jni/libzrtp/sources/zrtp/libzrtpcpp/ZrtpSdesStream.h

class CryptoContext;
class CryptoContextCtrl;

/**
 * Maximum length of a raw crypto string.
 */
#define MAX_CRYPT_STRING_LEN 200

class ZrtpSdesStream {

public:

    /**
     * Supported SDES crypto suites.
     */
    typedef enum {
        AES_CM_128_HMAC_SHA1_32 = 1,
        AES_CM_128_HMAC_SHA1_80
    } sdesSuites;

    /**
     * SDES stream stated
     */
    typedef enum {
        STREAM_INITALIZED = 1,
        OUT_PROFILE_READY,
        IN_PROFILE_READY,
        SDES_SRTP_ACTIVE
    } sdesZrtpStates;

    /**
     * @brief Create and SDES/ZRTP stream.
     *
     * This method creates an SDES stream with capabilities to handle RTP,
     * RTCP, SRTP, and SRTCP packets.
     *
     * It is not necessary to explicitly start the SDES stream. The method initiates
     * the SRTP after it created and parsed all necessary SDES crypto strings.
     *
     * @param suite defines which crypto suite to use for this stream. The values are
     *              @c AES_CM_128_HMAC_SHA1_80 or @c AES_CM_128_HMAC_SHA1_32.
     */
    ZrtpSdesStream(const sdesSuites suite =AES_CM_128_HMAC_SHA1_32);

    ~ZrtpSdesStream();

    /**
     * @brief Close an SDES/ZRTP stream.
     *
     * Close the stream and return allocated memory to the pool.
     */
    void close();

    /**
     * @brief Creates an SDES crypto string for the SDES/ZRTP stream.
     *
     * Creates the crypto string that the application can use in the SDP fields of
     * SIP INVITE or SIP 200 OK.
     *
     * An INVITE-ing application shall call this function at the same point when
     * it calls the functions to get the @c zrtp-hash string and shall insert the
     * created crypto string into the SDP.
     *
     * An answering application shall call this function directly @b after it called
     * @c sdesZrtpStreamParseSdes. This usually at the same point when it gets the
     * @c zrtp-hash from the SDP parameters and forwards it to @c libzrtp. The
     * answering application's SRTP environment is now ready.
     *
     * @param cryptoString points to a char output buffer that receives the
     *                     crypto  string in the raw format, without the any
     *                     signaling prefix, for example @c a=crypto: in case
     *                     of SDP signaling. The function terminates the
     *                     crypto string with a @c nul byte
     *
     * @param maxLen length of the crypto string buffer. On return it contains the
     *               actual length of the crypto string.
     *
     * @param sipInvite if this is set to @c true (not zero) then the method
     *                  takes the necessary actions to create the crypto eonvironment
     *                  for the inviting SIP application. It it is zero then it handles
     *                  the invited case (answerer).
     *
     * @return @c true if data could be created, @c false otherwise.
     */
    bool createSdes(char *cryptoString, size_t *maxLen, bool sipInvite);

    /**
     * @brief Parses an SDES crypto string for the SDES/ZRTP stream.
     *
     * Parses a received crypto string that the application received in a SIP INVITE
     * or SIP 200 OK.
     *
     * An INVITE-ing application shall call this function right after it received
     * the 200 OK from the answering application and must call this function with the
     * @c sipInvite parameter set to @c true. This usually at the same point when
     * it gets the  @c zrtp-hash from the SDP parameters.
     * This application's SRTP environment is now ready.
     *
     * The answering application calls this function after it received the INVITE and
     * extracted the crypto string from the SDP and must call this function with the
     * @c sipInvite parameter set to @c false. This is usually the same point when
     * it gets the @c zrtp-hash from the SDP parameters.
     *
     * @param cryptoString points to the crypto sting in raw format,
     *                     without any signaling prefix, for example @c
     *                     a=crypto: in case of SDP signaling.
     *
     * @param length length of the crypto string to parse. If the length is
     *               @c zero then the function uses @c strlen to compute
     *               the length.
     *
     * @param sipInvite if this is set to @c true then the method
     *                  takes the necessary actions to create the crypto eonvironment
     *                  for the inviting SIP application. It it is zero then it handles
     *                  the invited case (answerer).
     *
     * @return @c true if data could be created, @c false otherwise.
     */
    bool parseSdes(char *cryptoString, size_t length, bool sipInvite);

    /*
     * ******** Outgoing RTP/RTCP packet handling
     */
    /**
     * @brief Process an outgoing RTP packet
     *
     * This function processes an outgoing RTP packet. Depending on the state
     * the packet is either:
     *  - not encrypted if neither SDES nor ZRTP are active or supported by the
     *    other client. This is the standard case if the stream was just initialized.
     *  - encrypted with SDES provided key data. This is the case if the application
     *    called both @c sdesZrtpStreamCreateSdes and @c sdesZrtpStreamParseSdes
     *    functions to properly setup the SDES key data.
     *
     * @param packet the buffer that contains the RTP packet. After processing, the
     *               encrypted packet is stored in the same buffer. The buffer must
     *               big enough to hold the additional SRTP data, depending on the
     *               SRTP profile these are usually 4 - 20 bytes.
     *
     * @param length length of the RTP packet
     *
     * @param newLength to an integer that get the new length of the packet including SRTP data.
     *
     * @return
     *  - @c true if encryption is successful, app shall send packet to the recipient.
     *  - @c false if there was an error during encryption, don't send the packet.
     */
    bool outgoingRtp(uint8_t *packet, size_t length, size_t *newLength);

    /**
     * @brief Process an outgoing RTCP packet
     *
     * This function works in the same way as @c sdesZrtpProcessRtp.
     *
     * @param packet the buffer that contains the RTCP packet. After processing, the
     *               encrypted packet is stored in the same buffer. The buffer must
     *               big enough to hold the additional SRTP data, depending on the
     *               SRTP profile these are usually 8 - 20 bytes.
     *
     * @param length length of the RTP packet
     *
     * @param newLength to an integer that get the new length of the packet including SRTP data.
     *
     * @return
     *  - @c true if encryption is successful, app shall send packet to the recipient.
     *  - @c false if there was an error during encryption, don't send the packet.
     */
    bool outgoingRtcp(uint8_t *packet, size_t length, size_t *newLength);

    /*
     * ******** Incoming SRTP/SRTCP packet handling
     */
    /**
     * @brief Process an incoming RTP or SRTP packet
     *
     * This function processes an incoming RTP/SRTP packet. Depending on the state
     * the packet is either:
     *  - not decrypted if SDES is not active or supported by the
     *    other client. This is the standard case if the stream was just initialized.
     *  - decrypted with SDES provided key data. This is the case if the application
     *    called both @c sdesZrtpStreamCreateSdes and @c sdesZrtpStreamParseSdes
     *    functions to properly setup the SDES key data.
     *
     * @param packet the buffer that contains the RTP/SRTP packet. After processing,
     *               the decrypted packet is stored in the same buffer.
     *
     * @param length length of the RTCP packet
     *
     * @param newLength to an integer that get the new length of the packet excluding SRTCP data.
     *
     * @return
     *       - 1: success,
     *       - -1: SRTP authentication failed,
     *       - -2: SRTP replay check failed
     */
    int incomingRtp(uint8_t *packet, size_t length, size_t *newLength);

    /**
     * @brief Process an incoming RTCP or SRTCP packet
     *
     * This function works in the same way as @c sdesZrtpProcessSrtp.
     *
     * @param packet the buffer that contains the RTCP/SRTCP packet. After processing,
     *               the decrypted packet is stored in the same buffer.
     *
     * @param length length of the RTCP packet
     *
     * @param newLength to an integer that get the new length of the packet excluding SRTCP data.
     *
     * @return
     *       - 1: success,
     *       - -1: SRTCP authentication failed,
     *       - -2: SRTCP replay check failed
     */
    int incomingSrtcp(uint8_t *packet, size_t length, size_t *newLength);

    /**
     * Return state of SDES stream.
     *
     * @return state of stream.
     */
    sdesZrtpStates getState() {return state;}

    /**
     * Return name of active cipher algorithm.
     *
     * @return point to name of cipher algorithm.
     */
    const char* getCipher();

    /**
     * Return name of active SRTP authentication algorithm.
     *
     * @return point to name of authentication algorithm.
     */
    const char* getAuthAlgo();


    /*
     * ******** Lower layer functions
     */
private:
    /**
     * @brief Create an SRTP crypto context and the according SDES crypto string.
     *
     * This lower layer method creates an SRTP profile an the according SDES
     * crypto string. It selects a valid crypto suite, generates the key and salt
     * data, converts these into base 64 and returns the crypto string in raw format
     * without any signaling prefixes. The method also creates the internal
     * SRTP/SRTCP crypto contexts for outgoing data.
     *
     * The output string has the following format:
     * @verbatim
     * 1 AES_CM_128_HMAC_SHA1_32 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj
     * @endverbatim
     *
     * Applications usually don't use this method directly. Applications shall
     * use the SDES stream functions.
     *
     * Depending on the crypto suite the overall length of the crypto string
     * is variable. For a normal AES_128_CM suite the minumum lenth is 73
     * characters, a AES_256_CM suite results in 97 characters (not counting
     * any signaling prefixes).
     *
     * @param cryptoString points to a char output buffer that receives the
     *                     crypto  string in the raw format, without the any
     *                     signaling prefix, for example @c a=crypto: in case
     *                     of SDP signaling. The function terminates the
     *                     crypto string with a @c nul byte
     *
     * @param maxLen points to an integer. On input this integer specifies the
     *               length of the output buffer. If @c maxLen is smaller than
     *               the resulting crypto string the function returns an error
     *               conde. On return the functions sets @c maxLen to the
     *               actual length of the resultig crypto string.
     *
     * @param tag the value of the @c tag field in the crypto string. The
     *            answerer must use this input to make sure that the tag value
     *            in the answer matches the value in the offer. See RFC 4568,
     *            section 5.1.2.
     *            If the tag value is @c -1 the function sets the tag to @c 1.
     *
     * @return @c true if data could be created, @c false
     *          otherwise.
     */
    bool createSdesProfile(char *cryptoString, size_t *maxLen);

    /**
     * @brief Parse and check an offered SDES crypto string and create SRTP crypto context.
     *
     * The method parses an offered SDES crypto string and checks if it is
     * valid. Next it checks if the string contains a supported crypto suite
     * and if the key and salt lengths match the selected crypto suite. The method
     * also creates the internal SRTP/SRTCP crypto contexts for incoming data.
     *
     * Applications usually don't use this method directly. Applications shall
     * use the SDES stream functions.
     *
     * @b NOTE: This function does not support the optional parameters lifetime,
     * MKI, and session parameters. While it can parse liftime and MKI theiy are
     * not evaluated and used. If these parameters are used in the input crypto
     * string the function return @c false.
     *
     * @param cryptoString points to the crypto sting in raw format,
     *        without any signaling prefix, for example @c a=crypto: in case of
     *        SDP signaling.
     *
     * @param length length of the crypto string to parse. If the length is
     *        @c zero then the function uses @c strlen to compute the length.
     *
     * @param parsedSuite the function sets this to the @c sdesSuites enumerator of
     *        the parsed crypto suite. The answerer shall use this as input to
     *        @c createSdesProfile to make sure that it creates the same crypto suite.
     *        See RFC 4568, section 5.1.2
     *
     * @param tag the function sets this to the @c tag value of the parsed crypto
     *        string. The answerer must use this as input to @c createSdesProfile
     *        to make sure that it creates the correct tag in the crypto string.
     *        See RFC 4568, section 5.1.2
     *
     * @return @c true if checks were ok, @c false
     *          otherwise.
     */
    bool parseCreateSdesProfile(const char *cryptoString, size_t length, sdesSuites *parsedSuite, int32_t *tag);

    sdesZrtpStates state;
    sdesSuites     suite;
    int32_t        tag;
    CryptoContext     *recvSrtp;           //!< The SRTP context for this stream
    CryptoContextCtrl *recvSrtcp;          //!< The SRTCP context for this stream
    CryptoContext     *sendSrtp;           //!< The SRTP context for this stream
    CryptoContextCtrl *sendSrtcp;          //!< The SRTCP context for this stream
    uint32_t srtcpIndex;                   //!< the local SRTCP index

};