summaryrefslogtreecommitdiff
path: root/srtp/crypto/kernel
diff options
context:
space:
mode:
Diffstat (limited to 'srtp/crypto/kernel')
-rw-r--r--srtp/crypto/kernel/CVS/Entries5
-rw-r--r--srtp/crypto/kernel/CVS/Repository1
-rw-r--r--srtp/crypto/kernel/CVS/Root1
-rw-r--r--srtp/crypto/kernel/alloc.c119
-rw-r--r--srtp/crypto/kernel/crypto_kernel.c523
-rw-r--r--srtp/crypto/kernel/err.c148
-rw-r--r--srtp/crypto/kernel/key.c115
7 files changed, 912 insertions, 0 deletions
diff --git a/srtp/crypto/kernel/CVS/Entries b/srtp/crypto/kernel/CVS/Entries
new file mode 100644
index 0000000..90057ec
--- /dev/null
+++ b/srtp/crypto/kernel/CVS/Entries
@@ -0,0 +1,5 @@
+/alloc.c/1.4/Thu Jun 8 17:00:28 2006//
+/crypto_kernel.c/1.7/Tue Jul 11 22:10:31 2006//
+/err.c/1.6/Thu Jun 8 17:00:28 2006//
+/key.c/1.7/Thu Jun 8 17:00:28 2006//
+D
diff --git a/srtp/crypto/kernel/CVS/Repository b/srtp/crypto/kernel/CVS/Repository
new file mode 100644
index 0000000..87ab491
--- /dev/null
+++ b/srtp/crypto/kernel/CVS/Repository
@@ -0,0 +1 @@
+srtp/crypto/kernel
diff --git a/srtp/crypto/kernel/CVS/Root b/srtp/crypto/kernel/CVS/Root
new file mode 100644
index 0000000..05e15d8
--- /dev/null
+++ b/srtp/crypto/kernel/CVS/Root
@@ -0,0 +1 @@
+srtp.cvs.sourceforge.net:/cvsroot/srtp
diff --git a/srtp/crypto/kernel/alloc.c b/srtp/crypto/kernel/alloc.c
new file mode 100644
index 0000000..5dd0947
--- /dev/null
+++ b/srtp/crypto/kernel/alloc.c
@@ -0,0 +1,119 @@
+/*
+ * alloc.c
+ *
+ * memory allocation and deallocation
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "alloc.h"
+#include "crypto_kernel.h"
+
+/* the debug module for memory allocation */
+
+debug_module_t mod_alloc = {
+ 0, /* debugging is off by default */
+ "alloc" /* printable name for module */
+};
+
+/*
+ * Nota bene: the debugging statements for crypto_alloc() and
+ * crypto_free() have identical prefixes, which include the addresses
+ * of the memory locations on which they are operating. This fact can
+ * be used to locate memory leaks, by turning on memory debugging,
+ * grepping for 'alloc', then matching alloc and free calls by
+ * address.
+ */
+
+#ifdef SRTP_KERNEL_LINUX
+
+#include <linux/interrupt.h>
+
+void *
+crypto_alloc(size_t size) {
+ void *ptr;
+
+ ptr = kmalloc(size, in_interrupt() ? GFP_ATOMIC : GFP_KERNEL);
+
+ if (ptr) {
+ debug_print(mod_alloc, "(location: %p) allocated", ptr);
+ } else
+ debug_print(mod_alloc, "allocation failed (asked for %d bytes)\n", size);
+
+ return ptr;
+}
+
+void
+crypto_free(void *ptr) {
+
+ debug_print(mod_alloc, "(location: %p) freed", ptr);
+
+ kfree(ptr);
+}
+
+
+#elif defined(HAVE_STDLIB_H)
+
+void *
+crypto_alloc(size_t size) {
+ void *ptr;
+
+ ptr = malloc(size);
+
+ if (ptr) {
+ debug_print(mod_alloc, "(location: %p) allocated", ptr);
+ } else
+ debug_print(mod_alloc, "allocation failed (asked for %d bytes)\n", size);
+
+ return ptr;
+}
+
+void
+crypto_free(void *ptr) {
+
+ debug_print(mod_alloc, "(location: %p) freed", ptr);
+
+ free(ptr);
+}
+
+#else /* we need to define our own memory allocation routines */
+
+#error no memory allocation defined yet
+
+#endif
diff --git a/srtp/crypto/kernel/crypto_kernel.c b/srtp/crypto/kernel/crypto_kernel.c
new file mode 100644
index 0000000..230dda6
--- /dev/null
+++ b/srtp/crypto/kernel/crypto_kernel.c
@@ -0,0 +1,523 @@
+/*
+ * crypto_kernel.c
+ *
+ * header for the cryptographic kernel
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "alloc.h"
+
+#include "crypto_kernel.h"
+
+/* the debug module for the crypto_kernel */
+
+debug_module_t mod_crypto_kernel = {
+ 0, /* debugging is off by default */
+ "crypto kernel" /* printable name for module */
+};
+
+/*
+ * other debug modules that can be included in the kernel
+ */
+
+extern debug_module_t mod_auth;
+extern debug_module_t mod_cipher;
+extern debug_module_t mod_stat;
+extern debug_module_t mod_alloc;
+
+/*
+ * cipher types that can be included in the kernel
+ */
+
+extern cipher_type_t null_cipher;
+extern cipher_type_t aes_icm;
+extern cipher_type_t aes_cbc;
+
+
+/*
+ * auth func types that can be included in the kernel
+ */
+
+extern auth_type_t null_auth;
+extern auth_type_t hmac;
+
+/* crypto_kernel is a global variable, the only one of its datatype */
+
+crypto_kernel_t
+crypto_kernel = {
+ crypto_kernel_state_insecure, /* start off in insecure state */
+ NULL, /* no cipher types yet */
+ NULL, /* no auth types yet */
+ NULL /* no debug modules yet */
+};
+
+#define MAX_RNG_TRIALS 25
+
+err_status_t
+crypto_kernel_init() {
+ err_status_t status;
+
+ /* check the security state */
+ if (crypto_kernel.state == crypto_kernel_state_secure) {
+
+ /*
+ * we're already in the secure state, but we've been asked to
+ * re-initialize, so we just re-run the self-tests and then return
+ */
+ return crypto_kernel_status();
+ }
+
+ /* initialize error reporting system */
+ status = err_reporting_init("crypto");
+ if (status)
+ return status;
+
+ /* load debug modules */
+ status = crypto_kernel_load_debug_module(&mod_crypto_kernel);
+ if (status)
+ return status;
+ status = crypto_kernel_load_debug_module(&mod_auth);
+ if (status)
+ return status;
+ status = crypto_kernel_load_debug_module(&mod_cipher);
+ if (status)
+ return status;
+ status = crypto_kernel_load_debug_module(&mod_stat);
+ if (status)
+ return status;
+ status = crypto_kernel_load_debug_module(&mod_alloc);
+ if (status)
+ return status;
+
+ /* initialize random number generator */
+ status = rand_source_init();
+ if (status)
+ return status;
+
+ /* run FIPS-140 statistical tests on rand_source */
+ status = stat_test_rand_source_with_repetition(rand_source_get_octet_string, MAX_RNG_TRIALS);
+ if (status)
+ return status;
+
+ /* initialize pseudorandom number generator */
+ status = ctr_prng_init(rand_source_get_octet_string);
+ if (status)
+ return status;
+
+ /* run FIPS-140 statistical tests on ctr_prng */
+ status = stat_test_rand_source_with_repetition(ctr_prng_get_octet_string, MAX_RNG_TRIALS);
+ if (status)
+ return status;
+
+ /* load cipher types */
+ status = crypto_kernel_load_cipher_type(&null_cipher, NULL_CIPHER);
+ if (status)
+ return status;
+ status = crypto_kernel_load_cipher_type(&aes_icm, AES_128_ICM);
+ if (status)
+ return status;
+ status = crypto_kernel_load_cipher_type(&aes_cbc, AES_128_CBC);
+ if (status)
+ return status;
+
+ /* load auth func types */
+ status = crypto_kernel_load_auth_type(&null_auth, NULL_AUTH);
+ if (status)
+ return status;
+ status = crypto_kernel_load_auth_type(&hmac, HMAC_SHA1);
+ if (status)
+ return status;
+
+ /* change state to secure */
+ crypto_kernel.state = crypto_kernel_state_secure;
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_kernel_status() {
+ err_status_t status;
+ kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list;
+ kernel_auth_type_t *atype = crypto_kernel.auth_type_list;
+ kernel_debug_module_t *dm = crypto_kernel.debug_module_list;
+
+ /* run FIPS-140 statistical tests on rand_source */
+ printf("testing rand_source...");
+ status = stat_test_rand_source_with_repetition(rand_source_get_octet_string, MAX_RNG_TRIALS);
+ if (status) {
+ printf("failed\n");
+ crypto_kernel.state = crypto_kernel_state_insecure;
+ return status;
+ }
+ printf("passed\n");
+
+ /* for each cipher type, describe and test */
+ while(ctype != NULL) {
+ printf("cipher: %s\n", ctype->cipher_type->description);
+ printf(" instance count: %d\n", ctype->cipher_type->ref_count);
+ printf(" self-test: ");
+ status = cipher_type_self_test(ctype->cipher_type);
+ if (status) {
+ printf("failed with error code %d\n", status);
+ exit(status);
+ }
+ printf("passed\n");
+ ctype = ctype->next;
+ }
+
+ /* for each auth type, describe and test */
+ while(atype != NULL) {
+ printf("auth func: %s\n", atype->auth_type->description);
+ printf(" instance count: %d\n", atype->auth_type->ref_count);
+ printf(" self-test: ");
+ status = auth_type_self_test(atype->auth_type);
+ if (status) {
+ printf("failed with error code %d\n", status);
+ exit(status);
+ }
+ printf("passed\n");
+ atype = atype->next;
+ }
+
+ /* describe each debug module */
+ printf("debug modules loaded:\n");
+ while (dm != NULL) {
+ printf(" %s ", dm->mod->name);
+ if (dm->mod->on)
+ printf("(on)\n");
+ else
+ printf("(off)\n");
+ dm = dm->next;
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_kernel_list_debug_modules() {
+ kernel_debug_module_t *dm = crypto_kernel.debug_module_list;
+
+ /* describe each debug module */
+ printf("debug modules loaded:\n");
+ while (dm != NULL) {
+ printf(" %s ", dm->mod->name);
+ if (dm->mod->on)
+ printf("(on)\n");
+ else
+ printf("(off)\n");
+ dm = dm->next;
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_kernel_shutdown() {
+ err_status_t status;
+
+ /*
+ * free dynamic memory used in crypto_kernel at present
+ */
+
+ /* walk down cipher type list, freeing memory */
+ while (crypto_kernel.cipher_type_list != NULL) {
+ kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list;
+ crypto_kernel.cipher_type_list = ctype->next;
+ debug_print(mod_crypto_kernel,
+ "freeing memory for cipher %s",
+ ctype->cipher_type->description);
+ crypto_free(ctype);
+ }
+
+ /* walk down authetication module list, freeing memory */
+ while (crypto_kernel.auth_type_list != NULL) {
+ kernel_auth_type_t *atype = crypto_kernel.auth_type_list;
+ crypto_kernel.auth_type_list = atype->next;
+ debug_print(mod_crypto_kernel,
+ "freeing memory for authentication %s",
+ atype->auth_type->description);
+ crypto_free(atype);
+ }
+
+ /* walk down debug module list, freeing memory */
+ while (crypto_kernel.debug_module_list != NULL) {
+ kernel_debug_module_t *kdm = crypto_kernel.debug_module_list;
+ crypto_kernel.debug_module_list = kdm->next;
+ debug_print(mod_crypto_kernel,
+ "freeing memory for debug module %s",
+ kdm->mod->name);
+ crypto_free(kdm);
+ }
+
+ /* de-initialize random number generator */ status = rand_source_deinit();
+ if (status)
+ return status;
+
+ /* return to insecure state */
+ crypto_kernel.state = crypto_kernel_state_insecure;
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_kernel_load_cipher_type(cipher_type_t *new_ct, cipher_type_id_t id) {
+ kernel_cipher_type_t *ctype, *new_ctype;
+ err_status_t status;
+
+ /* defensive coding */
+ if (new_ct == NULL)
+ return err_status_bad_param;
+
+ /* check cipher type by running self-test */
+ status = cipher_type_self_test(new_ct);
+ if (status) {
+ return status;
+ }
+
+ /* walk down list, checking if this type is in the list already */
+ ctype = crypto_kernel.cipher_type_list;
+ while (ctype != NULL) {
+ if ((new_ct == ctype->cipher_type) || (id == ctype->id))
+ return err_status_bad_param;
+ ctype = ctype->next;
+ }
+
+ /* put new_ct at the head of the list */
+ /* allocate memory */
+ new_ctype = (kernel_cipher_type_t *) crypto_alloc(sizeof(kernel_cipher_type_t));
+ if (new_ctype == NULL)
+ return err_status_alloc_fail;
+
+ /* set fields */
+ new_ctype->cipher_type = new_ct;
+ new_ctype->id = id;
+ new_ctype->next = crypto_kernel.cipher_type_list;
+
+ /* set head of list to new cipher type */
+ crypto_kernel.cipher_type_list = new_ctype;
+
+ /* load debug module, if there is one present */
+ if (new_ct->debug != NULL)
+ crypto_kernel_load_debug_module(new_ct->debug);
+ /* we could check for errors here */
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_kernel_load_auth_type(auth_type_t *new_at, auth_type_id_t id) {
+ kernel_auth_type_t *atype, *new_atype;
+ err_status_t status;
+
+ /* defensive coding */
+ if (new_at == NULL)
+ return err_status_bad_param;
+
+ /* check auth type by running self-test */
+ status = auth_type_self_test(new_at);
+ if (status) {
+ return status;
+ }
+
+ /* walk down list, checking if this type is in the list already */
+ atype = crypto_kernel.auth_type_list;
+ while (atype != NULL) {
+ if ((new_at == atype->auth_type) || (id == atype->id))
+ return err_status_bad_param;
+ atype = atype->next;
+ }
+
+ /* put new_at at the head of the list */
+ /* allocate memory */
+ new_atype = (kernel_auth_type_t *)crypto_alloc(sizeof(kernel_auth_type_t));
+ if (new_atype == NULL)
+ return err_status_alloc_fail;
+
+ /* set fields */
+ new_atype->auth_type = new_at;
+ new_atype->id = id;
+ new_atype->next = crypto_kernel.auth_type_list;
+
+ /* set head of list to new auth type */
+ crypto_kernel.auth_type_list = new_atype;
+
+ /* load debug module, if there is one present */
+ if (new_at->debug != NULL)
+ crypto_kernel_load_debug_module(new_at->debug);
+ /* we could check for errors here */
+
+ return err_status_ok;
+
+}
+
+
+cipher_type_t *
+crypto_kernel_get_cipher_type(cipher_type_id_t id) {
+ kernel_cipher_type_t *ctype;
+
+ /* walk down list, looking for id */
+ ctype = crypto_kernel.cipher_type_list;
+ while (ctype != NULL) {
+ if (id == ctype->id)
+ return ctype->cipher_type;
+ ctype = ctype->next;
+ }
+
+ /* haven't found the right one, indicate failure by returning NULL */
+ return NULL;
+}
+
+
+err_status_t
+crypto_kernel_alloc_cipher(cipher_type_id_t id,
+ cipher_pointer_t *cp,
+ int key_len) {
+ cipher_type_t *ct;
+
+ /*
+ * if the crypto_kernel is not yet initialized, we refuse to allocate
+ * any ciphers - this is a bit extra-paranoid
+ */
+ if (crypto_kernel.state != crypto_kernel_state_secure)
+ return err_status_init_fail;
+
+ ct = crypto_kernel_get_cipher_type(id);
+ if (!ct)
+ return err_status_fail;
+
+ return ((ct)->alloc(cp, key_len));
+}
+
+
+
+auth_type_t *
+crypto_kernel_get_auth_type(auth_type_id_t id) {
+ kernel_auth_type_t *atype;
+
+ /* walk down list, looking for id */
+ atype = crypto_kernel.auth_type_list;
+ while (atype != NULL) {
+ if (id == atype->id)
+ return atype->auth_type;
+ atype = atype->next;
+ }
+
+ /* haven't found the right one, indicate failure by returning NULL */
+ return NULL;
+}
+
+err_status_t
+crypto_kernel_alloc_auth(auth_type_id_t id,
+ auth_pointer_t *ap,
+ int key_len,
+ int tag_len) {
+ auth_type_t *at;
+
+ /*
+ * if the crypto_kernel is not yet initialized, we refuse to allocate
+ * any auth functions - this is a bit extra-paranoid
+ */
+ if (crypto_kernel.state != crypto_kernel_state_secure)
+ return err_status_init_fail;
+
+ at = crypto_kernel_get_auth_type(id);
+ if (!at)
+ return err_status_fail;
+
+ return ((at)->alloc(ap, key_len, tag_len));
+}
+
+err_status_t
+crypto_kernel_load_debug_module(debug_module_t *new_dm) {
+ kernel_debug_module_t *kdm, *new;
+
+ /* defensive coding */
+ if (new_dm == NULL)
+ return err_status_bad_param;
+
+ /* walk down list, checking if this type is in the list already */
+ kdm = crypto_kernel.debug_module_list;
+ while (kdm != NULL) {
+ if (strncmp(new_dm->name, kdm->mod->name, 64) == 0)
+ return err_status_bad_param;
+ kdm = kdm->next;
+ }
+
+ /* put new_dm at the head of the list */
+ /* allocate memory */
+ new = (kernel_debug_module_t *)crypto_alloc(sizeof(kernel_debug_module_t));
+ if (new == NULL)
+ return err_status_alloc_fail;
+
+ /* set fields */
+ new->mod = new_dm;
+ new->next = crypto_kernel.debug_module_list;
+
+ /* set head of list to new cipher type */
+ crypto_kernel.debug_module_list = new;
+
+ return err_status_ok;
+}
+
+err_status_t
+crypto_kernel_set_debug_module(char *name, int on) {
+ kernel_debug_module_t *kdm;
+
+ /* walk down list, checking if this type is in the list already */
+ kdm = crypto_kernel.debug_module_list;
+ while (kdm != NULL) {
+ if (strncmp(name, kdm->mod->name, 64) == 0) {
+ kdm->mod->on = on;
+ return err_status_ok;
+ }
+ kdm = kdm->next;
+ }
+
+ return err_status_fail;
+}
+
+err_status_t
+crypto_get_random(unsigned char *buffer, unsigned int length) {
+ if (crypto_kernel.state == crypto_kernel_state_secure)
+ return ctr_prng_get_octet_string(buffer, length);
+ else
+ return err_status_fail;
+}
diff --git a/srtp/crypto/kernel/err.c b/srtp/crypto/kernel/err.c
new file mode 100644
index 0000000..4a3a858
--- /dev/null
+++ b/srtp/crypto/kernel/err.c
@@ -0,0 +1,148 @@
+/*
+ * err.c
+ *
+ * error status reporting functions
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "err.h"
+
+#ifdef ERR_REPORTING_SYSLOG
+# ifdef HAVE_SYSLOG_H
+# include <syslog.h>
+# endif
+#endif
+
+
+/* err_level reflects the level of errors that are reported */
+
+err_reporting_level_t err_level = err_level_none;
+
+#ifdef SRTP_KERNEL_LINUX
+err_status_t
+err_reporting_init(char *ident) {
+
+ return err_status_ok;
+}
+
+#else /* SRTP_KERNEL_LINUX */
+
+/* err_file is the FILE to which errors are reported */
+
+static FILE *err_file = NULL;
+
+err_status_t
+err_reporting_init(char *ident) {
+#ifdef ERR_REPORTING_SYSLOG
+ openlog(ident, LOG_PID, LOG_AUTHPRIV);
+#endif
+
+ /*
+ * Believe it or not, openlog doesn't return an error on failure.
+ * But then, neither does the syslog() call...
+ */
+
+#ifdef ERR_REPORTING_STDOUT
+ err_file = stdout;
+#elif defined(USE_ERR_REPORTING_FILE)
+ /* open file for error reporting */
+ err_file = fopen(ERR_REPORTING_FILE, "w");
+ if (err_file == NULL)
+ return err_status_init_fail;
+#endif
+
+ return err_status_ok;
+}
+
+void
+err_report(int priority, char *format, ...) {
+ va_list args;
+
+ if (priority <= err_level) {
+
+ va_start(args, format);
+ if (err_file != NULL) {
+ vfprintf(err_file, format, args);
+ /* fprintf(err_file, "\n"); */
+ }
+#ifdef ERR_REPORTING_SYSLOG
+ if (1) { /* FIXME: Make this a runtime option. */
+ int syslogpri;
+
+ switch (priority) {
+ case err_level_emergency:
+ syslogpri = LOG_EMERG;
+ break;
+ case err_level_alert:
+ syslogpri = LOG_ALERT;
+ break;
+ case err_level_critical:
+ syslogpri = LOG_CRIT;
+ break;
+ case err_level_error:
+ syslogpri = LOG_ERR;
+ break;
+ case err_level_warning:
+ syslogpri = LOG_WARNING;
+ break;
+ case err_level_notice:
+ syslogpri = LOG_NOTICE;
+ break;
+ case err_level_info:
+ syslogpri = LOG_INFO;
+ break;
+ case err_level_debug:
+ case err_level_none:
+ default:
+ syslogpri = LOG_DEBUG;
+ break;
+ }
+
+ vsyslog(syslogpri, format, args);
+#endif
+ va_end(args);
+ }
+}
+#endif /* SRTP_KERNEL_LINUX */
+
+void
+err_reporting_set_level(err_reporting_level_t lvl) {
+ err_level = lvl;
+}
diff --git a/srtp/crypto/kernel/key.c b/srtp/crypto/kernel/key.c
new file mode 100644
index 0000000..9f63b22
--- /dev/null
+++ b/srtp/crypto/kernel/key.c
@@ -0,0 +1,115 @@
+/*
+ * key.c
+ *
+ * key usage limits enforcement
+ *
+ * David A. Mcgrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "key.h"
+
+#define soft_limit 0x10000
+
+err_status_t
+key_limit_set(key_limit_t key, const xtd_seq_num_t s) {
+#ifdef NO_64BIT_MATH
+ if (high32(s) == 0 && low32(s) < soft_limit)
+ return err_status_bad_param;
+#else
+ if (s < soft_limit)
+ return err_status_bad_param;
+#endif
+ key->num_left = s;
+ key->state = key_state_normal;
+ return err_status_ok;
+}
+
+err_status_t
+key_limit_clone(key_limit_t original, key_limit_t *new_key) {
+ if (original == NULL)
+ return err_status_bad_param;
+ *new_key = original;
+ return err_status_ok;
+}
+
+err_status_t
+key_limit_check(const key_limit_t key) {
+ if (key->state == key_state_expired)
+ return err_status_key_expired;
+ return err_status_ok;
+}
+
+key_event_t
+key_limit_update(key_limit_t key) {
+#ifdef NO_64BIT_MATH
+ if (low32(key->num_left) == 0)
+ {
+ // carry
+ key->num_left = make64(high32(key->num_left)-1,low32(key->num_left) - 1);
+ }
+ else
+ {
+ // no carry
+ key->num_left = make64(high32(key->num_left),low32(key->num_left) - 1);
+ }
+ if (high32(key->num_left) != 0 || low32(key->num_left) >= soft_limit) {
+ return key_event_normal; /* we're above the soft limit */
+ }
+#else
+ key->num_left--;
+ if (key->num_left >= soft_limit) {
+ return key_event_normal; /* we're above the soft limit */
+ }
+#endif
+ if (key->state == key_state_normal) {
+ /* we just passed the soft limit, so change the state */
+ key->state = key_state_past_soft_limit;
+ }
+#ifdef NO_64BIT_MATH
+ if (low32(key->num_left) == 0 && high32(key->num_left == 0))
+#else
+ if (key->num_left < 1)
+#endif
+ { /* we just hit the hard limit */
+ key->state = key_state_expired;
+ return key_event_hard_limit;
+ }
+ return key_event_soft_limit;
+}
+