag length from stream */
+ tag_len = auth_get_tag_length(stream->rtp_auth);
+
+ /*
+ * set the cipher's IV properly, depending on whatever cipher we
+ * happen to be using
+ */
+ if (stream->rtp_cipher->type == &aes_icm) {
+
+ /* aes counter mode */
+ iv.v32[0] = 0;
+ iv.v32[1] = hdr->ssrc; /* still in network order */
+#ifdef NO_64BIT_MATH
+ iv.v64[1] = be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16),
+ low32(est) << 16));
+#else
+ iv.v64[1] = be64_to_cpu(est << 16);
+#endif
+ status = aes_icm_set_iv((aes_icm_ctx_t*)stream->rtp_cipher->state, &iv);
+ } else {
+
+ /* no particular format - set the iv to the pakcet index */
+#ifdef NO_64BIT_MATH
+ iv.v32[0] = 0;
+ iv.v32[1] = 0;
+#else
+ iv.v64[0] = 0;
+#endif
+ iv.v64[1] = be64_to_cpu(est);
+ status = cipher_set_iv(stream->rtp_cipher, &iv);
+ }
+ if (status)
+ return err_status_cipher_fail;
+
+ /* shift est, put into network byte order */
+#ifdef NO_64BIT_MATH
+ est = be64_to_cpu(make64((high32(est) << 16) |
+ (low32(est) >> 16),
+ low32(est) << 16));
+#else
+ est = be64_to_cpu(est << 16);
+#endif
+
+ /*
+ * find starting point for decryption and length of data to be
+ * decrypted - the encrypted portion starts after the rtp header
+ * extension, if present; otherwise, it starts after the last csrc,
+ * if any are present
+ *
+ * if we're not providing confidentiality, set enc_start to NULL
+ */
+ if (stream->rtp_services & sec_serv_conf) {
+ enc_start = (uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc;
+ if (hdr->x == 1) {
+ srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
+ enc_start += (ntohs(xtn_hdr->length) + 1);
+ }
+ enc_octet_len = (uint32_t)(*pkt_octet_len - tag_len
+ - ((enc_start - (uint32_t *)hdr) << 2));
+ } else {
+ enc_start = NULL;
+ }
+
+ /*
+ * if we're providing authentication, set the auth_start and auth_tag
+ * pointers to the proper locations; otherwise, set auth_start to NULL
+ * to indicate that no authentication is needed
+ */
+ if (stream->rtp_services & sec_serv_auth) {
+ auth_start = (uint32_t *)hdr;
+ auth_tag = (uint8_t *)hdr + *pkt_octet_len - tag_len;
+ } else {
+ auth_start = NULL;
+ auth_tag = NULL;
+ }
+
+ /*
+ * if we expect message authentication, run the authentication
+ * function and compare the result with the value of the auth_tag
+ */
+ if (auth_start) {
+
+ /*
+ * if we're using a universal hash, then we need to compute the
+ * keystream prefix for encrypting the universal hash output
+ *
+ * if the keystream prefix length is zero, then we know that
+ * the authenticator isn't using a universal hash function
+ */
+ if (stream->rtp_auth->prefix_len != 0) {
+
+ prefix_len = auth_get_prefix_length(stream->rtp_auth);
+ status = cipher_output(stream->rtp_cipher, tmp_tag, prefix_len);
+ debug_print(mod_srtp, "keystream prefix: %s",
+ octet_string_hex_string(tmp_tag, prefix_len));
+ if (status)
+ return err_status_cipher_fail;
+ }
+
+ /* initialize auth func context */
+ status = auth_start(stream->rtp_auth);
+ if (status) return status;
+
+ /* now compute auth function over packet */
+ status = auth_update(stream->rtp_auth, (uint8_t *)auth_start,
+ *pkt_octet_len - tag_len);
+
+ /* run auth func over ROC, then write tmp tag */
+ status = auth_compute(stream->rtp_auth, (uint8_t *)&est, 4, tmp_tag);
+
+ debug_print(mod_srtp, "computed auth tag: %s",
+ octet_string_hex_string(tmp_tag, tag_len));
+ debug_print(mod_srtp, "packet auth tag: %s",
+ octet_string_hex_string(auth_tag, tag_len));
+ if (status)
+ return err_status_auth_fail;
+
+ if (octet_string_is_eq(tmp_tag, auth_tag, tag_len))
+ return err_status_auth_fail;
+ }
+
+ /*
+ * update the key usage limit, and check it to make sure that we
+ * didn't just hit either the soft limit or the hard limit, and call
+ * the event handler if we hit either.
+ */
+ switch(key_limit_update(stream->limit)) {
+ case key_event_normal:
+ break;
+ case key_event_soft_limit:
+ srtp_handle_event(ctx, stream, event_key_soft_limit);
+ break;
+ case key_event_hard_limit:
+ srtp_handle_event(ctx, stream, event_key_hard_limit);
+ return err_status_key_expired;
+ default:
+ break;
+ }
+
+ /* if we're encrypting, add keystream into ciphertext */
+ if (enc_start) {
+ status = cipher_encrypt(stream->rtp_cipher,
+ (uint8_t *)enc_start, &enc_octet_len);
+ if (status)
+ return err_status_cipher_fail;
+ }
+
+ /*
+ * verify that stream is for received traffic - this check will
+ * detect SSRC collisions, since a stream that appears in both
+ * srtp_protect() and srtp_unprotect() will fail this test in one of
+ * those functions.
+ *
+ * we do this check *after* the authentication check, so that the
+ * latter check will catch any attempts to fool us into thinking
+ * that we've got a collision
+ */
+ if (stream->direction != dir_srtp_receiver) {
+ if (stream->direction == dir_unknown) {
+ stream->direction = dir_srtp_receiver;
+ } else {
+ srtp_handle_event(ctx, stream, event_ssrc_collision);
+ }
+ }
+
+ /*
+ * if the stream is a 'provisional' one, in which the template context
+ * is used, then we need to allocate a new stream at this point, since
+ * the authentication passed
+ */
+ if (stream == ctx->stream_template) {
+ srtp_stream_ctx_t *new_stream;
+
+ /*
+ * allocate and initialize a new stream
+ *
+ * note that we indicate failure if we can't allocate the new
+ * stream, and some implementations will want to not return
+ * failure here
+ */
+ status = srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream);
+ if (status)
+ return status;
+
+ /* add new stream to the head of the stream_list */
+ new_stream->next = ctx->stream_list;
+ ctx->stream_list = new_stream;
+
+ /* set stream (the pointer used in this function) */
+ stream = new_stream;
+ }
+
+ /*
+ * the message authentication function passed, so add the packet
+ * index into the replay database
+ */
+ rdbx_add_index(&stream->rtp_rdbx, delta);
+
+ /* decrease the packet length by the length of the auth tag */
+ *pkt_octet_len -= tag_len;
+
+ return err_status_ok;
+}
+
+err_status_t
+srtp_init() {
+ err_status_t status;
+
+ /* initialize crypto kernel */
+ status = crypto_kernel_init();
+ if (status)
+ return status;
+
+ /* load srtp debug module into the kernel */
+ status = crypto_kernel_load_debug_module(&mod_srtp);
+ if (status)
+ return status;
+
+ return err_status_ok;
+}
+
+/*
+ * The following code is under consideration for removal. See
+ * SRTP_MAX_TRAILER_LEN
+ */
+#if 0
+
+/*
+ * srtp_get_trailer_length(&a) returns the number of octets that will
+ * be added to an RTP packet by the SRTP processing. This value
+ * is constant for a given srtp_stream_t (i.e. between initializations).
+ */
+
+int
+srtp_get_trailer_length(const srtp_stream_t s) {
+ return auth_get_tag_length(s->rtp_auth);
+}
+
+#endif
+
+/*
+ * srtp_get_stream(ssrc) returns a pointer to the stream corresponding
+ * to ssrc, or NULL if no stream exists for that ssrc
+ *
+ * this is an internal function
+ */
+
+srtp_stream_ctx_t *
+srtp_get_stream(srtp_t srtp, uint32_t ssrc) {
+ srtp_stream_ctx_t *stream;
+
+ /* walk down list until ssrc is found */
+ stream = srtp->stream_list;
+ while (stream != NULL) {
+ if (stream->ssrc == ssrc)
+ return stream;
+ stream = stream->next;
+ }
+
+ /* we haven't found our ssrc, so return a null */
+ return NULL;
+}
+
+err_status_t
+srtp_dealloc(srtp_t session) {
+ srtp_stream_ctx_t *stream;
+ err_status_t status;
+
+ /*
+ * we take a conservative deallocation strategy - if we encounter an
+ * error deallocating a stream, then we stop trying to deallocate
+ * memory and just return an error
+ */
+
+ /* walk list of streams, deallocating as we go */
+ stream = session->stream_list;
+ while (stream != NULL) {
+ srtp_stream_t next = stream->next;
+ status = srtp_stream_dealloc(session, stream);
+ if (status)
+ return status;
+ stream = next;
+ }
+
+ /* deallocate stream template, if there is one */
+ if (session->stream_template != NULL) {
+ status = auth_dealloc(session->stream_template->rtcp_auth);
+ if (status)
+ return status;
+ status = cipher_dealloc(session->stream_template->rtcp_cipher);
+ if (status)
+ return status;
+ crypto_free(session->stream_template->limit);
+ status = cipher_dealloc(session->stream_template->rtp_cipher);
+ if (status)
+ return status;
+ status = auth_dealloc(session->stream_template->rtp_auth);
+ if (status)
+ return status;
+ crypto_free(session->stream_template);
+ }
+
+ /* deallocate session context */
+ crypto_free(session);
+
+ return err_status_ok;
+}
+
+
+err_status_t
+srtp_add_stream(srtp_t session,
+ const srtp_policy_t *policy) {
+ err_status_t status;
+ srtp_stream_t tmp;
+
+ /* sanity check arguments */
+ if ((session == NULL) || (policy == NULL) || (policy->key == NULL))
+ return err_status_bad_param;
+
+ /* allocate stream */
+ status = srtp_stream_alloc(&tmp, policy);
+ if (status) {
+ return status;
+ }
+
+ /* initialize stream */
+ status = srtp_stream_init(tmp, policy);
+ if (status) {
+ crypto_free(tmp);
+ return status;
+ }
+
+ /*
+ * set the head of the stream list or the template to point to the
+ * stream that we've just alloced and init'ed, depending on whether
+ * or not it has a wildcard SSRC value or not
+ *
+ * if the template stream has already been set, then the policy is
+ * inconsistent, so we return a bad_param error code
+ */
+ switch (policy->ssrc.type) {
+ case (ssrc_any_outbound):
+ if (session->stream_template) {
+ return err_status_bad_param;
+ }
+ session->stream_template = tmp;
+ session->stream_template->direction = dir_srtp_sender;
+ break;
+ case (ssrc_any_inbound):
+ if (session->stream_template) {
+ return err_status_bad_param;
+ }
+ session->stream_template = tmp;
+ session->stream_template->direction = dir_srtp_receiver;
+ break;
+ case (ssrc_specific):
+ tmp->next = session->stream_list;
+ session->stream_list = tmp;
+ break;
+ case (ssrc_undefined):
+ default:
+ crypto_free(tmp);
+ return err_status_bad_param;
+ }
+
+ return err_status_ok;
+}
+
+
+err_status_t
+srtp_create(srtp_t *session, /* handle for session */
+ const srtp_policy_t *policy) { /* SRTP policy (list) */
+ err_status_t stat;
+ srtp_ctx_t *ctx;
+
+ /* sanity check arguments */
+ if (session == NULL)
+ return err_status_bad_param;
+
+ /* allocate srtp context and set ctx_ptr */
+ ctx = (srtp_ctx_t *) crypto_alloc(sizeof(srtp_ctx_t));
+ if (ctx == NULL)
+ return err_status_alloc_fail;
+ *session = ctx;
+
+ /*
+ * loop over elements in the policy list, allocating and
+ * initializing a stream for each element
+ */
+ ctx->stream_template = NULL;
+ ctx->stream_list = NULL;
+ while (policy != NULL) {
+
+ stat = srtp_add_stream(ctx, policy);
+ if (stat) {
+ /* clean up everything */
+ srtp_dealloc(*session);
+ return stat;
+ }
+
+ /* set policy to next item in list */
+ policy = policy->next;
+ }
+
+ return err_status_ok;
+}
+
+
+err_status_t
+srtp_remove_stream(srtp_t session, uint32_t ssrc) {
+ srtp_stream_ctx_t *stream, *last_stream;
+ err_status_t status;
+
+ /* sanity check arguments */
+ if (session == NULL)
+ return err_status_bad_param;
+
+ /* find stream in list; complain if not found */
+ last_stream = stream = session->stream_list;
+ while ((stream != NULL) && (ssrc != stream->ssrc)) {
+ last_stream = stream;
+ stream = stream->next;
+ }
+ if (stream == NULL)
+ return err_status_no_ctx;
+
+ /* remove stream from the list */
+ last_stream->next = stream->next;
+
+ /* deallocate the stream */
+ status = srtp_stream_dealloc(session, stream);
+ if (status)
+ return status;
+
+ return err_status_ok;
+}
+
+
+/*
+ * the default policy - provides a convenient way for callers to use
+ * the default security policy
+ *
+ * this policy is that defined in the current SRTP internet draft.
+ *
+ */
+
+/*
+ * NOTE: cipher_key_len is really key len (128 bits) plus salt len
+ * (112 bits)
+ */
+/* There are hard-coded 16's for base_key_len in the key generation code */
+
+void
+crypto_policy_set_rtp_default(crypto_policy_t *p) {
+
+ p->cipher_type = AES_128_ICM;
+ p->cipher_key_len = 30; /* default 128 bits per RFC 3711 */
+ p->auth_type = HMAC_SHA1;
+ p->auth_key_len = 20; /* default 160 bits per RFC 3711 */
+ p->auth_tag_len = 10; /* default 80 bits per RFC 3711 */
+ p->sec_serv = sec_serv_conf_and_auth;
+
+}
+
+void
+crypto_policy_set_rtcp_default(crypto_policy_t *p) {
+
+ p->cipher_type = AES_128_ICM;
+ p->cipher_key_len = 30; /* default 128 bits per RFC 3711 */
+ p->auth_type = HMAC_SHA1;
+ p->auth_key_len = 20; /* default 160 bits per RFC 3711 */
+ p->auth_tag_len = 10; /* default 80 bits per RFC 3711 */
+ p->sec_serv = sec_serv_conf_and_auth;
+
+}
+
+void
+crypto_policy_set_aes_cm_128_hmac_sha1_32(crypto_policy_t *p) {
+
+ /*
+ * corresponds to draft-ietf-mmusic-sdescriptions-12.txt
+ *
+ * note that this crypto policy is intended for SRTP, but not SRTCP
+ */
+
+ p->cipher_type = AES_128_ICM;
+ p->cipher_key_len = 30; /* 128 bit key, 112 bit salt */
+ p->auth_type = HMAC_SHA1;
+ p->auth_key_len = 20; /* 160 bit key */
+ p->auth_tag_len = 4; /* 32 bit tag */
+ p->sec_serv = sec_serv_conf_and_auth;
+
+}
+
+
+void
+crypto_policy_set_aes_cm_128_null_auth(crypto_policy_t *p) {
+
+ /*
+ * corresponds to draft-ietf-mmusic-sdescriptions-12.txt
+ *
+ * note that this crypto policy is intended for SRTP, but not SRTCP
+ */
+
+ p->cipher_type = AES_128_ICM;
+ p->cipher_key_len = 30; /* 128 bit key, 112 bit salt */
+ p->auth_type = NULL_AUTH;
+ p->auth_key_len = 0;
+ p->auth_tag_len = 0;
+ p->sec_serv = sec_serv_conf;
+
+}
+
+
+void
+crypto_policy_set_null_cipher_hmac_sha1_80(crypto_policy_t *p) {
+
+ /*
+ * corresponds to draft-ietf-mmusic-sdescriptions-12.txt
+ */
+
+ p->cipher_type = NULL_CIPHER;
+ p->cipher_key_len = 0;
+ p->auth_type = HMAC_SHA1;
+ p->auth_key_len = 20;
+ p->auth_tag_len = 10;
+ p->sec_serv = sec_serv_auth;
+
+}
+
+
+/*
+ * secure rtcp functions
+ */
+
+err_status_t
+srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len) {
+ srtcp_hdr_t *hdr = (srtcp_hdr_t *)rtcp_hdr;
+ uint32_t *enc_start; /* pointer to start of encrypted portion */
+ uint32_t *auth_start; /* pointer to start of auth. portion */
+ uint32_t *trailer; /* pointer to start of trailer */
+ unsigned enc_octet_len = 0;/* number of octets in encrypted portion */
+ uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
+ err_status_t status;
+ int tag_len;
+ srtp_stream_ctx_t *stream;
+ int prefix_len;
+ uint32_t seq_num;
+
+ /* we assume the hdr is 32-bit aligned to start */
+ /*
+ * look up ssrc in srtp_stream list, and process the packet with
+ * the appropriate stream. if we haven't seen this stream before,
+ * there's only one key for this srtp_session, and the cipher
+ * supports key-sharing, then we assume that a new stream using
+ * that key has just started up
+ */
+ stream = srtp_get_stream(ctx, hdr->ssrc);
+ if (stream == NULL) {
+ if (ctx->stream_template != NULL) {
+ srtp_stream_ctx_t *new_stream;
+
+ /* allocate and initialize a new stream */
+ status = srtp_stream_clone(ctx->stream_template,
+ hdr->ssrc, &new_stream);
+ if (status)
+ return status;
+
+ /* add new stream to the head of the stream_list */
+ new_stream->next = ctx->stream_list;
+ ctx->stream_list = new_stream;
+
+ /* set stream (the pointer used in this function) */
+ stream = new_stream;
+ } else {
+ /* no template stream, so we return an error */
+ return err_status_no_ctx;
+ }
+ }
+
+ /*
+ * verify that stream is for sending traffic - this check will
+ * detect SSRC collisions, since a stream that appears in both
+ * srtp_protect() and srtp_unprotect() will fail this test in one of
+ * those functions.
+ */
+ if (stream->direction != dir_srtp_sender) {
+ if (stream->direction == dir_unknown) {
+ stream->direction = dir_srtp_sender;
+ } else {
+ srtp_handle_event(ctx, stream, event_ssrc_collision);
+ }
+ }
+
+ /* get tag length from stream context */
+ tag_len = auth_get_tag_length(stream->rtcp_auth);
+
+ /*
+ * set encryption start and encryption length - if we're not
+ * providing confidentiality, set enc_start to NULL
+ */
+ enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header;
+ enc_octet_len = *pkt_octet_len - octets_in_rtcp_header;
+
+ /* all of the packet, except the header, gets encrypted */
+ /* NOTE: hdr->length is not usable - it refers to only the first
+ RTCP report in the compound packet! */
+ /* NOTE: trailer is 32-bit aligned because RTCP 'packets' are always
+ multiples of 32-bits (RFC 3550 6.1) */
+ trailer = (uint32_t *) ((char *)enc_start + enc_octet_len);
+
+ if (stream->rtcp_services & sec_serv_conf) {
+ *trailer = htonl(SRTCP_E_BIT); /* set encrypt bit */
+ } else {
+ enc_start = NULL;
+ enc_octet_len = 0;
+ /* 0 is network-order independant */
+ *trailer = 0x00000000; /* set encrypt bit */
+ }
+
+ /*
+ * set the auth_start and auth_tag pointers to the proper locations
+ * (note that srtpc *always* provides authentication, unlike srtp)
+ */
+ /* Note: This would need to change for optional mikey data */
+ auth_start = (uint32_t *)hdr;
+ auth_tag = (uint8_t *)hdr + *pkt_octet_len + sizeof(srtcp_trailer_t);
+
+ /*
+ * check sequence number for overruns, and copy it into the packet
+ * if its value isn't too big
+ */
+ status = rdb_increment(&stream->rtcp_rdb);
+ if (status)
+ return status;
+ seq_num = rdb_get_value(&stream->rtcp_rdb);
+ *trailer |= htonl(seq_num);
+ debug_print(mod_srtp, "srtcp index: %x", seq_num);
+
+ /*
+ * if we're using rindael counter mode, set nonce and seq
+ */
+ if (stream->rtcp_cipher->type == &aes_icm) {
+ v128_t iv;
+
+ iv.v32[0] = 0;
+ iv.v32[1] = hdr->ssrc; /* still in network order! */
+ iv.v32[2] = htonl(seq_num >> 16);
+ iv.v32[3] = htonl(seq_num << 16);
+ status = aes_icm_set_iv((aes_icm_ctx_t*)stream->rtcp_cipher->state, &iv);
+
+ } else {
+ v128_t iv;
+
+ /* otherwise, just set the index to seq_num */
+ iv.v32[0] = 0;
+ iv.v32[1] = 0;
+ iv.v32[2] = 0;
+ iv.v32[3] = htonl(seq_num);
+ status = cipher_set_iv(stream->rtcp_cipher, &iv);
+ }
+ if (status)
+ return err_status_cipher_fail;
+
+ /*
+ * if we're authenticating using a universal hash, put the keystream
+ * prefix into the authentication tag
+ */
+
+ /* if auth_start is non-null, then put keystream into tag */
+ if (auth_start) {
+
+ /* put keystream prefix into auth_tag */
+ prefix_len = auth_get_prefix_length(stream->rtcp_auth);
+ status = cipher_output(stream->rtcp_cipher, auth_tag, prefix_len);
+
+ debug_print(mod_srtp, "keystream prefix: %s",
+ octet_string_hex_string(auth_tag, prefix_len));
+
+ if (status)
+ return err_status_cipher_fail;
+ }
+
+ /* if we're encrypting, exor keystream into the message */
+ if (enc_start) {
+ status = cipher_encrypt(stream->rtcp_cipher,
+ (uint8_t *)enc_start, &enc_octet_len);
+ if (status)
+ return err_status_cipher_fail;
+ }
+
+ /* initialize auth func context */
+ auth_start(stream->rtcp_auth);
+
+ /*
+ * run auth func over packet (including trailer), and write the
+ * result at auth_tag
+ */
+ status = auth_compute(stream->rtcp_auth,
+ (uint8_t *)auth_start,
+ (*pkt_octet_len) + sizeof(srtcp_trailer_t),
+ auth_tag);
+ debug_print(mod_srtp, "srtcp auth tag: %s",
+ octet_string_hex_string(auth_tag, tag_len));
+ if (status)
+ return err_status_auth_fail;
+
+ /* increase the packet length by the length of the auth tag and seq_num*/
+ *pkt_octet_len += (tag_len + sizeof(srtcp_trailer_t));
+
+ return err_status_ok;
+}
+
+
+err_status_t
+srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) {
+ srtcp_hdr_t *hdr = (srtcp_hdr_t *)srtcp_hdr;
+ uint32_t *enc_start; /* pointer to start of encrypted portion */
+ uint32_t *auth_start; /* pointer to start of auth. portion */
+ uint32_t *trailer; /* pointer to start of trailer */
+ unsigned enc_octet_len = 0;/* number of octets in encrypted portion */
+ uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
+ uint8_t tmp_tag[SRTP_MAX_TAG_LEN];
+ err_status_t status;
+ int tag_len;
+ srtp_stream_ctx_t *stream;
+ int prefix_len;
+ uint32_t seq_num;
+
+ /* we assume the hdr is 32-bit aligned to start */
+ /*
+ * look up ssrc in srtp_stream list, and process the packet with
+ * the appropriate stream. if we haven't seen this stream before,
+ * there's only one key for this srtp_session, and the cipher
+ * supports key-sharing, then we assume that a new stream using
+ * that key has just started up
+ */
+ stream = srtp_get_stream(ctx, hdr->ssrc);
+ if (stream == NULL) {
+ if (ctx->stream_template != NULL) {
+ stream = ctx->stream_template;
+ debug_print(mod_srtp, "srtcp using provisional stream (SSRC: 0x%08x)",
+ hdr->ssrc);
+ } else {
+ /* no template stream, so we return an error */
+ return err_status_no_ctx;
+ }
+ }
+
+ /* get tag length from stream context */
+ tag_len = auth_get_tag_length(stream->rtcp_auth);
+
+ /*
+ * set encryption start, encryption length, and trailer
+ */
+ enc_octet_len = *pkt_octet_len -
+ (octets_in_rtcp_header + tag_len + sizeof(srtcp_trailer_t));
+ /* index & E (encryption) bit follow normal data. hdr->len
+ is the number of words (32-bit) in the normal packet minus 1 */
+ /* This should point trailer to the word past the end of the
+ normal data. */
+ /* This would need to be modified for optional mikey data */
+ /*
+ * NOTE: trailer is 32-bit aligned because RTCP 'packets' are always
+ * multiples of 32-bits (RFC 3550 6.1)
+ */
+ trailer = (uint32_t *) ((char *) hdr +
+ *pkt_octet_len -(tag_len + sizeof(srtcp_trailer_t)));
+ if (*((unsigned char *) trailer) & SRTCP_E_BYTE_BIT) {
+ enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header;
+ } else {
+ enc_octet_len = 0;
+ enc_start = NULL; /* this indicates that there's no encryption */
+ }
+
+ /*
+ * set the auth_start and auth_tag pointers to the proper locations
+ * (note that srtcp *always* uses authentication, unlike srtp)
+ */
+ auth_start = (uint32_t *)hdr;
+ auth_tag = (uint8_t *)hdr + *pkt_octet_len - tag_len;
+
+ /*
+ * check the sequence number for replays
+ */
+ /* this is easier than dealing with bitfield access */
+ seq_num = ntohl(*trailer) & SRTCP_INDEX_MASK;
+ debug_print(mod_srtp, "srtcp index: %x", seq_num);
+ status = rdb_check(&stream->rtcp_rdb, seq_num);
+ if (status)
+ return status;
+
+ /*
+ * if we're using aes counter mode, set nonce and seq
+ */
+ if (stream->rtcp_cipher->type == &aes_icm) {
+ v128_t iv;
+
+ iv.v32[0] = 0;
+ iv.v32[1] = hdr->ssrc; /* still in network order! */
+ iv.v32[2] = htonl(seq_num >> 16);
+ iv.v32[3] = htonl(seq_num << 16);
+ status = aes_icm_set_iv((aes_icm_ctx_t*)stream->rtcp_cipher->state, &iv);
+
+ } else {
+ v128_t iv;
+
+ /* otherwise, just set the index to seq_num */
+ iv.v32[0] = 0;
+ iv.v32[1] = 0;
+ iv.v32[2] = 0;
+ iv.v32[3] = htonl(seq_num);
+ status = cipher_set_iv(stream->rtcp_cipher, &iv);
+
+ }
+ if (status)
+ return err_status_cipher_fail;
+
+ /* initialize auth func context */
+ auth_start(stream->rtcp_auth);
+
+ /* run auth func over packet, put result into tmp_tag */
+ status = auth_compute(stream->rtcp_auth, (uint8_t *)auth_start,
+ *pkt_octet_len - tag_len,
+ tmp_tag);
+ debug_print(mod_srtp, "srtcp computed tag: %s",
+ octet_string_hex_string(tmp_tag, tag_len));
+ if (status)
+ return err_status_auth_fail;
+
+ /* compare the tag just computed with the one in the packet */
+ debug_print(mod_srtp, "srtcp tag from packet: %s",
+ octet_string_hex_string(auth_tag, tag_len));
+ if (octet_string_is_eq(tmp_tag, auth_tag, tag_len))
+ return err_status_auth_fail;
+
+ /*
+ * if we're authenticating using a universal hash, put the keystream
+ * prefix into the authentication tag
+ */
+ prefix_len = auth_get_prefix_length(stream->rtcp_auth);
+ if (prefix_len) {
+ status = cipher_output(stream->rtcp_cipher, auth_tag, prefix_len);
+ debug_print(mod_srtp, "keystream prefix: %s",
+ octet_string_hex_string(auth_tag, prefix_len));
+ if (status)
+ return err_status_cipher_fail;
+ }
+
+ /* if we're decrypting, exor keystream into the message */
+ if (enc_start) {
+ status = cipher_encrypt(stream->rtcp_cipher,
+ (uint8_t *)enc_start, &enc_octet_len);
+ if (status)
+ return err_status_cipher_fail;
+ }
+
+ /* decrease the packet length by the length of the auth tag and seq_num*/
+ *pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t));
+
+ /*
+ * verify that stream is for received traffic - this check will
+ * detect SSRC collisions, since a stream that appears in both
+ * srtp_protect() and srtp_unprotect() will fail this test in one of
+ * those functions.
+ *
+ * we do this check *after* the authentication check, so that the
+ * latter check will catch any attempts to fool us into thinking
+ * that we've got a collision
+ */
+ if (stream->direction != dir_srtp_receiver) {
+ if (stream->direction == dir_unknown) {
+ stream->direction = dir_srtp_receiver;
+ } else {
+ srtp_handle_event(ctx, stream, event_ssrc_collision);
+ }
+ }
+
+ /*
+ * if the stream is a 'provisional' one, in which the template context
+ * is used, then we need to allocate a new stream at this point, since
+ * the authentication passed
+ */
+ if (stream == ctx->stream_template) {
+ srtp_stream_ctx_t *new_stream;
+
+ /*
+ * allocate and initialize a new stream
+ *
+ * note that we indicate failure if we can't allocate the new
+ * stream, and some implementations will want to not return
+ * failure here
+ */
+ status = srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream);
+ if (status)
+ return status;
+
+ /* add new stream to the head of the stream_list */
+ new_stream->next = ctx->stream_list;
+ ctx->stream_list = new_stream;
+
+ /* set stream (the pointer used in this function) */
+ stream = new_stream;
+ }
+
+ /* we've passed the authentication check, so add seq_num to the rdb */
+ rdb_add_index(&stream->rtcp_rdb, seq_num);
+
+
+ return err_status_ok;
+}
+
+
+
+/*
+ * dtls keying for srtp
+ */
+
+err_status_t
+crypto_policy_set_from_profile_for_rtp(crypto_policy_t *policy,
+ srtp_profile_t profile) {
+
+ /* set SRTP policy from the SRTP profile in the key set */
+ switch(profile) {
+ case srtp_profile_aes128_cm_sha1_80:
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+ crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_null_sha1_80:
+ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+ break;
+ /* the following profiles are not (yet) supported */
+ case srtp_profile_null_sha1_32:
+ case srtp_profile_aes256_cm_sha1_80:
+ case srtp_profile_aes256_cm_sha1_32:
+ default:
+ return err_status_bad_param;
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_policy_set_from_profile_for_rtcp(crypto_policy_t *policy,
+ srtp_profile_t profile) {
+
+ /* set SRTP policy from the SRTP profile in the key set */
+ switch(profile) {
+ case srtp_profile_aes128_cm_sha1_80:
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_null_sha1_80:
+ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+ break;
+ /* the following profiles are not (yet) supported */
+ case srtp_profile_null_sha1_32:
+ case srtp_profile_aes256_cm_sha1_80:
+ case srtp_profile_aes256_cm_sha1_32:
+ default:
+ return err_status_bad_param;
+ }
+
+ return err_status_ok;
+}
+
+void
+append_salt_to_key(uint8_t *key, unsigned int bytes_in_key,
+ uint8_t *salt, unsigned int bytes_in_salt) {
+
+ memcpy(key + bytes_in_key, salt, bytes_in_salt);
+
+}
+
+unsigned int
+srtp_profile_get_master_key_length(srtp_profile_t profile) {
+
+ switch(profile) {
+ case srtp_profile_aes128_cm_sha1_80:
+ return 16;
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+ return 16;
+ break;
+ case srtp_profile_null_sha1_80:
+ return 16;
+ break;
+ /* the following profiles are not (yet) supported */
+ case srtp_profile_null_sha1_32:
+ case srtp_profile_aes256_cm_sha1_80:
+ case srtp_profile_aes256_cm_sha1_32:
+ default:
+ return 0; /* indicate error by returning a zero */
+ }
+}
+
+unsigned int
+srtp_profile_get_master_salt_length(srtp_profile_t profile) {
+
+ switch(profile) {
+ case srtp_profile_aes128_cm_sha1_80:
+ return 14;
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+ return 14;
+ break;
+ case srtp_profile_null_sha1_80:
+ return 14;
+ break;
+ /* the following profiles are not (yet) supported */
+ case srtp_profile_null_sha1_32:
+ case srtp_profile_aes256_cm_sha1_80:
+ case srtp_profile_aes256_cm_sha1_32:
+ default:
+ return 0; /* indicate error by returning a zero */
+ }
+}
diff --git a/srtp/srtp7.sln b/srtp/srtp7.sln
new file mode 100644
index 0000000..5afac6b
--- /dev/null
+++ b/srtp/srtp7.sln
@@ -0,0 +1,21 @@
+Microsoft Visual Studio Solution File, Format Version 8.00
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libSRTP", "srtp7.vcproj", "{7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}"
+ ProjectSection(ProjectDependencies) = postProject
+ EndProjectSection
+EndProject
+Global
+ GlobalSection(SolutionConfiguration) = preSolution
+ Debug = Debug
+ Release = Release
+ EndGlobalSection
+ GlobalSection(ProjectConfiguration) = postSolution
+ {7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}.Debug.ActiveCfg = Debug|Win32
+ {7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}.Debug.Build.0 = Debug|Win32
+ {7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}.Release.ActiveCfg = Release|Win32
+ {7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}.Release.Build.0 = Release|Win32
+ EndGlobalSection
+ GlobalSection(ExtensibilityGlobals) = postSolution
+ EndGlobalSection
+ GlobalSection(ExtensibilityAddIns) = postSolution
+ EndGlobalSection
+EndGlobal
diff --git a/srtp/srtp7.vcproj b/srtp/srtp7.vcproj
new file mode 100644
index 0000000..5ca0a69
--- /dev/null
+++ b/srtp/srtp7.vcproj
@@ -0,0 +1,298 @@
+<?xml version="1.0" encoding="Windows-1252"?>
+<VisualStudioProject
+ ProjectType="Visual C++"
+ Version="7.10"
+ Name="libSRTP"
+ ProjectGUID="{7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}"
+ Keyword="Win32Proj">
+ <Platforms>
+ <Platform
+ Name="Win32"/>
+ </Platforms>
+ <Configurations>
+ <Configuration
+ Name="Debug|Win32"
+ OutputDirectory="Debug"
+ IntermediateDirectory="Debug"
+ ConfigurationType="1"
+ CharacterSet="2">
+ <Tool
+ Name="VCCLCompilerTool"
+ Optimization="0"
+ InlineFunctionExpansion="0"
+ AdditionalIncludeDirectories="C:\dev\foo\srtp;&quot;$(SolutionDir)&quot;;.\include;.\crypto\include;&quot;..\..\OpenSSL\openssl-0.9.7i\inc32&quot;;&quot;C:Library\OpenSSL\openssl-0.9.8\inc32&quot;"
+ PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;DEBUG"
+ ExceptionHandling="FALSE"
+ BasicRuntimeChecks="0"
+ RuntimeLibrary="1"
+ UsePrecompiledHeader="0"
+ WarningLevel="3"
+ Detect64BitPortabilityProblems="TRUE"
+ DebugInformationFormat="4"
+ CompileAs="1"/>
+ <Tool
+ Name="VCCustomBuildTool"/>
+ <Tool
+ Name="VCLinkerTool"
+ AdditionalDependencies="Ws2_32.lib libeay32.lib ssleay32.lib"
+ AdditionalLibraryDirectories="&quot;Library\OpenSSL\openssl-0.9.8\libs&quot;"
+ GenerateDebugInformation="TRUE"/>
+ <Tool
+ Name="VCMIDLTool"/>
+ <Tool
+ Name="VCPostBuildEventTool"/>
+ <Tool
+ Name="VCPreBuildEventTool"/>
+ <Tool
+ Name="VCPreLinkEventTool"/>
+ <Tool
+ Name="VCResourceCompilerTool"/>
+ <Tool
+ Name="VCWebServiceProxyGeneratorTool"/>
+ <Tool
+ Name="VCXMLDataGeneratorTool"/>
+ <Tool
+ Name="VCWebDeploymentTool"/>
+ <Tool
+ Name="VCManagedWrapperGeneratorTool"/>
+ <Tool
+ Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
+ </Configuration>
+ <Configuration
+ Name="Release|Win32"
+ OutputDirectory="Release"
+ IntermediateDirectory="Release"
+ ConfigurationType="4"
+ CharacterSet="2">
+ <Tool
+ Name="VCCLCompilerTool"
+ AdditionalIncludeDirectories="&quot;.\include&quot;;&quot;.\crypto\include&quot;;&quot;..\..\OpenSSL\openssl-0.9.7i\inc32&quot;"
+ PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
+ BasicRuntimeChecks="0"
+ RuntimeLibrary="0"
+ UsePrecompiledHeader="0"
+ ObjectFile="$(IntDir)/"
+ WarningLevel="3"
+ Detect64BitPortabilityProblems="TRUE"
+ DebugInformationFormat="3"/>
+ <Tool
+ Name="VCCustomBuildTool"/>
+ <Tool
+ Name="VCLibrarianTool"/>
+ <Tool
+ Name="VCMIDLTool"/>
+ <Tool
+ Name="VCPostBuildEventTool"/>
+ <Tool
+ Name="VCPreBuildEventTool"/>
+ <Tool
+ Name="VCPreLinkEventTool"/>
+ <Tool
+ Name="VCResourceCompilerTool"/>
+ <Tool
+ Name="VCWebServiceProxyGeneratorTool"/>
+ <Tool
+ Name="VCXMLDataGeneratorTool"/>
+ <Tool
+ Name="VCManagedWrapperGeneratorTool"/>
+ <Tool
+ Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
+ </Configuration>
+ </Configurations>
+ <References>
+ </References>
+ <Files>
+ <Filter
+ Name="Source Files"
+ Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
+ UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
+ <File
+ RelativePath=".\test\getopt.c">
+ </File>
+ <File
+ RelativePath=".\srtp\srtp.c">
+ </File>
+ <File
+ RelativePath=".\test\srtp_driver.c">
+ </File>
+ <Filter
+ Name="Kernel">
+ <File
+ RelativePath=".\crypto\kernel\alloc.c">
+ </File>
+ <File
+ RelativePath=".\crypto\kernel\crypto_kernel.c">
+ </File>
+ <File
+ RelativePath=".\crypto\rng\ctr_prng.c">
+ </File>
+ <File
+ RelativePath=".\crypto\kernel\err.c">
+ </File>
+ <File
+ RelativePath=".\crypto\kernel\key.c">
+ </File>
+ <File
+ RelativePath=".\crypto\rng\prng.c">
+ </File>
+ <File
+ RelativePath=".\crypto\rng\rand_source.c">
+ </File>
+ </Filter>
+ <Filter
+ Name="Ciphers">
+ <File
+ RelativePath=".\crypto\cipher\aes.c">
+ </File>
+ <File
+ RelativePath=".\crypto\cipher\aes_cbc.c">
+ </File>
+ <File
+ RelativePath=".\crypto\cipher\aes_icm.c">
+ </File>
+ <File
+ RelativePath=".\crypto\cipher\cipher.c">
+ </File>
+ <File
+ RelativePath=".\crypto\cipher\null_cipher.c">
+ </File>
+ </Filter>
+ <Filter
+ Name="Hashes">
+ <File
+ RelativePath=".\crypto\hash\auth.c">
+ </File>
+ <File
+ RelativePath=".\crypto\hash\hmac.c">
+ </File>
+ <File
+ RelativePath=".\crypto\hash\null_auth.c">
+ </File>
+ <File
+ RelativePath=".\crypto\hash\sha1.c">
+ </File>
+ </Filter>
+ <Filter
+ Name="Replay">
+ <File
+ RelativePath=".\crypto\replay\rdb.c">
+ </File>
+ <File
+ RelativePath=".\crypto\replay\rdbx.c">
+ </File>
+ <File
+ RelativePath=".\crypto\replay\ut_sim.c">
+ </File>
+ </Filter>
+ <Filter
+ Name="Math">
+ <File
+ RelativePath=".\crypto\math\datatypes.c">
+ </File>
+ <File
+ RelativePath=".\crypto\math\stat.c">
+ </File>
+ </Filter>
+ </Filter>
+ <Filter
+ Name="Header Files"
+ Filter="h;hpp;hxx;hm;inl;inc;xsd"
+ UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
+ <File
+ RelativePath=".\crypto\include\aes.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\aes_cbc.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\aes_icm.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\alloc.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\auth.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\cipher.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\config.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\crypto.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\crypto_kernel.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\crypto_math.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\crypto_types.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\cryptoalg.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\datatypes.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\err.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\gf2_8.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\hmac.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\integers.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\kernel_compat.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\key.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\null_auth.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\null_cipher.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\prng.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\rand_source.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\rdb.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\rdbx.h">
+ </File>
+ <File
+ RelativePath=".\include\rtp.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\sha1.h">
+ </File>
+ <File
+ RelativePath=".\include\srtp.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\stat.h">
+ </File>
+ <File
+ RelativePath=".\include\ut_sim.h">
+ </File>
+ <File
+ RelativePath=".\crypto\include\xfm.h">
+ </File>
+ </Filter>
+ </Files>
+ <Globals>
+ </Globals>
+</VisualStudioProject>
diff --git a/srtp/tables/.cvsignore b/srtp/tables/.cvsignore
new file mode 100644
index 0000000..45492b4
--- /dev/null
+++ b/srtp/tables/.cvsignore
@@ -0,0 +1 @@
+aes_tables
diff --git a/srtp/tables/CVS/Entries b/srtp/tables/CVS/Entries
new file mode 100644
index 0000000..c0cc166
--- /dev/null
+++ b/srtp/tables/CVS/Entries
@@ -0,0 +1,3 @@
+/.cvsignore/1.1/Thu Sep 29 12:06:41 2005//
+/aes_tables.c/1.7/Thu Jun 8 17:00:29 2006//
+D
diff --git a/srtp/tables/CVS/Repository b/srtp/tables/CVS/Repository
new file mode 100644
index 0000000..9cf6c91
--- /dev/null
+++ b/srtp/tables/CVS/Repository
@@ -0,0 +1 @@
+srtp/tables
diff --git a/srtp/tables/CVS/Root b/srtp/tables/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/tables/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/tables/aes_tables.c b/srtp/tables/aes_tables.c
new file mode 100644
index 0000000..b2bc1d7
--- /dev/null
+++ b/srtp/tables/aes_tables.c
@@ -0,0 +1,346 @@
+/*
+ * aes_tables.c
+ *
+ * generate tables for the AES cipher
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h>
+#include "gf2_8.h"
+#include "crypto_math.h"
+
+
+unsigned char aes_sbox[256];
+
+unsigned char aes_inv_sbox[256];
+
+uint32_t T0[256], T1[256], T2[256], T3[256], T4[256];
+
+
+#define AES_INVERSE_TEST 0 /* set to 1 to test forward/backwards aes */
+
+/* functions for precomputing AES values */
+
+/*
+ * A[] is the 8 x 8 binary matrix (represented as an array of columns,
+ * where each column is an octet) which defines the affine
+ * transformation used in the AES substitution table (Section
+ * 4.2.1 of the spec).
+ */
+
+uint8_t A[8] = { 31, 62, 124, 248, 241, 227, 199, 143 };
+
+/*
+ * b is the 8 bit vector (represented as an octet) used in the affine
+ * transform described above.
+ */
+
+uint8_t b = 99;
+
+
+void
+aes_init_sbox(void) {
+ unsigned int i;
+ uint8_t x;
+
+ for (i=0; i < 256; i++) {
+ x = gf2_8_compute_inverse((gf2_8)i);
+ x = A_times_x_plus_b(A, x, b);
+ aes_sbox[i] = x;
+ aes_inv_sbox[x] = i;
+ }
+}
+
+void
+aes_compute_tables(void) {
+ int i;
+ uint32_t x1, x2, x3;
+ v32_t tmp;
+
+ /* initialize substitution table */
+ aes_init_sbox();
+
+ /* combine sbox with linear operations to form 8-bit to 32-bit tables */
+ for (i=0; i < 256; i++) {
+ x1 = aes_sbox[i];
+ x2 = gf2_8_shift(x1);
+ x3 = x2 ^ x1;
+
+ tmp.v8[0] = x2;
+ tmp.v8[1] = x1;
+ tmp.v8[2] = x1;
+ tmp.v8[3] = x3;
+ T0[i] = tmp.value;
+
+ tmp.v8[0] = x3;
+ tmp.v8[1] = x2;
+ tmp.v8[2] = x1;
+ tmp.v8[3] = x1;
+ T1[i] = tmp.value;
+
+ tmp.v8[0] = x1;
+ tmp.v8[1] = x3;
+ tmp.v8[2] = x2;
+ tmp.v8[3] = x1;
+ T2[i] = tmp.value;
+
+ tmp.v8[0] = x1;
+ tmp.v8[1] = x1;
+ tmp.v8[2] = x3;
+ tmp.v8[3] = x2;
+ T3[i] = tmp.value;
+
+ }
+}
+
+
+/*
+ * the tables U0, U1, U2, U3 implement the aes operations invSubBytes,
+ * invMixColumns, and invShiftRows
+ */
+
+uint32_t U0[256], U1[256], U2[256], U3[256], U4[256];
+
+extern uint8_t aes_inv_sbox[256];
+
+void
+aes_compute_inv_tables(void) {
+ int i;
+ uint8_t x, xe, x9, xd, xb;
+ v32_t tmp;
+
+ /* combine sbox with linear operations to form 8-bit to 32-bit tables */
+ for (i=0; i < 256; i++) {
+ x = aes_inv_sbox[i];
+
+ xe = gf2_8_multiply(0x0e, x);
+ x9 = gf2_8_multiply(0x09, x);
+ xd = gf2_8_multiply(0x0d, x);
+ xb = gf2_8_multiply(0x0b, x);
+
+ tmp.v8[0] = xe;
+ tmp.v8[1] = x9;
+ tmp.v8[2] = xd;
+ tmp.v8[3] = xb;
+ U0[i] = tmp.value;
+
+ tmp.v8[0] = xb;
+ tmp.v8[1] = xe;
+ tmp.v8[2] = x9;
+ tmp.v8[3] = xd;
+ U1[i] = tmp.value;
+
+ tmp.v8[0] = xd;
+ tmp.v8[1] = xb;
+ tmp.v8[2] = xe;
+ tmp.v8[3] = x9;
+ U2[i] = tmp.value;
+
+ tmp.v8[0] = x9;
+ tmp.v8[1] = xd;
+ tmp.v8[2] = xb;
+ tmp.v8[3] = xe;
+ U3[i] = tmp.value;
+
+ tmp.v8[0] = tmp.v8[1] = tmp.v8[2] = tmp.v8[3] = x;
+ U4[i] = tmp.value;
+ }
+}
+
+
+/*
+ * aes_test_inverse() returns err_status_ok if aes
+ * encryption and decryption are true inverses of each other, and
+ * returns err_status_algo_fail otherwise
+ */
+
+#include "err.h"
+
+err_status_t
+aes_test_inverse(void);
+
+#define TABLES_32BIT 1
+
+int
+main(void) {
+ int i;
+
+ aes_init_sbox();
+ aes_compute_inv_tables();
+
+#if TABLES_32BIT
+ printf("uint32_t U0 = {");
+ for (i=0; i < 256; i++) {
+ if ((i % 4) == 0)
+ printf("\n");
+ printf("0x%0x, ", U0[i]);
+ }
+ printf("\n}\n");
+
+ printf("uint32_t U1 = {");
+ for (i=0; i < 256; i++) {
+ if ((i % 4) == 0)
+ printf("\n");
+ printf("0x%x, ", U1[i]);
+ }
+ printf("\n}\n");
+
+ printf("uint32_t U2 = {");
+ for (i=0; i < 256; i++) {
+ if ((i % 4) == 0)
+ printf("\n");
+ printf("0x%x, ", U2[i]);
+ }
+ printf("\n}\n");
+
+ printf("uint32_t U3 = {");
+ for (i=0; i < 256; i++) {
+ if ((i % 4) == 0)
+ printf("\n");
+ printf("0x%x, ", U3[i]);
+ }
+ printf("\n}\n");
+
+ printf("uint32_t U4 = {");
+ for (i=0; i < 256; i++) {
+ if ((i % 4) == 0)
+ printf("\n");
+ printf("0x%x, ", U4[i]);
+ }
+ printf("\n}\n");
+
+#else
+
+ printf("uint32_t U0 = {");
+ for (i=0; i < 256; i++) {
+ if ((i % 4) == 0)
+ printf("\n");
+ printf("0x%lx, ", U0[i]);
+ }
+ printf("\n}\n");
+
+ printf("uint32_t U1 = {");
+ for (i=0; i < 256; i++) {
+ if ((i % 4) == 0)
+ printf("\n");
+ printf("0x%lx, ", U1[i]);
+ }
+ printf("\n}\n");
+
+ printf("uint32_t U2 = {");
+ for (i=0; i < 256; i++) {
+ if ((i % 4) == 0)
+ printf("\n");
+ printf("0x%lx, ", U2[i]);
+ }
+ printf("\n}\n");
+
+ printf("uint32_t U3 = {");
+ for (i=0; i < 256; i++) {
+ if ((i % 4) == 0)
+ printf("\n");
+ printf("0x%lx, ", U3[i]);
+ }
+ printf("\n}\n");
+
+ printf("uint32_t U4 = {");
+ for (i=0; i < 256; i++) {
+ if ((i % 4) == 0)
+ printf("\n");
+ printf("0x%lx, ", U4[i]);
+ }
+ printf("\n}\n");
+
+
+#endif /* TABLES_32BIT */
+
+
+#if AES_INVERSE_TEST
+ /*
+ * test that aes_encrypt and aes_decrypt are actually
+ * inverses of each other
+ */
+
+ printf("aes inverse test: ");
+ if (aes_test_inverse() == err_status_ok)
+ printf("passed\n");
+ else {
+ printf("failed\n");
+ exit(1);
+ }
+#endif
+
+ return 0;
+}
+
+#if AES_INVERSE_TEST
+
+err_status_t
+aes_test_inverse(void) {
+ v128_t x, y;
+ aes_expanded_key_t expanded_key, decrypt_key;
+ uint8_t plaintext[16] = {
+ 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+ 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
+ };
+ uint8_t key[16] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+ };
+ v128_t k;
+ v128_set_to_zero(&x);
+
+ v128_copy_octet_string(&k, key);
+ v128_copy_octet_string(&x, plaintext);
+ aes_expand_encryption_key(k, expanded_key);
+ aes_expand_decryption_key(k, decrypt_key);
+ aes_encrypt(&x, expanded_key);
+ aes_decrypt(&x, decrypt_key);
+
+ /* compare to expected value then report */
+ v128_copy_octet_string(&y, plaintext);
+
+ if (v128_is_eq(&x, &y))
+ return err_status_ok;
+ return err_status_algo_fail;
+
+}
+
+#endif
diff --git a/srtp/test/.cvsignore b/srtp/test/.cvsignore
new file mode 100644
index 0000000..2b9f0e7
--- /dev/null
+++ b/srtp/test/.cvsignore
@@ -0,0 +1,12 @@
+aes_calc
+cipher_driver
+datatypes_driver
+kernel_driver
+rand_gen
+rdbx_driver
+replay_driver
+roc_driver
+rtpw
+sha1_driver
+srtp_driver
+stat_driver
diff --git a/srtp/test/CVS/Entries b/srtp/test/CVS/Entries
new file mode 100644
index 0000000..1e3e6ac
--- /dev/null
+++ b/srtp/test/CVS/Entries
@@ -0,0 +1,12 @@
+/.cvsignore/1.1/Thu Sep 29 11:59:01 2005//
+/dtls_srtp_driver.c/1.3/Mon Jul 17 20:41:22 2006//
+/getopt_s.c/1.1/Mon Jul 17 20:41:22 2006//
+/lfsr.c/1.1.1.1/Wed Sep 21 22:51:46 2005//
+/rdbx_driver.c/1.4/Mon Jul 17 20:41:22 2006//
+/replay_driver.c/1.5/Thu Jun 8 17:00:30 2006//
+/roc_driver.c/1.3/Thu Jun 8 17:00:30 2006//
+/rtp.c/1.7/Thu Jul 13 19:04:53 2006//
+/rtpw.c/1.12/Mon Jul 17 20:41:22 2006//
+/rtpw_test.sh/1.1/Tue Jun 13 15:17:57 2006//
+/srtp_driver.c/1.13/Mon Sep 18 13:41:35 2006//
+D
diff --git a/srtp/test/CVS/Repository b/srtp/test/CVS/Repository
new file mode 100644
index 0000000..ef6b44c
--- /dev/null
+++ b/srtp/test/CVS/Repository
@@ -0,0 +1 @@
+srtp/test
diff --git a/srtp/test/CVS/Root b/srtp/test/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/test/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/test/dtls_srtp_driver b/srtp/test/dtls_srtp_driver
new file mode 100755
index 0000000..471706e
--- /dev/null
+++ b/srtp/test/dtls_srtp_driver
Binary files differ
diff --git a/srtp/test/dtls_srtp_driver.c b/srtp/test/dtls_srtp_driver.c
new file mode 100644
index 0000000..a8eddc0
--- /dev/null
+++ b/srtp/test/dtls_srtp_driver.c
@@ -0,0 +1,245 @@
+/*
+ * dtls_srtp_driver.c
+ *
+ * test driver for DTLS-SRTP functions
+ *
+ * David McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h> /* for printf() */
+#include "getopt_s.h" /* for local getopt() */
+#include "srtp_priv.h"
+
+err_status_t
+test_dtls_srtp();
+
+srtp_hdr_t *
+srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc);
+
+void
+usage(char *prog_name) {
+ printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n"
+ " -d <mod> turn on debugging module <mod>\n"
+ " -l list debugging modules\n", prog_name);
+ exit(1);
+}
+
+int
+main(int argc, char *argv[]) {
+ unsigned do_list_mods = 0;
+ char q;
+ err_status_t err;
+
+ printf("dtls_srtp_driver\n");
+
+ /* initialize srtp library */
+ err = srtp_init();
+ if (err) {
+ printf("error: srtp init failed with error code %d\n", err);
+ exit(1);
+ }
+
+ /* process input arguments */
+ while (1) {
+ q = getopt_s(argc, argv, "ld:");
+ if (q == -1)
+ break;
+ switch (q) {
+ case 'l':
+ do_list_mods = 1;
+ break;
+ case 'd':
+ err = crypto_kernel_set_debug_module(optarg_s, 1);
+ if (err) {
+ printf("error: set debug module (%s) failed\n", optarg_s);
+ exit(1);
+ }
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ if (do_list_mods) {
+ err = crypto_kernel_list_debug_modules();
+ if (err) {
+ printf("error: list of debug modules failed\n");
+ exit(1);
+ }
+ }
+
+ printf("testing dtls_srtp...");
+ err = test_dtls_srtp();
+ if (err) {
+ printf("\nerror (code %d)\n", err);
+ exit(1);
+ }
+ printf("passed\n");
+
+ return 0;
+}
+
+
+err_status_t
+test_dtls_srtp() {
+ srtp_hdr_t *test_packet;
+ int test_packet_len = 80;
+ srtp_t s;
+ srtp_policy_t policy;
+ uint8_t key[SRTP_MAX_KEY_LEN];
+ uint8_t salt[SRTP_MAX_KEY_LEN];
+ unsigned int key_len, salt_len;
+ srtp_profile_t profile;
+ err_status_t err;
+
+ /* create a 'null' SRTP session */
+ err = srtp_create(&s, NULL);
+ if (err)
+ return err;
+
+ /*
+ * verify that packet-processing functions behave properly - we
+ * expect that these functions will return err_status_no_ctx
+ */
+ test_packet = srtp_create_test_packet(80, 0xa5a5a5a5);
+ if (test_packet == NULL)
+ return err_status_alloc_fail;
+ err = srtp_protect(s, test_packet, &test_packet_len);
+ if (err != err_status_no_ctx) {
+ printf("wrong return value from srtp_protect() (got code %d)\n",
+ err);
+ return err_status_fail;
+ }
+ err = srtp_unprotect(s, test_packet, &test_packet_len);
+ if (err != err_status_no_ctx) {
+ printf("wrong return value from srtp_unprotect() (got code %d)\n",
+ err);
+ return err_status_fail;
+ }
+ err = srtp_protect_rtcp(s, test_packet, &test_packet_len);
+ if (err != err_status_no_ctx) {
+ printf("wrong return value from srtp_protect_rtcp() (got code %d)\n",
+ err);
+ return err_status_fail;
+ }
+ err = srtp_unprotect_rtcp(s, test_packet, &test_packet_len);
+ if (err != err_status_no_ctx) {
+ printf("wrong return value from srtp_unprotect_rtcp() (got code %d)\n",
+ err);
+ return err_status_fail;
+ }
+
+
+ /*
+ * set keys to known values for testing
+ */
+ profile = srtp_profile_aes128_cm_sha1_80;
+ key_len = srtp_profile_get_master_key_length(profile);
+ salt_len = srtp_profile_get_master_salt_length(profile);
+ memset(key, 0xff, key_len);
+ memset(salt, 0xee, salt_len);
+ append_salt_to_key(key, key_len, salt, salt_len);
+ policy.key = key;
+
+ /* initialize SRTP policy from profile */
+ err = crypto_policy_set_from_profile_for_rtp(&policy.rtp, profile);
+ if (err) return err;
+ err = crypto_policy_set_from_profile_for_rtcp(&policy.rtcp, profile);
+ if (err) return err;
+ policy.ssrc.type = ssrc_any_inbound;
+ policy.next = NULL;
+
+ err = srtp_add_stream(s, &policy);
+ if (err)
+ return err;
+
+ return err_status_ok;
+}
+
+
+
+/*
+ * srtp_create_test_packet(len, ssrc) returns a pointer to a
+ * (malloced) example RTP packet whose data field has the length given
+ * by pkt_octet_len and the SSRC value ssrc. The total length of the
+ * packet is twelve octets longer, since the header is at the
+ * beginning. There is room at the end of the packet for a trailer,
+ * and the four octets following the packet are filled with 0xff
+ * values to enable testing for overwrites.
+ *
+ * note that the location of the test packet can (and should) be
+ * deallocated with the free() call once it is no longer needed.
+ */
+
+srtp_hdr_t *
+srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc) {
+ int i;
+ uint8_t *buffer;
+ srtp_hdr_t *hdr;
+ int bytes_in_hdr = 12;
+
+ /* allocate memory for test packet */
+ hdr = malloc(pkt_octet_len + bytes_in_hdr
+ + SRTP_MAX_TRAILER_LEN + 4);
+ if (!hdr)
+ return NULL;
+
+ hdr->version = 2; /* RTP version two */
+ hdr->p = 0; /* no padding needed */
+ hdr->x = 0; /* no header extension */
+ hdr->cc = 0; /* no CSRCs */
+ hdr->m = 0; /* marker bit */
+ hdr->pt = 0xf; /* payload type */
+ hdr->seq = htons(0x1234); /* sequence number */
+ hdr->ts = htonl(0xdecafbad); /* timestamp */
+ hdr->ssrc = htonl(ssrc); /* synch. source */
+
+ buffer = (uint8_t *)hdr;
+ buffer += bytes_in_hdr;
+
+ /* set RTP data to 0xab */
+ for (i=0; i < pkt_octet_len; i++)
+ *buffer++ = 0xab;
+
+ /* set post-data value to 0xffff to enable overrun checking */
+ for (i=0; i < SRTP_MAX_TRAILER_LEN+4; i++)
+ *buffer++ = 0xff;
+
+ return hdr;
+}
diff --git a/srtp/test/getopt_s.c b/srtp/test/getopt_s.c
new file mode 100644
index 0000000..243ad6e
--- /dev/null
+++ b/srtp/test/getopt_s.c
@@ -0,0 +1,112 @@
+/*
+ * getopt.c
+ *
+ * a minimal implementation of the getopt() function, written so that
+ * test applications that use that function can run on non-POSIX
+ * platforms
+ *
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdlib.h> /* for NULL */
+
+int optind_s = 0;
+
+char *optarg_s;
+
+#define GETOPT_FOUND_WITHOUT_ARGUMENT 2
+#define GETOPT_FOUND_WITH_ARGUMENT 1
+#define GETOPT_NOT_FOUND 0
+
+static int
+getopt_check_character(char c, const char *string) {
+ unsigned int max_string_len = 128;
+
+ while (*string != 0) {
+ if (max_string_len == 0) {
+ return '?';
+ }
+ if (*string++ == c) {
+ if (*string == ':') {
+ return GETOPT_FOUND_WITH_ARGUMENT;
+ } else {
+ return GETOPT_FOUND_WITHOUT_ARGUMENT;
+ }
+ }
+ }
+ return GETOPT_NOT_FOUND;
+}
+
+int
+getopt_s(int argc,
+ char * const argv[],
+ const char *optstring) {
+
+
+ while (optind_s + 1 < argc) {
+ char *string;
+
+ /* move 'string' on to next argument */
+ optind_s++;
+ string = argv[optind_s];
+
+ if (string == NULL)
+ return '?'; /* NULL argument string */
+
+ if (string[0] != '-')
+ return -1; /* found an unexpected character */
+
+ switch(getopt_check_character(string[1], optstring)) {
+ case GETOPT_FOUND_WITH_ARGUMENT:
+ if (optind_s + 1 < argc) {
+ optind_s++;
+ optarg_s = argv[optind_s];
+ return string[1];
+ } else {
+ return '?'; /* argument missing */
+ }
+ case GETOPT_FOUND_WITHOUT_ARGUMENT:
+ return string[1];
+ case GETOPT_NOT_FOUND:
+ default:
+ return '?'; /* didn't find expected character */
+ break;
+ }
+ }
+
+ return -1;
+}
diff --git a/srtp/test/lfsr.c b/srtp/test/lfsr.c
new file mode 100644
index 0000000..28ea02e
--- /dev/null
+++ b/srtp/test/lfsr.c
@@ -0,0 +1,310 @@
+/*
+ * lfsr.c
+ *
+ */
+
+
+#include <stdio.h>
+#include "datatypes.h"
+
+uint32_t
+parity(uint32_t x) {
+
+ x ^= (x >> 16);
+ x ^= (x >> 8);
+ x ^= (x >> 4);
+ x ^= (x >> 2);
+ x ^= (x >> 1);
+
+ return x & 1;
+}
+
+
+/* typedef struct { */
+/* uint32_t register[8]; */
+/* } lfsr_t; */
+
+void
+compute_period(uint32_t feedback_polynomial) {
+ int i;
+ v32_t lfsr;
+ v32_t mask;
+
+ mask.value = feedback_polynomial;
+ lfsr.value = 1;
+
+ printf("polynomial: %s\t", v32_bit_string(mask));
+
+ for (i=0; i < 256; i++) {
+/* printf("%s\n", v32_bit_string(lfsr)); */
+ if (parity(mask.value & lfsr.value))
+ lfsr.value = ((lfsr.value << 1) | 1) & 0xff;
+ else
+ lfsr.value = (lfsr.value << 1) & 0xff;
+
+ /* now halt if we're back at the initial state */
+ if (lfsr.value == 1) {
+ printf("period: %d\n", i);
+ break;
+ }
+ }
+}
+
+uint32_t poly0 = 223;
+
+
+uint32_t polynomials[39] = {
+31,
+47,
+55,
+59,
+61,
+79,
+87,
+91,
+103,
+107,
+109,
+115,
+117,
+121,
+143,
+151,
+157,
+167,
+171,
+173,
+179,
+181,
+185,
+199,
+203,
+205,
+211,
+213,
+227,
+229,
+233,
+241,
+127,
+191,
+223,
+239,
+247,
+251,
+253
+};
+
+char binary_string[32];
+
+char *
+u32_bit_string(uint32_t x, unsigned int length) {
+ unsigned int mask;
+ int index;
+
+ mask = 1 << length;
+ index = 0;
+ for (; mask > 0; mask >>= 1)
+ if ((x & mask) == 0)
+ binary_string[index++] = '0';
+ else
+ binary_string[index++] = '1';
+
+ binary_string[index++] = 0; /* NULL terminate string */
+ return binary_string;
+}
+
+extern int octet_weight[256];
+
+unsigned int
+weight(uint32_t poly) {
+ int wt = 0;
+
+ /* note: endian-ness makes no difference */
+ wt += octet_weight[poly & 0xff];
+ wt += octet_weight[(poly >> 8) & 0xff];
+ wt += octet_weight[(poly >> 16) & 0xff];
+ wt += octet_weight[(poly >> 24)];
+
+ return wt;
+}
+
+#define MAX_PERIOD 65535
+
+#define debug_print 0
+
+int
+period(uint32_t poly) {
+ int i;
+ uint32_t x;
+
+
+ /* set lfsr to 1 */
+ x = 1;
+#if debug_print
+ printf("%d:\t%s\n", 0, u32_bit_string(x,8));
+#endif
+ for (i=1; i < MAX_PERIOD; i++) {
+ if (x & 1)
+ x = (x >> 1) ^ poly;
+ else
+ x = (x >> 1);
+
+#if debug_print
+ /* print for a sanity check */
+ printf("%d:\t%s\n", i, u32_bit_string(x,8));
+#endif
+
+ /* check for return to original value */
+ if (x == 1)
+ return i;
+ }
+ return i;
+}
+
+/*
+ * weight distribution computes the weight distribution of the
+ * code generated by the polynomial poly
+ */
+
+#define MAX_LEN 8
+#define MAX_WEIGHT (1 << MAX_LEN)
+
+int A[MAX_WEIGHT+1];
+
+void
+weight_distribution2(uint32_t poly, int *A) {
+ int i;
+ uint32_t x;
+
+ /* zeroize array */
+ for (i=0; i < MAX_WEIGHT+1; i++)
+ A[i] = 0;
+
+ /* loop over all input sequences */
+
+
+ /* set lfsr to 1 */
+ x = 1;
+#if debug_print
+ printf("%d:\t%s\n", 0, u32_bit_string(x,8));
+#endif
+ for (i=1; i < MAX_PERIOD; i++) {
+ if (x & 1)
+ x = (x >> 1) ^ poly;
+ else
+ x = (x >> 1);
+
+#if debug_print
+ /* print for a sanity check */
+ printf("%d:\t%s\n", i, u32_bit_string(x,8));
+#endif
+
+ /* increment weight */
+ wt += (x & 1);
+
+ /* check for return to original value */
+ if (x == 1)
+ break;
+ }
+
+ /* set zero */
+ A[0] = 0;
+}
+
+
+void
+weight_distribution(uint32_t poly, int *A) {
+ int i;
+ uint32_t x;
+
+ /* zeroize array */
+ for (i=0; i < MAX_WEIGHT+1; i++)
+ A[i] = 0;
+
+ /* set lfsr to 1 */
+ x = 1;
+#if debug_print
+ printf("%d:\t%s\n", 0, u32_bit_string(x,8));
+#endif
+ for (i=1; i < MAX_PERIOD; i++) {
+ if (x & 1)
+ x = (x >> 1) ^ poly;
+ else
+ x = (x >> 1);
+
+#if debug_print
+ /* print for a sanity check */
+ printf("%d:\t%s\n", i, u32_bit_string(x,8));
+#endif
+
+ /* compute weight, increment proper element */
+ A[weight(x)]++;
+
+ /* check for return to original value */
+ if (x == 1)
+ break;
+ }
+
+ /* set zero */
+ A[0] = 0;
+}
+
+
+
+
+int
+main () {
+
+ int i,j;
+ v32_t x;
+ v32_t p;
+
+ /* originally 0xaf */
+ p.value = 0x9;
+
+ printf("polynomial: %s\tperiod: %d\n",
+ u32_bit_string(p.value,8), period(p.value));
+
+ /* compute weight distribution */
+ weight_distribution(p.value, A);
+
+ /* print weight distribution */
+ for (i=0; i <= 8; i++) {
+ printf("A[%d]: %d\n", i, A[i]);
+ }
+
+#if 0
+ for (i=0; i < 39; i++) {
+ printf("polynomial: %s\tperiod: %d\n",
+ u32_bit_string(polynomials[i],8), period(polynomials[i]));
+
+ /* compute weight distribution */
+ weight_distribution(p.value, A);
+
+ /* print weight distribution */
+ for (j=0; j <= 8; j++) {
+ printf("A[%d]: %d\n", j, A[j]);
+ }
+ }
+#endif
+
+ {
+ int bits = 8;
+ uint32_t y;
+ for (y=0; y < (1 << bits); y++) {
+ printf("polynomial: %s\tweight: %d\tperiod: %d\n",
+ u32_bit_string(y,bits), weight(y), period(y));
+
+ /* compute weight distribution */
+ weight_distribution(y, A);
+
+ /* print weight distribution */
+ for (j=0; j <= 8; j++) {
+ printf("A[%d]: %d\n", j, A[j]);
+ }
+ }
+ }
+
+ return 0;
+}
diff --git a/srtp/test/rdbx_driver b/srtp/test/rdbx_driver
new file mode 100755
index 0000000..b98543d
--- /dev/null
+++ b/srtp/test/rdbx_driver
Binary files differ
diff --git a/srtp/test/rdbx_driver.c b/srtp/test/rdbx_driver.c
new file mode 100644
index 0000000..7db67a2
--- /dev/null
+++ b/srtp/test/rdbx_driver.c
@@ -0,0 +1,306 @@
+/*
+ * rdbx_driver.c
+ *
+ * driver for the rdbx implementation (replay database with extended range)
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h> /* for printf() */
+#include "getopt_s.h" /* for local getopt() */
+
+#include "rdbx.h"
+
+#ifdef ROC_TEST
+#error "rdbx_t won't work with ROC_TEST - bitmask same size as seq_median"
+#endif
+
+#include "ut_sim.h"
+
+err_status_t
+test_replay_dbx(int num_trials);
+
+double
+rdbx_check_adds_per_second(int num_trials);
+
+void
+usage(char *prog_name) {
+ printf("usage: %s [ -t | -v ]\n", prog_name);
+ exit(255);
+}
+
+int
+main (int argc, char *argv[]) {
+ double rate;
+ err_status_t status;
+ char q;
+ unsigned do_timing_test = 0;
+ unsigned do_validation = 0;
+
+ /* process input arguments */
+ while (1) {
+ q = getopt_s(argc, argv, "tv");
+ if (q == -1)
+ break;
+ switch (q) {
+ case 't':
+ do_timing_test = 1;
+ break;
+ case 'v':
+ do_validation = 1;
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ printf("rdbx (replay database w/ extended range) test driver\n"
+ "David A. McGrew\n"
+ "Cisco Systems, Inc.\n");
+
+ if (!do_validation && !do_timing_test)
+ usage(argv[0]);
+
+ if (do_validation) {
+ printf("testing rdbx_t...\n");
+
+ status = test_replay_dbx(1 << 12);
+ if (status) {
+ printf("failed\n");
+ exit(1);
+ }
+ printf("passed\n");
+ }
+
+ if (do_timing_test) {
+ rate = rdbx_check_adds_per_second(1 << 18);
+ printf("rdbx_check/replay_adds per second: %e\n", rate);
+ }
+
+ return 0;
+}
+
+void
+print_rdbx(rdbx_t *rdbx) {
+ printf("rdbx: {%llu, %s}\n",
+ (unsigned long long)(rdbx->index), v128_bit_string(&rdbx->bitmask));
+}
+
+
+/*
+ * rdbx_check_add(rdbx, idx) checks a known-to-be-good idx against
+ * rdbx, then adds it. if a failure is detected (i.e., the check
+ * indicates that the value is already in rdbx) then
+ * err_status_algo_fail is returned.
+ *
+ */
+
+err_status_t
+rdbx_check_add(rdbx_t *rdbx, uint32_t idx) {
+ int delta;
+ xtd_seq_num_t est;
+
+ delta = index_guess(&rdbx->index, &est, idx);
+
+ if (rdbx_check(rdbx, delta) != err_status_ok) {
+ printf("replay_check failed at index %u\n", idx);
+ return err_status_algo_fail;
+ }
+
+ /*
+ * in practice, we'd authenticate the packet containing idx, using
+ * the estimated value est, at this point
+ */
+
+ if (rdbx_add_index(rdbx, delta) != err_status_ok) {
+ printf("rdbx_add_index failed at index %u\n", idx);
+ return err_status_algo_fail;
+ }
+
+ return err_status_ok;
+}
+
+/*
+ * rdbx_check_expect_failure(rdbx_t *rdbx, uint32_t idx)
+ *
+ * checks that a sequence number idx is in the replay database
+ * and thus will be rejected
+ */
+
+err_status_t
+rdbx_check_expect_failure(rdbx_t *rdbx, uint32_t idx) {
+ int delta;
+ xtd_seq_num_t est;
+ err_status_t status;
+
+ delta = index_guess(&rdbx->index, &est, idx);
+
+ status = rdbx_check(rdbx, delta);
+ if (status == err_status_ok) {
+ printf("delta: %d ", delta);
+ printf("replay_check failed at index %u (false positive)\n", idx);
+ return err_status_algo_fail;
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+rdbx_check_unordered(rdbx_t *rdbx, uint32_t idx) {
+ err_status_t rstat;
+
+ rstat = rdbx_check(rdbx, idx);
+ if ((rstat != err_status_ok) && (rstat != err_status_replay_old)) {
+ printf("replay_check_unordered failed at index %u\n", idx);
+ return err_status_algo_fail;
+ }
+ return err_status_ok;
+}
+
+#define MAX_IDX 160
+
+err_status_t
+test_replay_dbx(int num_trials) {
+ rdbx_t rdbx;
+ uint32_t idx, ircvd;
+ ut_connection utc;
+ err_status_t status;
+ int num_fp_trials;
+
+ status = rdbx_init(&rdbx);
+ if (status) {
+ printf("replay_init failed with error code %d\n", status);
+ exit(1);
+ }
+
+ /*
+ * test sequential insertion
+ */
+ printf("\ttesting sequential insertion...");
+ for (idx=0; idx < num_trials; idx++) {
+ status = rdbx_check_add(&rdbx, idx);
+ if (status)
+ return status;
+ }
+ printf("passed\n");
+
+ /*
+ * test for false positives by checking all of the index
+ * values which we've just added
+ *
+ * note that we limit the number of trials here, since allowing the
+ * rollover counter to roll over would defeat this test
+ */
+ num_fp_trials = num_trials % 0x10000;
+ if (num_fp_trials == 0) {
+ printf("warning: no false positive tests performed\n");
+ }
+ printf("\ttesting for false positives...");
+ for (idx=0; idx < num_fp_trials; idx++) {
+ status = rdbx_check_expect_failure(&rdbx, idx);
+ if (status)
+ return status;
+ }
+ printf("passed\n");
+
+ /* re-initialize */
+ if (rdbx_init(&rdbx) != err_status_ok) {
+ printf("replay_init failed\n");
+ return err_status_init_fail;
+ }
+
+ /*
+ * test non-sequential insertion
+ *
+ * this test covers only fase negatives, since the values returned
+ * by ut_next_index(...) are distinct
+ */
+ ut_init(&utc);
+
+ printf("\ttesting non-sequential insertion...");
+ for (idx=0; idx < num_trials; idx++) {
+ ircvd = ut_next_index(&utc);
+ status = rdbx_check_unordered(&rdbx, ircvd);
+ if (status)
+ return status;
+ }
+ printf("passed\n");
+
+ return err_status_ok;
+}
+
+
+
+#include <time.h> /* for clock() */
+#include <stdlib.h> /* for random() */
+
+double
+rdbx_check_adds_per_second(int num_trials) {
+ uint32_t i;
+ int delta;
+ rdbx_t rdbx;
+ xtd_seq_num_t est;
+ clock_t timer;
+ int failures; /* count number of failures */
+
+ if (rdbx_init(&rdbx) != err_status_ok) {
+ printf("replay_init failed\n");
+ exit(1);
+ }
+
+ failures = 0;
+ timer = clock();
+ for(i=0; i < num_trials; i++) {
+
+ delta = index_guess(&rdbx.index, &est, i);
+
+ if (rdbx_check(&rdbx, delta) != err_status_ok)
+ ++failures;
+ else
+ if (rdbx_add_index(&rdbx, delta) != err_status_ok)
+ ++failures;
+ }
+ timer = clock() - timer;
+
+ printf("number of failures: %d \n", failures);
+
+ return (double) CLOCKS_PER_SEC * num_trials / timer;
+}
+
diff --git a/srtp/test/replay_driver b/srtp/test/replay_driver
new file mode 100755
index 0000000..e0d0b20
--- /dev/null
+++ b/srtp/test/replay_driver
Binary files differ
diff --git a/srtp/test/replay_driver.c b/srtp/test/replay_driver.c
new file mode 100644
index 0000000..369a77a
--- /dev/null
+++ b/srtp/test/replay_driver.c
@@ -0,0 +1,209 @@
+/*
+ * replay_driver.c
+ *
+ * A driver for the replay_database implementation
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h>
+
+#include "rdb.h"
+#include "ut_sim.h"
+
+/*
+ * num_trials defines the number of trials that are used in the
+ * validation functions below
+ */
+
+unsigned num_trials = 1 << 16;
+
+err_status_t
+test_rdb_db(void);
+
+double
+rdb_check_adds_per_second(void);
+
+int
+main (void) {
+ err_status_t err;
+
+ printf("testing anti-replay database (rdb_t)...\n");
+ err = test_rdb_db();
+ if (err) {
+ printf("failed\n");
+ exit(1);
+ }
+ printf("done\n");
+
+ printf("rdb_check/rdb_adds per second: %e\n",
+ rdb_check_adds_per_second());
+
+ return 0;
+}
+
+
+void
+print_rdb(rdb_t *rdb) {
+ printf("rdb: {%u, %s}\n", rdb->window_start, v128_bit_string(&rdb->bitmask));
+}
+
+err_status_t
+rdb_check_add(rdb_t *rdb, uint32_t idx) {
+
+ if (rdb_check(rdb, idx) != err_status_ok) {
+ printf("rdb_check failed at index %u\n", idx);
+ return err_status_fail;
+ }
+ if (rdb_add_index(rdb, idx) != err_status_ok) {
+ printf("rdb_add_index failed at index %u\n", idx);
+ return err_status_fail;
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+rdb_check_expect_failure(rdb_t *rdb, uint32_t idx) {
+ err_status_t err;
+
+ err = rdb_check(rdb, idx);
+ if ((err != err_status_replay_old) && (err != err_status_replay_fail)) {
+ printf("rdb_check failed at index %u (false positive)\n", idx);
+ return err_status_fail;
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+rdb_check_unordered(rdb_t *rdb, uint32_t idx) {
+ err_status_t rstat;
+
+ /* printf("index: %u\n", idx); */
+ rstat = rdb_check(rdb, idx);
+ if ((rstat != err_status_ok) && (rstat != err_status_replay_old)) {
+ printf("rdb_check_unordered failed at index %u\n", idx);
+ return rstat;
+ }
+ return err_status_ok;
+}
+
+err_status_t
+test_rdb_db() {
+ rdb_t rdb;
+ uint32_t idx, ircvd;
+ ut_connection utc;
+ err_status_t err;
+
+ if (rdb_init(&rdb) != err_status_ok) {
+ printf("rdb_init failed\n");
+ return err_status_init_fail;
+ }
+
+ /* test sequential insertion */
+ for (idx=0; idx < num_trials; idx++) {
+ err = rdb_check_add(&rdb, idx);
+ if (err)
+ return err;
+ }
+
+ /* test for false positives */
+ for (idx=0; idx < num_trials; idx++) {
+ err = rdb_check_expect_failure(&rdb, idx);
+ if (err)
+ return err;
+ }
+
+ /* re-initialize */
+ if (rdb_init(&rdb) != err_status_ok) {
+ printf("rdb_init failed\n");
+ return err_status_fail;
+ }
+
+ /* test non-sequential insertion */
+ ut_init(&utc);
+
+ for (idx=0; idx < num_trials; idx++) {
+ ircvd = ut_next_index(&utc);
+ err = rdb_check_unordered(&rdb, ircvd);
+ if (err)
+ return err;
+ }
+
+ return err_status_ok;
+}
+
+#include <time.h> /* for clock() */
+#include <stdlib.h> /* for random() */
+
+#define REPLAY_NUM_TRIALS 10000000
+
+double
+rdb_check_adds_per_second(void) {
+ uint32_t i;
+ rdb_t rdb;
+ clock_t timer;
+ int failures; /* count number of failures */
+
+ if (rdb_init(&rdb) != err_status_ok) {
+ printf("rdb_init failed\n");
+ exit(1);
+ }
+
+ timer = clock();
+ for(i=0; i < REPLAY_NUM_TRIALS; i+=3) {
+ if (rdb_check(&rdb, i+2) != err_status_ok)
+ ++failures;
+ if (rdb_add_index(&rdb, i+2) != err_status_ok)
+ ++failures;
+ if (rdb_check(&rdb, i+1) != err_status_ok)
+ ++failures;
+ if (rdb_add_index(&rdb, i+1) != err_status_ok)
+ ++failures;
+ if (rdb_check(&rdb, i) != err_status_ok)
+ ++failures;
+ if (rdb_add_index(&rdb, i) != err_status_ok)
+ ++failures;
+ }
+ timer = clock() - timer;
+
+ return (double) CLOCKS_PER_SEC * REPLAY_NUM_TRIALS / timer;
+}
diff --git a/srtp/test/roc_driver b/srtp/test/roc_driver
new file mode 100755
index 0000000..f013e90
--- /dev/null
+++ b/srtp/test/roc_driver
Binary files differ
diff --git a/srtp/test/roc_driver.c b/srtp/test/roc_driver.c
new file mode 100644
index 0000000..396c9a7
--- /dev/null
+++ b/srtp/test/roc_driver.c
@@ -0,0 +1,165 @@
+/*
+ * roc_driver.c
+ *
+ * test driver for rollover counter replay implementation
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <stdio.h>
+
+/*
+ * defining ROC_TEST causes small datatypes to be used in
+ * xtd_seq_num_t - this allows the functions to be exhaustively tested.
+ */
+#if ROC_NEEDS_TO_BE_TESTED
+#define ROC_TEST
+#endif
+
+#include "rdbx.h"
+#include "ut_sim.h"
+
+err_status_t
+roc_test(int num_trials);
+
+int
+main (void) {
+ err_status_t status;
+
+ printf("rollover counter test driver\n"
+ "David A. McGrew\n"
+ "Cisco Systems, Inc.\n");
+
+ printf("testing index functions...");
+ status = roc_test(1 << 18);
+ if (status) {
+ printf("failed\n");
+ exit(status);
+ }
+ printf("passed\n");
+ return 0;
+}
+
+
+#define ROC_VERBOSE 0
+
+err_status_t
+roc_test(int num_trials) {
+ xtd_seq_num_t local, est, ref;
+ ut_connection utc;
+ int i, num_bad_est = 0;
+ int delta;
+ uint32_t ircvd;
+ double failure_rate;
+
+ index_init(&local);
+ index_init(&ref);
+ index_init(&est);
+
+ printf("\n\ttesting sequential insertion...");
+ for (i=0; i < 2048; i++) {
+ delta = index_guess(&local, &est, (uint16_t) ref);
+#if ROC_VERBOSE
+ printf("%lld, %lld, %d\n", ref, est, i);
+#endif
+ if (ref != est) {
+#if ROC_VERBOSE
+ printf(" *bad estimate*\n");
+#endif
+ ++num_bad_est;
+ }
+ index_advance(&ref, 1);
+ }
+ failure_rate = (double) num_bad_est / num_trials;
+ if (failure_rate > 0.01) {
+ printf("error: failure rate too high (%d bad estimates in %d trials)\n",
+ num_bad_est, num_trials);
+ return err_status_algo_fail;
+ }
+ printf("done\n");
+
+
+ printf("\ttesting non-sequential insertion...");
+ index_init(&local);
+ index_init(&ref);
+ index_init(&est);
+ ut_init(&utc);
+
+ for (i=0; i < num_trials; i++) {
+
+ /* get next seq num from unreliable transport simulator */
+ ircvd = ut_next_index(&utc);
+
+ /* set ref to value of ircvd */
+ ref = ircvd;
+
+ /* estimate index based on low bits of ircvd */
+ delta = index_guess(&local, &est, (uint16_t) ref);
+#if ROC_VERBOSE
+ printf("ref: %lld, local: %lld, est: %lld, ircvd: %d, delta: %d\n",
+ ref, local, est, ircvd, delta);
+#endif
+
+ /* now update local xtd_seq_num_t as necessary */
+ if (delta > 0)
+ index_advance(&local, delta);
+
+ if (ref != est) {
+#if ROC_VERBOSE
+ printf(" *bad estimate*\n");
+#endif
+ /* record failure event */
+ ++num_bad_est;
+
+ /* reset local value to correct value */
+ local = ref;
+ }
+ }
+ failure_rate = (double) num_bad_est / num_trials;
+ if (failure_rate > 0.01) {
+ printf("error: failure rate too high (%d bad estimates in %d trials)\n",
+ num_bad_est, num_trials);
+ return err_status_algo_fail;
+ }
+ printf("done\n");
+
+ return err_status_ok;
+}
diff --git a/srtp/test/rtp.c b/srtp/test/rtp.c
new file mode 100644
index 0000000..69968f3
--- /dev/null
+++ b/srtp/test/rtp.c
@@ -0,0 +1,167 @@
+/*
+ * rtp.c
+ *
+ * library functions for the real-time transport protocol
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+
+#include "rtp_priv.h"
+
+#include <stdio.h>
+#include <string.h>
+
+#include <sys/types.h>
+#ifdef HAVE_SYS_SOCKET_H
+# include <sys/socket.h>
+#endif
+
+#define PRINT_DEBUG 0 /* set to 1 to print out debugging data */
+#define VERBOSE_DEBUG 0 /* set to 1 to print out more data */
+
+unsigned int
+rtp_sendto(rtp_sender_t sender, const void* msg, int len) {
+ int octets_sent;
+ err_status_t stat;
+ int pkt_len = len + RTP_HEADER_LEN;
+
+ /* marshal data */
+ strncpy(sender->message.body, msg, len);
+
+ /* update header */
+ sender->message.header.seq = ntohs(sender->message.header.seq) + 1;
+ sender->message.header.seq = htons(sender->message.header.seq);
+ sender->message.header.ts = ntohl(sender->message.header.ts) + 1;
+ sender->message.header.ts = htonl(sender->message.header.ts);
+
+ /* apply srtp */
+ stat = srtp_protect(sender->srtp_ctx, &sender->message.header, &pkt_len);
+ if (stat) {
+#if PRINT_DEBUG
+ fprintf(stderr, "error: srtp protection failed with code %d\n", stat);
+#endif
+ return -1;
+ }
+#if VERBOSE_DEBUG
+ srtp_print_packet(&sender->message.header, pkt_len);
+#endif
+ octets_sent = sendto(sender->socket, (void*)&sender->message,
+ pkt_len, 0, (struct sockaddr *)&sender->addr,
+ sizeof (struct sockaddr_in));
+
+ if (octets_sent != pkt_len) {
+#if PRINT_DEBUG
+ fprintf(stderr, "error: couldn't send message %s", (char *)msg);
+ perror("");
+#endif
+ }
+
+ return octets_sent;
+}
+
+unsigned int
+rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len) {
+ int octets_recvd;
+ err_status_t stat;
+
+ octets_recvd = recvfrom(receiver->socket, (void *)&receiver->message,
+ *len, 0, (struct sockaddr *) NULL, 0);
+
+ /* verify rtp header */
+ if (receiver->message.header.version != 2) {
+ *len = 0;
+ return -1;
+ }
+
+#if PRINT_DEBUG
+ fprintf(stderr, "%d octets received from SSRC %u\n",
+ octets_recvd, receiver->message.header.ssrc);
+#endif
+#if VERBOSE_DEBUG
+ srtp_print_packet(&receiver->message.header, octets_recvd);
+#endif
+
+ /* apply srtp */
+ stat = srtp_unprotect(receiver->srtp_ctx,
+ &receiver->message.header, &octets_recvd);
+ if (stat) {
+ fprintf(stderr,
+ "error: srtp unprotection failed with code %d%s\n", stat,
+ stat == err_status_replay_fail ? " (replay check failed)" :
+ stat == err_status_auth_fail ? " (auth check failed)" : "");
+ return -1;
+ }
+ strncpy(msg, receiver->message.body, octets_recvd);
+
+ return octets_recvd;
+}
+
+int
+rtp_sender_init(rtp_sender_t sender,
+ int socket,
+ struct sockaddr_in addr,
+ unsigned int ssrc) {
+
+ /* set header values */
+ sender->message.header.ssrc = htonl(ssrc);
+ sender->message.header.ts = 0;
+ sender->message.header.seq = (uint16_t) rand();
+ sender->message.header.m = 0;
+ sender->message.header.pt = 0x1;
+ sender->message.header.version = 2;
+ sender->message.header.p = 0;
+ sender->message.header.x = 0;
+ sender->message.header.cc = 0;
+
+ /* set other stuff */
+ sender->socket = socket;
+ sender->addr = addr;
+
+ return 0;
+}
+
+int
+rtp_receiver_init(rtp_receiver_t rcvr,
+ int socket,
+ struct sockaddr_in addr,
+ unsigned int ssrc) {
+
+ /* set header values */
+ rcvr->message.header.ssrc = htonl(ssrc);
+ rcvr->message.header.ts = 0;
+ rcvr->message.header.seq = 0;
+ rcvr->message.header.m = 0;
+ rcvr->message.header.pt = 0x1;
+ rcvr->message.header.version = 2;
+ rcvr->message.header.p = 0;
+ rcvr->message.header.x = 0;
+ rcvr->message.header.cc = 0;
+
+ /* set other stuff */
+ rcvr->socket = socket;
+ rcvr->addr = addr;
+
+ return 0;
+}
+
+int
+rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy) {
+ return srtp_create(&sender->srtp_ctx, policy);
+}
+
+int
+rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy) {
+ return srtp_create(&sender->srtp_ctx, policy);
+}
+
+rtp_sender_t
+rtp_sender_alloc() {
+ return (rtp_sender_t)malloc(sizeof(rtp_sender_ctx_t));
+}
+
+rtp_receiver_t
+rtp_receiver_alloc() {
+ return (rtp_receiver_t)malloc(sizeof(rtp_receiver_ctx_t));
+}
diff --git a/srtp/test/rtpw b/srtp/test/rtpw
new file mode 100755
index 0000000..5636a01
--- /dev/null
+++ b/srtp/test/rtpw
Binary files differ
diff --git a/srtp/test/rtpw.c b/srtp/test/rtpw.c
new file mode 100644
index 0000000..e477a77
--- /dev/null
+++ b/srtp/test/rtpw.c
@@ -0,0 +1,519 @@
+/*
+ * rtpw.c
+ *
+ * rtp word sender/receiver
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ * This app is a simple RTP application intended only for testing
+ * libsrtp. It reads one word at a time from /usr/dict/words (or
+ * whatever file is specified as DICT_FILE), and sends one word out
+ * each USEC_RATE microseconds. Secure RTP protections can be
+ * applied. See the usage() function for more details.
+ *
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "datatypes.h"
+#include "getopt_s.h" /* for local getopt() */
+
+#include <stdio.h> /* for printf, fprintf */
+#include <stdlib.h> /* for atoi() */
+#include <errno.h>
+#include <unistd.h> /* for close() */
+
+#include <string.h> /* for strncpy() */
+#include <time.h> /* for usleep() */
+#ifdef HAVE_SYS_SOCKET_H
+# include <sys/socket.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+# include <netinet/in.h>
+#elif defined HAVE_WINSOCK2_H
+# include <winsock2.h>
+# include <ws2tcpip.h>
+# define RTPW_USE_WINSOCK2 1
+#endif
+#ifdef HAVE_ARPA_INET_H
+# include <arpa/inet.h>
+#endif
+
+#include "srtp.h"
+#include "rtp.h"
+
+#ifdef RTPW_USE_WINSOCK2
+# define DICT_FILE "words.txt"
+#else
+# define DICT_FILE "/usr/share/dict/words"
+#endif
+#define USEC_RATE (5e5)
+#define MAX_WORD_LEN 128
+#define ADDR_IS_MULTICAST(a) IN_MULTICAST(htonl(a))
+#define MAX_KEY_LEN 64
+#define MASTER_KEY_LEN 30
+
+
+#ifndef HAVE_USLEEP
+# ifdef HAVE_WINDOWS_H
+# define usleep(us) Sleep((us)/1000)
+# else
+# define usleep(us) sleep((us)/1000000)
+# endif
+#endif
+
+
+/*
+ * the function usage() prints an error message describing how this
+ * program should be called, then calls exit()
+ */
+
+void
+usage(char *prog_name);
+
+/*
+ * leave_group(...) de-registers from a multicast group
+ */
+
+void
+leave_group(int sock, struct ip_mreq mreq, char *name);
+
+
+/*
+ * program_type distinguishes the [s]rtp sender and receiver cases
+ */
+
+typedef enum { sender, receiver, unknown } program_type;
+
+int
+main (int argc, char *argv[]) {
+ char *dictfile = DICT_FILE;
+ FILE *dict;
+ char word[MAX_WORD_LEN];
+ int sock, ret;
+ struct in_addr rcvr_addr;
+ struct sockaddr_in name;
+ struct ip_mreq mreq;
+#if BEW
+ struct sockaddr_in local;
+#endif
+ program_type prog_type = unknown;
+ sec_serv_t sec_servs = sec_serv_none;
+ unsigned char ttl = 5;
+ int c;
+ char *input_key = NULL;
+ char *address = NULL;
+ char key[MAX_KEY_LEN];
+ unsigned short port = 0;
+ rtp_sender_t snd;
+ srtp_policy_t policy;
+ err_status_t status;
+ int len;
+ int do_list_mods = 0;
+ uint32_t ssrc = 0xdeadbeef; /* ssrc value hardcoded for now */
+#ifdef RTPW_USE_WINSOCK2
+ WORD wVersionRequested = MAKEWORD(2, 0);
+ WSADATA wsaData;
+
+ ret = WSAStartup(wVersionRequested, &wsaData);
+ if (ret != 0) {
+ fprintf(stderr, "error: WSAStartup() failed: %d\n", ret);
+ exit(1);
+ }
+#endif
+
+ /* initialize srtp library */
+ status = srtp_init();
+ if (status) {
+ printf("error: srtp initialization failed with error code %d\n", status);
+ exit(1);
+ }
+
+ /* check args */
+ while (1) {
+ c = getopt_s(argc, argv, "k:rsaeld:");
+ if (c == -1) {
+ break;
+ }
+ switch (c) {
+ case 'k':
+ input_key = optarg_s;
+ break;
+ case 'e':
+ sec_servs |= sec_serv_conf;
+ break;
+ case 'a':
+ sec_servs |= sec_serv_auth;
+ break;
+ case 'r':
+ prog_type = receiver;
+ break;
+ case 's':
+ prog_type = sender;
+ break;
+ case 'd':
+ status = crypto_kernel_set_debug_module(optarg_s, 1);
+ if (status) {
+ printf("error: set debug module (%s) failed\n", optarg_s);
+ exit(1);
+ }
+ break;
+ case 'l':
+ do_list_mods = 1;
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ if (prog_type == unknown) {
+ if (do_list_mods) {
+ status = crypto_kernel_list_debug_modules();
+ if (status) {
+ printf("error: list of debug modules failed\n");
+ exit(1);
+ }
+ return 0;
+ } else {
+ printf("error: neither sender [-s] nor receiver [-r] specified\n");
+ usage(argv[0]);
+ }
+ }
+
+ if ((sec_servs && !input_key) || (!sec_servs && input_key)) {
+ /*
+ * a key must be provided if and only if security services have
+ * been requested
+ */
+ usage(argv[0]);
+ }
+
+ if (argc != optind_s + 2) {
+ /* wrong number of arguments */
+ usage(argv[0]);
+ }
+
+ /* get address from arg */
+ address = argv[optind_s++];
+
+ /* get port from arg */
+ port = atoi(argv[optind_s++]);
+
+ /* set address */
+#ifdef HAVE_INET_ATON
+ if (0 == inet_aton(address, &rcvr_addr)) {
+ fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], address);
+ exit(1);
+ }
+ if (rcvr_addr.s_addr == INADDR_NONE) {
+ fprintf(stderr, "%s: address error", argv[0]);
+ exit(1);
+ }
+#else
+ rcvr_addr.s_addr = inet_addr(address);
+ if (0xffffffff == rcvr_addr.s_addr) {
+ fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], address);
+ exit(1);
+ }
+#endif
+
+ /* open socket */
+ sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
+ if (sock < 0) {
+ int err;
+#ifdef RTPW_USE_WINSOCK2
+ err = WSAGetLastError();
+#else
+ err = errno;
+#endif
+ fprintf(stderr, "%s: couldn't open socket: %d\n", argv[0], err);
+ exit(1);
+ }
+
+ name.sin_addr = rcvr_addr;
+ name.sin_family = PF_INET;
+ name.sin_port = htons(port);
+
+ if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) {
+ if (prog_type == sender) {
+ ret = setsockopt(sock, IPPROTO_IP, IP_MULTICAST_TTL, &ttl,
+ sizeof(ttl));
+ if (ret < 0) {
+ fprintf(stderr, "%s: Failed to set TTL for multicast group", argv[0]);
+ perror("");
+ exit(1);
+ }
+ }
+
+ mreq.imr_multiaddr.s_addr = rcvr_addr.s_addr;
+ mreq.imr_interface.s_addr = htonl(INADDR_ANY);
+ ret = setsockopt(sock, IPPROTO_IP, IP_ADD_MEMBERSHIP, (void*)&mreq,
+ sizeof(mreq));
+ if (ret < 0) {
+ fprintf(stderr, "%s: Failed to join multicast group", argv[0]);
+ perror("");
+ exit(1);
+ }
+ }
+
+ /* report security services selected on the command line */
+ printf("security services: ");
+ if (sec_servs & sec_serv_conf)
+ printf("confidentiality ");
+ if (sec_servs & sec_serv_auth)
+ printf("message authentication");
+ if (sec_servs == sec_serv_none)
+ printf("none");
+ printf("\n");
+
+ /* set up the srtp policy and master key */
+ if (sec_servs) {
+ /*
+ * create policy structure, using the default mechanisms but
+ * with only the security services requested on the command line,
+ * using the right SSRC value
+ */
+ switch (sec_servs) {
+ case sec_serv_conf_and_auth:
+ crypto_policy_set_rtp_default(&policy.rtp);
+ crypto_policy_set_rtcp_default(&policy.rtcp);
+ break;
+ case sec_serv_conf:
+ crypto_policy_set_aes_cm_128_null_auth(&policy.rtp);
+ crypto_policy_set_rtcp_default(&policy.rtcp);
+ break;
+ case sec_serv_auth:
+ crypto_policy_set_null_cipher_hmac_sha1_80(&policy.rtp);
+ crypto_policy_set_rtcp_default(&policy.rtcp);
+ break;
+ default:
+ printf("error: unknown security service requested\n");
+ return -1;
+ }
+ policy.ssrc.type = ssrc_specific;
+ policy.ssrc.value = ssrc;
+ policy.key = (uint8_t *) key;
+ policy.next = NULL;
+ policy.rtp.sec_serv = sec_servs;
+ policy.rtcp.sec_serv = sec_serv_none; /* we don't do RTCP anyway */
+
+ /*
+ * read key from hexadecimal on command line into an octet string
+ */
+ len = hex_string_to_octet_string(key, input_key, MASTER_KEY_LEN*2);
+
+ /* check that hex string is the right length */
+ if (len < MASTER_KEY_LEN*2) {
+ fprintf(stderr,
+ "error: too few digits in key/salt "
+ "(should be %d hexadecimal digits, found %d)\n",
+ MASTER_KEY_LEN*2, len);
+ exit(1);
+ }
+ if (strlen(input_key) > MASTER_KEY_LEN*2) {
+ fprintf(stderr,
+ "error: too many digits in key/salt "
+ "(should be %d hexadecimal digits, found %u)\n",
+ MASTER_KEY_LEN*2, (unsigned)strlen(input_key));
+ exit(1);
+ }
+
+ printf("set master key/salt to %s/", octet_string_hex_string(key, 16));
+ printf("%s\n", octet_string_hex_string(key+16, 14));
+
+ } else {
+ /*
+ * we're not providing security services, so set the policy to the
+ * null policy
+ *
+ * Note that this policy does not conform to the SRTP
+ * specification, since RTCP authentication is required. However,
+ * the effect of this policy is to turn off SRTP, so that this
+ * application is now a vanilla-flavored RTP application.
+ */
+ policy.key = (uint8_t *)key;
+ policy.ssrc.type = ssrc_specific;
+ policy.ssrc.value = ssrc;
+ policy.rtp.cipher_type = NULL_CIPHER;
+ policy.rtp.cipher_key_len = 0;
+ policy.rtp.auth_type = NULL_AUTH;
+ policy.rtp.auth_key_len = 0;
+ policy.rtp.auth_tag_len = 0;
+ policy.rtp.sec_serv = sec_serv_none;
+ policy.rtcp.cipher_type = NULL_CIPHER;
+ policy.rtcp.cipher_key_len = 0;
+ policy.rtcp.auth_type = NULL_AUTH;
+ policy.rtcp.auth_key_len = 0;
+ policy.rtcp.auth_tag_len = 0;
+ policy.rtcp.sec_serv = sec_serv_none;
+ policy.next = NULL;
+ }
+
+ if (prog_type == sender) {
+
+#if BEW
+ /* bind to local socket (to match crypto policy, if need be) */
+ memset(&local, 0, sizeof(struct sockaddr_in));
+ local.sin_addr.s_addr = htonl(INADDR_ANY);
+ local.sin_port = htons(port);
+ ret = bind(sock, (struct sockaddr *) &local, sizeof(struct sockaddr_in));
+ if (ret < 0) {
+ fprintf(stderr, "%s: bind failed\n", argv[0]);
+ perror("");
+ exit(1);
+ }
+#endif /* BEW */
+
+ /* initialize sender's rtp and srtp contexts */
+ snd = rtp_sender_alloc();
+ if (snd == NULL) {
+ fprintf(stderr, "error: malloc() failed\n");
+ exit(1);
+ }
+ rtp_sender_init(snd, sock, name, ssrc);
+ status = rtp_sender_init_srtp(snd, &policy);
+ if (status) {
+ fprintf(stderr,
+ "error: srtp_create() failed with code %d\n",
+ status);
+ exit(1);
+ }
+
+ /* open dictionary */
+ dict = fopen (dictfile, "r");
+ if (dict == NULL) {
+ fprintf(stderr, "%s: couldn't open file %s\n", argv[0], dictfile);
+ if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) {
+ leave_group(sock, mreq, argv[0]);
+ }
+ exit(1);
+ }
+
+ /* read words from dictionary, then send them off */
+ while (fgets(word, MAX_WORD_LEN, dict) != NULL) {
+ len = strlen(word) + 1; /* plus one for null */
+
+ if (len > MAX_WORD_LEN)
+ printf("error: word %s too large to send\n", word);
+ else {
+ rtp_sendto(snd, word, len);
+ printf("sending word: %s", word);
+ }
+ usleep(USEC_RATE);
+ }
+
+ } else { /* prog_type == receiver */
+ rtp_receiver_t rcvr;
+
+ if (bind(sock, (struct sockaddr *)&name, sizeof(name)) < 0) {
+ close(sock);
+ fprintf(stderr, "%s: socket bind error\n", argv[0]);
+ perror(NULL);
+ if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) {
+ leave_group(sock, mreq, argv[0]);
+ }
+ exit(1);
+ }
+
+ rcvr = rtp_receiver_alloc();
+ if (rcvr == NULL) {
+ fprintf(stderr, "error: malloc() failed\n");
+ exit(1);
+ }
+ rtp_receiver_init(rcvr, sock, name, ssrc);
+ status = rtp_receiver_init_srtp(rcvr, &policy);
+ if (status) {
+ fprintf(stderr,
+ "error: srtp_create() failed with code %d\n",
+ status);
+ exit(1);
+ }
+
+ /* get next word and loop */
+ while (1) {
+ len = MAX_WORD_LEN;
+ if (rtp_recvfrom(rcvr, word, &len) > -1)
+ printf("\tword: %s", word);
+ }
+
+ }
+
+ if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) {
+ leave_group(sock, mreq, argv[0]);
+ }
+
+#ifdef RTPW_USE_WINSOCK2
+ WSACleanup();
+#endif
+
+ return 0;
+}
+
+
+void
+usage(char *string) {
+
+ printf("usage: %s [-d <debug>]* [-k <key> [-a][-e]] "
+ "[-s | -r] dest_ip dest_port\n"
+ "or %s -l\n"
+ "where -a use message authentication\n"
+ " -e use encryption\n"
+ " -k <key> sets the srtp master key\n"
+ " -s act as rtp sender\n"
+ " -r act as rtp receiver\n"
+ " -l list debug modules\n"
+ " -d <debug> turn on debugging for module <debug>\n",
+ string, string);
+ exit(1);
+
+}
+
+
+void
+leave_group(int sock, struct ip_mreq mreq, char *name) {
+ int ret;
+
+ ret = setsockopt(sock, IPPROTO_IP, IP_DROP_MEMBERSHIP, (void*)&mreq,
+ sizeof(mreq));
+ if (ret < 0) {
+ fprintf(stderr, "%s: Failed to leave multicast group", name);
+ perror("");
+ }
+}
+
diff --git a/srtp/test/rtpw_test.sh b/srtp/test/rtpw_test.sh
new file mode 100755
index 0000000..f82e937
--- /dev/null
+++ b/srtp/test/rtpw_test.sh
@@ -0,0 +1,77 @@
+#!/bin/sh
+#
+# usage: rtpw_test <rtpw_commands>
+#
+# tests the rtpw sender and receiver functions
+
+RTPW=rtpw
+DEST_PORT=9999
+DURATION=3
+
+key=2b2edc5034f61a72345ca5986d7bfd0189aa6dc2ecab32fd9af74df6dfc6
+
+ARGS="-k $key -ae"
+
+# First, we run "killall" to get rid of all existing rtpw processes.
+# This step also enables this script to clean up after itself; if this
+# script is interrupted after the rtpw processes are started but before
+# they are killed, those processes will linger. Re-running the script
+# will get rid of them.
+
+killall rtpw 2&>/dev/null
+
+if test -x $RTPW; then
+
+echo $0 ": starting rtpw receiver process... "
+
+$RTPW $* $ARGS -r 0.0.0.0 $DEST_PORT &
+
+receiver_pid=$!
+
+echo $0 ": receiver PID = $receiver_pid"
+
+sleep 1
+
+# verify that the background job is running
+ps | grep -q $receiver_pid
+retval=$?
+echo $retval
+if [ $retval != 0 ]; then
+ echo $0 ": error"
+ exit 254
+fi
+
+echo $0 ": starting rtpw sender process..."
+
+$RTPW $* $ARGS -s 127.0.0.1 $DEST_PORT &
+
+sender_pid=$!
+
+echo $0 ": sender PID = $sender_pid"
+
+# verify that the background job is running
+ps | grep -q $sender_pid
+retval=$?
+echo $retval
+if [ $retval != 0 ]; then
+ echo $0 ": error"
+ exit 255
+fi
+
+sleep $DURATION
+
+kill $receiver_pid
+kill $sender_pid
+
+echo $0 ": done (test passed)"
+
+else
+
+echo "error: can't find executable" $RTPW
+exit 1
+
+fi
+
+# EOF
+
+
diff --git a/srtp/test/srtp_driver b/srtp/test/srtp_driver
new file mode 100755
index 0000000..39f6c3a
--- /dev/null
+++ b/srtp/test/srtp_driver
Binary files differ
diff --git a/srtp/test/srtp_driver.c b/srtp/test/srtp_driver.c
new file mode 100644
index 0000000..12d1c8c
--- /dev/null
+++ b/srtp/test/srtp_driver.c
@@ -0,0 +1,1491 @@
+/*
+ * srtp_driver.c
+ *
+ * a test driver for libSRTP
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <string.h> /* for memcpy() */
+#include <time.h> /* for clock() */
+#include <stdlib.h> /* for malloc(), free() */
+#include <stdio.h> /* for print(), fflush() */
+#include "getopt_s.h" /* for local getopt() */
+
+#include "srtp_priv.h"
+
+#ifdef HAVE_NETINET_IN_H
+# include <netinet/in.h>
+#elif defined HAVE_WINSOCK2_H
+# include <winsock2.h>
+#endif
+
+#define PRINT_REFERENCE_PACKET 1
+
+err_status_t
+srtp_validate(void);
+
+err_status_t
+srtp_create_big_policy(srtp_policy_t **list);
+
+err_status_t
+srtp_test_remove_stream(void);
+
+double
+srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy);
+
+double
+srtp_rejections_per_second(int msg_len_octets, const srtp_policy_t *policy);
+
+void
+srtp_do_timing(const srtp_policy_t *policy);
+
+void
+srtp_do_rejection_timing(const srtp_policy_t *policy);
+
+err_status_t
+srtp_test(const srtp_policy_t *policy);
+
+err_status_t
+srtcp_test(const srtp_policy_t *policy);
+
+err_status_t
+srtp_session_print_policy(srtp_t srtp);
+
+err_status_t
+srtp_print_policy(const srtp_policy_t *policy);
+
+char *
+srtp_packet_to_string(srtp_hdr_t *hdr, int packet_len);
+
+double
+mips_estimate(int num_trials, int *ignore);
+
+extern uint8_t test_key[30];
+
+void
+usage(char *prog_name) {
+ printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n"
+ " -t run timing test\n"
+ " -r run rejection timing test\n"
+ " -c run codec timing test\n"
+ " -v run validation tests\n"
+ " -d <mod> turn on debugging module <mod>\n"
+ " -l list debugging modules\n", prog_name);
+ exit(1);
+}
+
+/*
+ * The policy_array is a null-terminated array of policy structs. it
+ * is declared at the end of this file
+ */
+
+extern const srtp_policy_t *policy_array[];
+
+
+/* the wildcard_policy is declared below; it has a wildcard ssrc */
+
+extern const srtp_policy_t wildcard_policy;
+
+/*
+ * mod_driver debug module - debugging module for this test driver
+ *
+ * we use the crypto_kernel debugging system in this driver, which
+ * makes the interface uniform and increases portability
+ */
+
+debug_module_t mod_driver = {
+ 0, /* debugging is off by default */
+ "driver" /* printable name for module */
+};
+
+int
+main (int argc, char *argv[]) {
+ char q;
+ unsigned do_timing_test = 0;
+ unsigned do_rejection_test = 0;
+ unsigned do_codec_timing = 0;
+ unsigned do_validation = 0;
+ unsigned do_list_mods = 0;
+ err_status_t status;
+
+ /*
+ * verify that the compiler has interpreted the header data
+ * structure srtp_hdr_t correctly
+ */
+ if (sizeof(srtp_hdr_t) != 12) {
+ printf("error: srtp_hdr_t has incorrect size"
+ "(size is %ld bytes, expected 12)\n",
+ sizeof(srtp_hdr_t));
+ exit(1);
+ }
+
+ /* initialize srtp library */
+ status = srtp_init();
+ if (status) {
+ printf("error: srtp init failed with error code %d\n", status);
+ exit(1);
+ }
+
+ /* load srtp_driver debug module */
+ status = crypto_kernel_load_debug_module(&mod_driver);
+ if (status) {
+ printf("error: load of srtp_driver debug module failed "
+ "with error code %d\n", status);
+ exit(1);
+ }
+
+ /* process input arguments */
+ while (1) {
+ q = getopt_s(argc, argv, "trcvld:");
+ if (q == -1)
+ break;
+ switch (q) {
+ case 't':
+ do_timing_test = 1;
+ break;
+ case 'r':
+ do_rejection_test = 1;
+ break;
+ case 'c':
+ do_codec_timing = 1;
+ break;
+ case 'v':
+ do_validation = 1;
+ break;
+ case 'l':
+ do_list_mods = 1;
+ break;
+ case 'd':
+ status = crypto_kernel_set_debug_module(optarg_s, 1);
+ if (status) {
+ printf("error: set debug module (%s) failed\n", optarg_s);
+ exit(1);
+ }
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ if (!do_validation && !do_timing_test && !do_codec_timing
+ && !do_list_mods && !do_rejection_test)
+ usage(argv[0]);
+
+ if (do_list_mods) {
+ status = crypto_kernel_list_debug_modules();
+ if (status) {
+ printf("error: list of debug modules failed\n");
+ exit(1);
+ }
+ }
+
+ if (do_validation) {
+ const srtp_policy_t **policy = policy_array;
+ srtp_policy_t *big_policy;
+
+ /* loop over policy array, testing srtp and srtcp for each policy */
+ while (*policy != NULL) {
+ printf("testing srtp_protect and srtp_unprotect\n");
+ if (srtp_test(*policy) == err_status_ok)
+ printf("passed\n\n");
+ else {
+ printf("failed\n");
+ exit(1);
+ }
+ printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp\n");
+ if (srtcp_test(*policy) == err_status_ok)
+ printf("passed\n\n");
+ else {
+ printf("failed\n");
+ exit(1);
+ }
+ policy++;
+ }
+
+ /* create a big policy list and run tests on it */
+ status = srtp_create_big_policy(&big_policy);
+ if (status) {
+ printf("unexpected failure with error code %d\n", status);
+ exit(1);
+ }
+ printf("testing srtp_protect and srtp_unprotect with big policy\n");
+ if (srtp_test(big_policy) == err_status_ok)
+ printf("passed\n\n");
+ else {
+ printf("failed\n");
+ exit(1);
+ }
+
+ /* run test on wildcard policy */
+ printf("testing srtp_protect and srtp_unprotect on "
+ "wildcard ssrc policy\n");
+ if (srtp_test(&wildcard_policy) == err_status_ok)
+ printf("passed\n\n");
+ else {
+ printf("failed\n");
+ exit(1);
+ }
+
+ /*
+ * run validation test against the reference packets - note
+ * that this test only covers the default policy
+ */
+ printf("testing srtp_protect and srtp_unprotect against "
+ "reference packets\n");
+ if (srtp_validate() == err_status_ok)
+ printf("passed\n\n");
+ else {
+ printf("failed\n");
+ exit(1);
+ }
+
+ /*
+ * test the function srtp_remove_stream()
+ */
+ printf("testing srtp_remove_stream()...");
+ if (srtp_test_remove_stream() == err_status_ok)
+ printf("passed\n");
+ else {
+ printf("failed\n");
+ exit(1);
+ }
+ }
+
+ if (do_timing_test) {
+ const srtp_policy_t **policy = policy_array;
+
+ /* loop over policies, run timing test for each */
+ while (*policy != NULL) {
+ srtp_print_policy(*policy);
+ srtp_do_timing(*policy);
+ policy++;
+ }
+ }
+
+ if (do_rejection_test) {
+ const srtp_policy_t **policy = policy_array;
+
+ /* loop over policies, run rejection timing test for each */
+ while (*policy != NULL) {
+ srtp_print_policy(*policy);
+ srtp_do_rejection_timing(*policy);
+ policy++;
+ }
+ }
+
+ if (do_codec_timing) {
+ srtp_policy_t policy;
+ int ignore;
+ double mips = mips_estimate(1000000000, &ignore);
+
+ crypto_policy_set_rtp_default(&policy.rtp);
+ crypto_policy_set_rtcp_default(&policy.rtcp);
+ policy.ssrc.type = ssrc_specific;
+ policy.ssrc.value = 0xdecafbad;
+ policy.key = test_key;
+ policy.next = NULL;
+
+ printf("mips estimate: %e\n", mips);
+
+ printf("testing srtp processing time for voice codecs:\n");
+ printf("codec\t\tlength (octets)\t\tsrtp instructions/second\n");
+ printf("G.711\t\t%d\t\t\t%e\n", 80,
+ (double) mips * (80 * 8) /
+ srtp_bits_per_second(80, &policy) / .01 );
+ printf("G.711\t\t%d\t\t\t%e\n", 160,
+ (double) mips * (160 * 8) /
+ srtp_bits_per_second(160, &policy) / .02);
+ printf("G.726-32\t%d\t\t\t%e\n", 40,
+ (double) mips * (40 * 8) /
+ srtp_bits_per_second(40, &policy) / .01 );
+ printf("G.726-32\t%d\t\t\t%e\n", 80,
+ (double) mips * (80 * 8) /
+ srtp_bits_per_second(80, &policy) / .02);
+ printf("G.729\t\t%d\t\t\t%e\n", 10,
+ (double) mips * (10 * 8) /
+ srtp_bits_per_second(10, &policy) / .01 );
+ printf("G.729\t\t%d\t\t\t%e\n", 20,
+ (double) mips * (20 * 8) /
+ srtp_bits_per_second(20, &policy) / .02 );
+ printf("Wideband\t%d\t\t\t%e\n", 320,
+ (double) mips * (320 * 8) /
+ srtp_bits_per_second(320, &policy) / .01 );
+ printf("Wideband\t%d\t\t\t%e\n", 640,
+ (double) mips * (640 * 8) /
+ srtp_bits_per_second(640, &policy) / .02 );
+ }
+
+ return 0;
+}
+
+
+
+/*
+ * srtp_create_test_packet(len, ssrc) returns a pointer to a
+ * (malloced) example RTP packet whose data field has the length given
+ * by pkt_octet_len and the SSRC value ssrc. The total length of the
+ * packet is twelve octets longer, since the header is at the
+ * beginning. There is room at the end of the packet for a trailer,
+ * and the four octets following the packet are filled with 0xff
+ * values to enable testing for overwrites.
+ *
+ * note that the location of the test packet can (and should) be
+ * deallocated with the free() call once it is no longer needed.
+ */
+
+srtp_hdr_t *
+srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc) {
+ int i;
+ uint8_t *buffer;
+ srtp_hdr_t *hdr;
+ int bytes_in_hdr = 12;
+
+ /* allocate memory for test packet */
+ hdr = (srtp_hdr_t*) malloc(pkt_octet_len + bytes_in_hdr
+ + SRTP_MAX_TRAILER_LEN + 4);
+ if (!hdr)
+ return NULL;
+
+ hdr->version = 2; /* RTP version two */
+ hdr->p = 0; /* no padding needed */
+ hdr->x = 0; /* no header extension */
+ hdr->cc = 0; /* no CSRCs */
+ hdr->m = 0; /* marker bit */
+ hdr->pt = 0xf; /* payload type */
+ hdr->seq = htons(0x1234); /* sequence number */
+ hdr->ts = htonl(0xdecafbad); /* timestamp */
+ hdr->ssrc = htonl(ssrc); /* synch. source */
+
+ buffer = (uint8_t *)hdr;
+ buffer += bytes_in_hdr;
+
+ /* set RTP data to 0xab */
+ for (i=0; i < pkt_octet_len; i++)
+ *buffer++ = 0xab;
+
+ /* set post-data value to 0xffff to enable overrun checking */
+ for (i=0; i < SRTP_MAX_TRAILER_LEN+4; i++)
+ *buffer++ = 0xff;
+
+ return hdr;
+}
+
+void
+srtp_do_timing(const srtp_policy_t *policy) {
+ int len;
+
+ /*
+ * note: the output of this function is formatted so that it
+ * can be used in gnuplot. '#' indicates a comment, and "\r\n"
+ * terminates a record
+ */
+
+ printf("# testing srtp throughput:\r\n");
+ printf("# mesg length (octets)\tthroughput (megabits per second)\r\n");
+
+ for (len=16; len <= 2048; len *= 2)
+ printf("%d\t\t\t%f\r\n", len,
+ srtp_bits_per_second(len, policy) / 1.0E6);
+
+ /* these extra linefeeds let gnuplot know that a dataset is done */
+ printf("\r\n\r\n");
+
+}
+
+void
+srtp_do_rejection_timing(const srtp_policy_t *policy) {
+ int len;
+
+ /*
+ * note: the output of this function is formatted so that it
+ * can be used in gnuplot. '#' indicates a comment, and "\r\n"
+ * terminates a record
+ */
+
+ printf("# testing srtp rejection throughput:\r\n");
+ printf("# mesg length (octets)\trejections per second\r\n");
+
+ for (len=8; len <= 2048; len *= 2)
+ printf("%d\t\t\t%e\r\n", len, srtp_rejections_per_second(len, policy));
+
+ /* these extra linefeeds let gnuplot know that a dataset is done */
+ printf("\r\n\r\n");
+
+}
+
+
+#define MAX_MSG_LEN 1024
+
+double
+srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy) {
+ srtp_t srtp;
+ srtp_hdr_t *mesg;
+ int i;
+ clock_t timer;
+ int num_trials = 100000;
+ int len;
+ uint32_t ssrc;
+ err_status_t status;
+
+ /*
+ * allocate and initialize an srtp session
+ */
+ status = srtp_create(&srtp, policy);
+ if (status) {
+ printf("error: srtp_create() failed with error code %d\n", status);
+ exit(1);
+ }
+
+ /*
+ * if the ssrc is unspecified, use a predetermined one
+ */
+ if (policy->ssrc.type != ssrc_specific) {
+ ssrc = 0xdeadbeef;
+ } else {
+ ssrc = policy->ssrc.value;
+ }
+
+ /*
+ * create a test packet
+ */
+ mesg = srtp_create_test_packet(msg_len_octets, ssrc);
+ if (mesg == NULL)
+ return 0.0; /* indicate failure by returning zero */
+
+ timer = clock();
+ for (i=0; i < num_trials; i++) {
+ err_status_t status;
+ len = msg_len_octets + 12; /* add in rtp header length */
+
+ /* srtp protect message */
+ status = srtp_protect(srtp, mesg, &len);
+ if (status) {
+ printf("error: srtp_protect() failed with error code %d\n", status);
+ exit(1);
+ }
+
+ /* increment message number */
+ mesg->seq = htons(ntohs(mesg->seq) + 1);
+
+ }
+ timer = clock() - timer;
+
+ free(mesg);
+
+ return (double) (msg_len_octets) * 8 *
+ num_trials * CLOCKS_PER_SEC / timer;
+}
+
+double
+srtp_rejections_per_second(int msg_len_octets, const srtp_policy_t *policy) {
+ srtp_ctx_t *srtp;
+ srtp_hdr_t *mesg;
+ int i;
+ int len;
+ clock_t timer;
+ int num_trials = 1000000;
+ uint32_t ssrc = policy->ssrc.value;
+ err_status_t status;
+
+ /*
+ * allocate and initialize an srtp session
+ */
+ status = srtp_create(&srtp, policy);
+ if (status) {
+ printf("error: srtp_create() failed with error code %d\n", status);
+ exit(1);
+ }
+
+ mesg = srtp_create_test_packet(msg_len_octets, ssrc);
+ if (mesg == NULL)
+ return 0.0; /* indicate failure by returning zero */
+
+ len = msg_len_octets;
+ srtp_protect(srtp, (srtp_hdr_t *)mesg, &len);
+
+ timer = clock();
+ for (i=0; i < num_trials; i++) {
+ len = msg_len_octets;
+ srtp_unprotect(srtp, (srtp_hdr_t *)mesg, &len);
+ }
+ timer = clock() - timer;
+
+ free(mesg);
+
+ return (double) num_trials * CLOCKS_PER_SEC / timer;
+}
+
+
+void
+err_check(err_status_t s) {
+ if (s == err_status_ok)
+ return;
+ else
+ fprintf(stderr, "error: unexpected srtp failure (code %d)\n", s);
+ exit (1);
+}
+
+err_status_t
+srtp_test(const srtp_policy_t *policy) {
+ int i;
+ srtp_t srtp_sender;
+ srtp_t srtp_rcvr;
+ err_status_t status = err_status_ok;
+ srtp_hdr_t *hdr, *hdr2;
+ uint8_t hdr_enc[64];
+ uint8_t *pkt_end;
+ int msg_len_octets, msg_len_enc;
+ int len;
+ int tag_length = policy->rtp.auth_tag_len;
+ uint32_t ssrc;
+ srtp_policy_t *rcvr_policy;
+
+ err_check(srtp_create(&srtp_sender, policy));
+
+ /* print out policy */
+ err_check(srtp_session_print_policy(srtp_sender));
+
+ /*
+ * initialize data buffer, using the ssrc in the policy unless that
+ * value is a wildcard, in which case we'll just use an arbitrary
+ * one
+ */
+ if (policy->ssrc.type != ssrc_specific)
+ ssrc = 0xdecafbad;
+ else
+ ssrc = policy->ssrc.value;
+ msg_len_octets = 28;
+ hdr = srtp_create_test_packet(msg_len_octets, ssrc);
+
+ if (hdr == NULL)
+ return err_status_alloc_fail;
+ hdr2 = srtp_create_test_packet(msg_len_octets, ssrc);
+ if (hdr2 == NULL) {
+ free(hdr);
+ return err_status_alloc_fail;
+ }
+
+ /* set message length */
+ len = msg_len_octets;
+
+ debug_print(mod_driver, "before protection:\n%s",
+ srtp_packet_to_string(hdr, len));
+
+#if PRINT_REFERENCE_PACKET
+ debug_print(mod_driver, "reference packet before protection:\n%s",
+ octet_string_hex_string((uint8_t *)hdr, len));
+#endif
+ err_check(srtp_protect(srtp_sender, hdr, &len));
+
+ debug_print(mod_driver, "after protection:\n%s",
+ srtp_packet_to_string(hdr, len));
+#if PRINT_REFERENCE_PACKET
+ debug_print(mod_driver, "after protection:\n%s",
+ octet_string_hex_string((uint8_t *)hdr, len));
+#endif
+
+ /* save protected message and length */
+ memcpy(hdr_enc, hdr, len);
+ msg_len_enc = len;
+
+ /*
+ * check for overrun of the srtp_protect() function
+ *
+ * The packet is followed by a value of 0xfffff; if the value of the
+ * data following the packet is different, then we know that the
+ * protect function is overwriting the end of the packet.
+ */
+ pkt_end = (uint8_t *)hdr + sizeof(srtp_hdr_t)
+ + msg_len_octets + tag_length;
+ for (i = 0; i < 4; i++)
+ if (pkt_end[i] != 0xff) {
+ fprintf(stdout, "overwrite in srtp_protect() function "
+ "(expected %x, found %x in trailing octet %d)\n",
+ 0xff, ((uint8_t *)hdr)[i], i);
+ free(hdr);
+ free(hdr2);
+ return err_status_algo_fail;
+ }
+
+ /*
+ * if the policy includes confidentiality, check that ciphertext is
+ * different than plaintext
+ *
+ * Note that this check will give false negatives, with some small
+ * probability, especially if the packets are short. For that
+ * reason, we skip this check if the plaintext is less than four
+ * octets long.
+ */
+ if ((policy->rtp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) {
+ printf("testing that ciphertext is distinct from plaintext...");
+ status = err_status_algo_fail;
+ for (i=12; i < msg_len_octets+12; i++)
+ if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) {
+ status = err_status_ok;
+ }
+ if (status) {
+ printf("failed\n");
+ free(hdr);
+ free(hdr2);
+ return status;
+ }
+ printf("passed\n");
+ }
+
+ /*
+ * if the policy uses a 'wildcard' ssrc, then we need to make a copy
+ * of the policy that changes the direction to inbound
+ *
+ * we always copy the policy into the rcvr_policy, since otherwise
+ * the compiler would fret about the constness of the policy
+ */
+ rcvr_policy = (srtp_policy_t*) malloc(sizeof(srtp_policy_t));
+ if (rcvr_policy == NULL)
+ return err_status_alloc_fail;
+ memcpy(rcvr_policy, policy, sizeof(srtp_policy_t));
+ if (policy->ssrc.type == ssrc_any_outbound) {
+ rcvr_policy->ssrc.type = ssrc_any_inbound;
+ }
+
+ err_check(srtp_create(&srtp_rcvr, rcvr_policy));
+
+ err_check(srtp_unprotect(srtp_rcvr, hdr, &len));
+
+ debug_print(mod_driver, "after unprotection:\n%s",
+ srtp_packet_to_string(hdr, len));
+
+ /* verify that the unprotected packet matches the origial one */
+ for (i=0; i < msg_len_octets; i++)
+ if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) {
+ fprintf(stdout, "mismatch at octet %d\n", i);
+ status = err_status_algo_fail;
+ }
+ if (status) {
+ free(hdr);
+ free(hdr2);
+ return status;
+ }
+
+ /*
+ * if the policy includes authentication, then test for false positives
+ */
+ if (policy->rtp.sec_serv & sec_serv_auth) {
+ char *data = ((char *)hdr) + 12;
+
+ printf("testing for false positives in replay check...");
+
+ /* set message length */
+ len = msg_len_enc;
+
+ /* unprotect a second time - should fail with a replay error */
+ status = srtp_unprotect(srtp_rcvr, hdr_enc, &len);
+ if (status != err_status_replay_fail) {
+ printf("failed with error code %d\n", status);
+ free(hdr);
+ free(hdr2);
+ return status;
+ } else {
+ printf("passed\n");
+ }
+
+ printf("testing for false positives in auth check...");
+
+ /* increment sequence number in header */
+ hdr->seq++;
+
+ /* set message length */
+ len = msg_len_octets;
+
+ /* apply protection */
+ err_check(srtp_protect(srtp_sender, hdr, &len));
+
+ /* flip bits in packet */
+ data[0] ^= 0xff;
+
+ /* unprotect, and check for authentication failure */
+ status = srtp_unprotect(srtp_rcvr, hdr, &len);
+ if (status != err_status_auth_fail) {
+ printf("failed\n");
+ free(hdr);
+ free(hdr2);
+ return status;
+ } else {
+ printf("passed\n");
+ }
+
+ }
+
+ err_check(srtp_dealloc(srtp_sender));
+ err_check(srtp_dealloc(srtp_rcvr));
+
+ free(hdr);
+ free(hdr2);
+ return err_status_ok;
+}
+
+
+err_status_t
+srtcp_test(const srtp_policy_t *policy) {
+ int i;
+ srtp_t srtcp_sender;
+ srtp_t srtcp_rcvr;
+ err_status_t status = err_status_ok;
+ srtp_hdr_t *hdr, *hdr2;
+ uint8_t hdr_enc[64];
+ uint8_t *pkt_end;
+ int msg_len_octets, msg_len_enc;
+ int len;
+ int tag_length = policy->rtp.auth_tag_len;
+ uint32_t ssrc;
+ srtp_policy_t *rcvr_policy;
+
+ err_check(srtp_create(&srtcp_sender, policy));
+
+ /* print out policy */
+ err_check(srtp_session_print_policy(srtcp_sender));
+
+ /*
+ * initialize data buffer, using the ssrc in the policy unless that
+ * value is a wildcard, in which case we'll just use an arbitrary
+ * one
+ */
+ if (policy->ssrc.type != ssrc_specific)
+ ssrc = 0xdecafbad;
+ else
+ ssrc = policy->ssrc.value;
+ msg_len_octets = 28;
+ hdr = srtp_create_test_packet(msg_len_octets, ssrc);
+
+ if (hdr == NULL)
+ return err_status_alloc_fail;
+ hdr2 = srtp_create_test_packet(msg_len_octets, ssrc);
+ if (hdr2 == NULL) {
+ free(hdr);
+ return err_status_alloc_fail;
+ }
+
+ /* set message length */
+ len = msg_len_octets;
+
+ debug_print(mod_driver, "before protection:\n%s",
+ srtp_packet_to_string(hdr, len));
+
+#if PRINT_REFERENCE_PACKET
+ debug_print(mod_driver, "reference packet before protection:\n%s",
+ octet_string_hex_string((uint8_t *)hdr, len));
+#endif
+ err_check(srtp_protect_rtcp(srtcp_sender, hdr, &len));
+
+ debug_print(mod_driver, "after protection:\n%s",
+ srtp_packet_to_string(hdr, len));
+#if PRINT_REFERENCE_PACKET
+ debug_print(mod_driver, "after protection:\n%s",
+ octet_string_hex_string((uint8_t *)hdr, len));
+#endif
+
+ /* save protected message and length */
+ memcpy(hdr_enc, hdr, len);
+ msg_len_enc = len;
+
+ /*
+ * check for overrun of the srtp_protect() function
+ *
+ * The packet is followed by a value of 0xfffff; if the value of the
+ * data following the packet is different, then we know that the
+ * protect function is overwriting the end of the packet.
+ */
+ pkt_end = (uint8_t *)hdr + sizeof(srtp_hdr_t)
+ + msg_len_octets + tag_length;
+ for (i = 0; i < 4; i++)
+ if (pkt_end[i] != 0xff) {
+ fprintf(stdout, "overwrite in srtp_protect_rtcp() function "
+ "(expected %x, found %x in trailing octet %d)\n",
+ 0xff, ((uint8_t *)hdr)[i], i);
+ free(hdr);
+ free(hdr2);
+ return err_status_algo_fail;
+ }
+
+ /*
+ * if the policy includes confidentiality, check that ciphertext is
+ * different than plaintext
+ *
+ * Note that this check will give false negatives, with some small
+ * probability, especially if the packets are short. For that
+ * reason, we skip this check if the plaintext is less than four
+ * octets long.
+ */
+ if ((policy->rtp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) {
+ printf("testing that ciphertext is distinct from plaintext...");
+ status = err_status_algo_fail;
+ for (i=12; i < msg_len_octets+12; i++)
+ if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) {
+ status = err_status_ok;
+ }
+ if (status) {
+ printf("failed\n");
+ free(hdr);
+ free(hdr2);
+ return status;
+ }
+ printf("passed\n");
+ }
+
+ /*
+ * if the policy uses a 'wildcard' ssrc, then we need to make a copy
+ * of the policy that changes the direction to inbound
+ *
+ * we always copy the policy into the rcvr_policy, since otherwise
+ * the compiler would fret about the constness of the policy
+ */
+ rcvr_policy = (srtp_policy_t*) malloc(sizeof(srtp_policy_t));
+ if (rcvr_policy == NULL)
+ return err_status_alloc_fail;
+ memcpy(rcvr_policy, policy, sizeof(srtp_policy_t));
+ if (policy->ssrc.type == ssrc_any_outbound) {
+ rcvr_policy->ssrc.type = ssrc_any_inbound;
+ }
+
+ err_check(srtp_create(&srtcp_rcvr, rcvr_policy));
+
+ err_check(srtp_unprotect_rtcp(srtcp_rcvr, hdr, &len));
+
+ debug_print(mod_driver, "after unprotection:\n%s",
+ srtp_packet_to_string(hdr, len));
+
+ /* verify that the unprotected packet matches the origial one */
+ for (i=0; i < msg_len_octets; i++)
+ if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) {
+ fprintf(stdout, "mismatch at octet %d\n", i);
+ status = err_status_algo_fail;
+ }
+ if (status) {
+ free(hdr);
+ free(hdr2);
+ return status;
+ }
+
+ /*
+ * if the policy includes authentication, then test for false positives
+ */
+ if (policy->rtp.sec_serv & sec_serv_auth) {
+ char *data = ((char *)hdr) + 12;
+
+ printf("testing for false positives in replay check...");
+
+ /* set message length */
+ len = msg_len_enc;
+
+ /* unprotect a second time - should fail with a replay error */
+ status = srtp_unprotect_rtcp(srtcp_rcvr, hdr_enc, &len);
+ if (status != err_status_replay_fail) {
+ printf("failed with error code %d\n", status);
+ free(hdr);
+ free(hdr2);
+ return status;
+ } else {
+ printf("passed\n");
+ }
+
+ printf("testing for false positives in auth check...");
+
+ /* increment sequence number in header */
+ hdr->seq++;
+
+ /* set message length */
+ len = msg_len_octets;
+
+ /* apply protection */
+ err_check(srtp_protect_rtcp(srtcp_sender, hdr, &len));
+
+ /* flip bits in packet */
+ data[0] ^= 0xff;
+
+ /* unprotect, and check for authentication failure */
+ status = srtp_unprotect_rtcp(srtcp_rcvr, hdr, &len);
+ if (status != err_status_auth_fail) {
+ printf("failed\n");
+ free(hdr);
+ free(hdr2);
+ return status;
+ } else {
+ printf("passed\n");
+ }
+
+ }
+
+ err_check(srtp_dealloc(srtcp_sender));
+ err_check(srtp_dealloc(srtcp_rcvr));
+
+ free(hdr);
+ free(hdr2);
+ return err_status_ok;
+}
+
+
+err_status_t
+srtp_session_print_policy(srtp_t srtp) {
+ char *serv_descr[4] = {
+ "none",
+ "confidentiality",
+ "authentication",
+ "confidentiality and authentication"
+ };
+ char *direction[3] = {
+ "unknown",
+ "outbound",
+ "inbound"
+ };
+ srtp_stream_t stream;
+
+ /* sanity checking */
+ if (srtp == NULL)
+ return err_status_fail;
+
+ /* if there's a template stream, print it out */
+ if (srtp->stream_template != NULL) {
+ stream = srtp->stream_template;
+ printf("# SSRC: any %s\r\n"
+ "# rtp cipher: %s\r\n"
+ "# rtp auth: %s\r\n"
+ "# rtp services: %s\r\n"
+ "# rtcp cipher: %s\r\n"
+ "# rtcp auth: %s\r\n"
+ "# rtcp services: %s\r\n",
+ direction[stream->direction],
+ stream->rtp_cipher->type->description,
+ stream->rtp_auth->type->description,
+ serv_descr[stream->rtp_services],
+ stream->rtcp_cipher->type->description,
+ stream->rtcp_auth->type->description,
+ serv_descr[stream->rtcp_services]);
+ }
+
+ /* loop over streams in session, printing the policy of each */
+ stream = srtp->stream_list;
+ while (stream != NULL) {
+ if (stream->rtp_services > sec_serv_conf_and_auth)
+ return err_status_bad_param;
+
+ printf("# SSRC: 0x%08x\r\n"
+ "# rtp cipher: %s\r\n"
+ "# rtp auth: %s\r\n"
+ "# rtp services: %s\r\n"
+ "# rtcp cipher: %s\r\n"
+ "# rtcp auth: %s\r\n"
+ "# rtcp services: %s\r\n",
+ stream->ssrc,
+ stream->rtp_cipher->type->description,
+ stream->rtp_auth->type->description,
+ serv_descr[stream->rtp_services],
+ stream->rtcp_cipher->type->description,
+ stream->rtcp_auth->type->description,
+ serv_descr[stream->rtcp_services]);
+
+ /* advance to next stream in the list */
+ stream = stream->next;
+ }
+ return err_status_ok;
+}
+
+err_status_t
+srtp_print_policy(const srtp_policy_t *policy) {
+ err_status_t status;
+ srtp_t session;
+
+ status = srtp_create(&session, policy);
+ if (status)
+ return status;
+ status = srtp_session_print_policy(session);
+ if (status)
+ return status;
+ status = srtp_dealloc(session);
+ if (status)
+ return status;
+ return err_status_ok;
+}
+
+/*
+ * srtp_print_packet(...) is for debugging only
+ * it prints an RTP packet to the stdout
+ *
+ * note that this function is *not* threadsafe
+ */
+
+#include <stdio.h>
+
+#define MTU 2048
+
+char packet_string[MTU];
+
+char *
+srtp_packet_to_string(srtp_hdr_t *hdr, int pkt_octet_len) {
+ int octets_in_rtp_header = 12;
+ uint8_t *data = ((uint8_t *)hdr)+octets_in_rtp_header;
+ int hex_len = pkt_octet_len-octets_in_rtp_header;
+
+ /* sanity checking */
+ if ((hdr == NULL) || (pkt_octet_len > MTU))
+ return NULL;
+
+ /* write packet into string */
+ sprintf(packet_string,
+ "(s)rtp packet: {\n"
+ " version:\t%d\n"
+ " p:\t\t%d\n"
+ " x:\t\t%d\n"
+ " cc:\t\t%d\n"
+ " m:\t\t%d\n"
+ " pt:\t\t%x\n"
+ " seq:\t\t%x\n"
+ " ts:\t\t%x\n"
+ " ssrc:\t%x\n"
+ " data:\t%s\n"
+ "} (%d octets in total)\n",
+ hdr->version,
+ hdr->p,
+ hdr->x,
+ hdr->cc,
+ hdr->m,
+ hdr->pt,
+ hdr->seq,
+ hdr->ts,
+ hdr->ssrc,
+ octet_string_hex_string(data, hex_len),
+ pkt_octet_len);
+
+ return packet_string;
+}
+
+/*
+ * mips_estimate() is a simple function to estimate the number of
+ * instructions per second that the host can perform. note that this
+ * function can be grossly wrong; you may want to have a manual sanity
+ * check of its output!
+ *
+ * the 'ignore' pointer is there to convince the compiler to not just
+ * optimize away the function
+ */
+
+double
+mips_estimate(int num_trials, int *ignore) {
+ clock_t t;
+ int i, sum;
+
+ sum = 0;
+ t = clock();
+ for (i=0; i<num_trials; i++)
+ sum += i;
+ t = clock() - t;
+
+/* printf("%d\n", sum); */
+ *ignore = sum;
+
+ return (double) num_trials * CLOCKS_PER_SEC / t;
+}
+
+
+/*
+ * srtp_validate() verifies the correctness of libsrtp by comparing
+ * some computed packets against some pre-computed reference values.
+ * These packets were made with the default SRTP policy.
+ */
+
+
+err_status_t
+srtp_validate() {
+ unsigned char test_key[30] = {
+ 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
+ 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
+ 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
+ 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
+ };
+ uint8_t srtp_plaintext_ref[28] = {
+ 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
+ 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab
+ };
+ uint8_t srtp_plaintext[38] = {
+ 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
+ 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ };
+ uint8_t srtp_ciphertext[38] = {
+ 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
+ 0xca, 0xfe, 0xba, 0xbe, 0x4e, 0x55, 0xdc, 0x4c,
+ 0xe7, 0x99, 0x78, 0xd8, 0x8c, 0xa4, 0xd2, 0x15,
+ 0x94, 0x9d, 0x24, 0x02, 0xb7, 0x8d, 0x6a, 0xcc,
+ 0x99, 0xea, 0x17, 0x9b, 0x8d, 0xbb
+ };
+ srtp_t srtp_snd, srtp_recv;
+ err_status_t status;
+ int len;
+ srtp_policy_t policy;
+
+ /*
+ * create a session with a single stream using the default srtp
+ * policy and with the SSRC value 0xcafebabe
+ */
+ crypto_policy_set_rtp_default(&policy.rtp);
+ crypto_policy_set_rtcp_default(&policy.rtcp);
+ policy.ssrc.type = ssrc_specific;
+ policy.ssrc.value = 0xcafebabe;
+ policy.key = test_key;
+ policy.next = NULL;
+
+ status = srtp_create(&srtp_snd, &policy);
+ if (status)
+ return status;
+
+ /*
+ * protect plaintext, then compare with ciphertext
+ */
+ len = 28;
+ status = srtp_protect(srtp_snd, srtp_plaintext, &len);
+ if (status || (len != 38))
+ return err_status_fail;
+
+ debug_print(mod_driver, "ciphertext:\n %s",
+ octet_string_hex_string(srtp_plaintext, len));
+ debug_print(mod_driver, "ciphertext reference:\n %s",
+ octet_string_hex_string(srtp_ciphertext, len));
+
+ if (octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len))
+ return err_status_fail;
+
+ /*
+ * create a receiver session context comparable to the one created
+ * above - we need to do this so that the replay checking doesn't
+ * complain
+ */
+ status = srtp_create(&srtp_recv, &policy);
+ if (status)
+ return status;
+
+ /*
+ * unprotect ciphertext, then compare with plaintext
+ */
+ status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
+ if (status || (len != 28))
+ return status;
+
+ if (octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len))
+ return err_status_fail;
+
+ return err_status_ok;
+}
+
+
+err_status_t
+srtp_create_big_policy(srtp_policy_t **list) {
+ extern const srtp_policy_t *policy_array[];
+ srtp_policy_t *p, *tmp;
+ int i = 0;
+ uint32_t ssrc = 0;
+
+ /* sanity checking */
+ if ((list == NULL) || (policy_array[0] == NULL))
+ return err_status_bad_param;
+
+ /*
+ * loop over policy list, mallocing a new list and copying values
+ * into it (and incrementing the SSRC value as we go along)
+ */
+ tmp = NULL;
+ while (policy_array[i] != NULL) {
+ p = (srtp_policy_t*) malloc(sizeof(srtp_policy_t));
+ if (p == NULL)
+ return err_status_bad_param;
+ memcpy(p, policy_array[i], sizeof(srtp_policy_t));
+ p->ssrc.type = ssrc_specific;
+ p->ssrc.value = ssrc++;
+ p->next = tmp;
+ tmp = p;
+ i++;
+ }
+ *list = p;
+
+ return err_status_ok;
+}
+
+err_status_t
+srtp_test_remove_stream() {
+ err_status_t status;
+ srtp_policy_t *policy_list;
+ srtp_t session;
+ srtp_stream_t stream;
+ /*
+ * srtp_get_stream() is a libSRTP internal function that we declare
+ * here so that we can use it to verify the correct operation of the
+ * library
+ */
+ extern srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc);
+
+
+ status = srtp_create_big_policy(&policy_list);
+ if (status)
+ return status;
+
+ status = srtp_create(&session, policy_list);
+ if (status)
+ return status;
+
+ /*
+ * check for false positives by trying to remove a stream that's not
+ * in the session
+ */
+ status = srtp_remove_stream(session, htonl(0xaaaaaaaa));
+ if (status != err_status_no_ctx)
+ return err_status_fail;
+
+ /*
+ * check for false negatives by removing stream 0x1, then
+ * searching for streams 0x0 and 0x2
+ */
+ status = srtp_remove_stream(session, htonl(0x1));
+ if (status != err_status_ok)
+ return err_status_fail;
+ stream = srtp_get_stream(session, htonl(0x0));
+ if (stream == NULL)
+ return err_status_fail;
+ stream = srtp_get_stream(session, htonl(0x2));
+ if (stream == NULL)
+ return err_status_fail;
+
+ return err_status_ok;
+}
+
+/*
+ * srtp policy definitions - these definitions are used above
+ */
+
+unsigned char test_key[30] = {
+ 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
+ 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
+ 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
+ 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
+};
+
+
+const srtp_policy_t default_policy = {
+ { ssrc_any_outbound, 0 }, /* SSRC */
+ { /* SRTP policy */
+ AES_128_ICM, /* cipher type */
+ 30, /* cipher key length in octets */
+ HMAC_SHA1, /* authentication func type */
+ 16, /* auth key length in octets */
+ 10, /* auth tag length in octets */
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ { /* SRTCP policy */
+ AES_128_ICM, /* cipher type */
+ 30, /* cipher key length in octets */
+ HMAC_SHA1, /* authentication func type */
+ 16, /* auth key length in octets */
+ 10, /* auth tag length in octets */
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ test_key,
+ NULL
+};
+
+const srtp_policy_t aes_tmmh_policy = {
+ { ssrc_any_outbound, 0 }, /* SSRC */
+ {
+ AES_128_ICM, /* cipher type */
+ 30, /* cipher key length in octets */
+ UST_TMMHv2, /* authentication func type */
+ 94, /* auth key length in octets */
+ 4, /* auth tag length in octets */
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ {
+ AES_128_ICM, /* cipher type */
+ 30, /* cipher key length in octets */
+ UST_TMMHv2, /* authentication func type */
+ 94, /* auth key length in octets */
+ 4, /* auth tag length in octets */
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ test_key,
+ NULL
+};
+
+const srtp_policy_t tmmh_only_policy = {
+ { ssrc_any_outbound, 0 }, /* SSRC */
+ {
+ AES_128_ICM, /* cipher type */
+ 30, /* cipher key length in octets */
+ UST_TMMHv2, /* authentication func type */
+ 94, /* auth key length in octets */
+ 4, /* auth tag length in octets */
+ sec_serv_auth /* security services flag */
+ },
+ {
+ AES_128_ICM, /* cipher type */
+ 30, /* cipher key length in octets */
+ UST_TMMHv2, /* authentication func type */
+ 94, /* auth key length in octets */
+ 4, /* auth tag length in octets */
+ sec_serv_auth /* security services flag */
+ },
+ test_key,
+ NULL
+};
+
+const srtp_policy_t aes_only_policy = {
+ { ssrc_any_outbound, 0 }, /* SSRC */
+ {
+ AES_128_ICM, /* cipher type */
+ 30, /* cipher key length in octets */
+ NULL_AUTH, /* authentication func type */
+ 0, /* auth key length in octets */
+ 0, /* auth tag length in octets */
+ sec_serv_conf /* security services flag */
+ },
+ {
+ AES_128_ICM, /* cipher type */
+ 30, /* cipher key length in octets */
+ NULL_AUTH, /* authentication func type */
+ 0, /* auth key length in octets */
+ 0, /* auth tag length in octets */
+ sec_serv_conf /* security services flag */
+ },
+ test_key,
+ NULL
+};
+
+const srtp_policy_t hmac_only_policy = {
+ { ssrc_any_outbound, 0 }, /* SSRC */
+ {
+ NULL_CIPHER, /* cipher type */
+ 0, /* cipher key length in octets */
+ HMAC_SHA1, /* authentication func type */
+ 20, /* auth key length in octets */
+ 4, /* auth tag length in octets */
+ sec_serv_auth /* security services flag */
+ },
+ {
+ NULL_CIPHER, /* cipher type */
+ 0, /* cipher key length in octets */
+ HMAC_SHA1, /* authentication func type */
+ 20, /* auth key length in octets */
+ 4, /* auth tag length in octets */
+ sec_serv_auth /* security services flag */
+ },
+ test_key,
+ NULL
+};
+
+const srtp_policy_t null_policy = {
+ { ssrc_any_outbound, 0 }, /* SSRC */
+ {
+ NULL_CIPHER, /* cipher type */
+ 0, /* cipher key length in octets */
+ NULL_AUTH, /* authentication func type */
+ 0, /* auth key length in octets */
+ 0, /* auth tag length in octets */
+ sec_serv_none /* security services flag */
+ },
+ {
+ NULL_CIPHER, /* cipher type */
+ 0, /* cipher key length in octets */
+ NULL_AUTH, /* authentication func type */
+ 0, /* auth key length in octets */
+ 0, /* auth tag length in octets */
+ sec_serv_none /* security services flag */
+ },
+ test_key,
+ NULL
+};
+
+
+/*
+ * an array of pointers to the policies listed above
+ *
+ * This array is used to test various aspects of libSRTP for
+ * different cryptographic policies. The order of the elements
+ * matters - the timing test generates output that can be used
+ * in a plot (see the gnuplot script file 'timing'). If you
+ * add to this list, you should do it at the end.
+ */
+
+#define USE_TMMH 0
+
+const srtp_policy_t *
+policy_array[] = {
+ &hmac_only_policy,
+#if USE_TMMH
+ &tmmh_only_policy,
+#endif
+ &aes_only_policy,
+#if USE_TMMH
+ &aes_tmmh_policy,
+#endif
+ &default_policy,
+ &null_policy,
+ NULL
+};
+
+const srtp_policy_t wildcard_policy = {
+ { ssrc_any_outbound, 0 }, /* SSRC */
+ { /* SRTP policy */
+ AES_128_ICM, /* cipher type */
+ 30, /* cipher key length in octets */
+ HMAC_SHA1, /* authentication func type */
+ 16, /* auth key length in octets */
+ 10, /* auth tag length in octets */
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ { /* SRTCP policy */
+ AES_128_ICM, /* cipher type */
+ 30, /* cipher key length in octets */
+ HMAC_SHA1, /* authentication func type */
+ 16, /* auth key length in octets */
+ 10, /* auth tag length in octets */
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ test_key,
+ NULL
+};
diff --git a/srtp/timing b/srtp/timing
new file mode 100644
index 0000000..66b00c4
--- /dev/null
+++ b/srtp/timing
@@ -0,0 +1 @@
+# timing.plt # # gnuplot script file for plotting the output generated by srtp_driver -t # # David A. McGrew # Cisco Systems, Inc. # set xrange [0:2500] set term pict "Times-Roman" 9 # # plot authentication-only data # set title "Authentication Only" set ylabel "Megabits per second" set xlabel "Octets in packet" set yrange [0:2000] set output "plot-auth.pict" plot "timing.dat" index 0 title "HMAC SHA1" with lines, "timing.dat" index 1 title "TMMH/AES" with lines, "timing.dat" index 2 title "TMMH/SEAL" with lines # # plot encryption-only data # set title "Encryption Only" set ylabel "Megabits per second" set xlabel "Octets in packet" set output "plot-enc.pict" set yrange [0:1200] plot "timing.dat" index 3 title "SEAL" with lines, "timing.dat" index 4 title "AES ICM" with lines # # plot encryption and authentication data # set title "Encryption and Authentication" set ylabel "Megabits per second" set xlabel "Octets in packet" set yrange [0:1000] set output "plot-enc-auth.pict" plot "timing.dat" index 5 title "TMMH/SEAL" with lines, "timing.dat" index 6 title "TMMH/AES" with lines, "timing.dat" index 7 title "HMAC/AES" with lines \ No newline at end of file
diff --git a/srtp/undos.sh b/srtp/undos.sh
new file mode 100755
index 0000000..db12064
--- /dev/null
+++ b/srtp/undos.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+#
+# usage: undos <file>
+#
+# strips CRs from a file - useful when moving DOS-created files
+# onto UN*X machines
+
+cat $1 | tr -d "\r" > $1.tmp
+mv $1.tmp $1
+
diff --git a/srtp/update.sh b/srtp/update.sh
new file mode 100755
index 0000000..595b647
--- /dev/null
+++ b/srtp/update.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+#
+# update.sh
+#
+# update copyright dates in files
+
+a=`find . -name "*.[ch]"`
+for x in $a; do
+ sed 's/(c) 2001-2005/(c) 2001-2006/' $x > $x.tmp;
+ mv $x.tmp $x;
+done
+
+
+
+