Gitiles
Code Review Sign In
review.jami.net / jami-client-android / c735aa22145a87e54935d8df021f74edcba94930 / . / jni / libzrtp / sources / zrtp / libzrtpcpp / zrtpPacket.h
blob: f01fb52b59a5e9446cb370776ce741645edb0488 [file] [log] [blame]
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]1/*
Alexandre Lision907ed2e2014-02-04 10:33:09 -0500[diff] [blame]2 Copyright (C) 2006-2013 Werner Dittmann
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]3
4 This program is free software: you can redistribute it and/or modify
Alexandre Lision907ed2e2014-02-04 10:33:09 -0500[diff] [blame]5 it under the terms of the GNU Lesser General Public License as published by
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]6 the Free Software Foundation, either version 3 of the License, or
7 (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>.
16*/
17
18/*
19 * Authors: Werner Dittmann <Werner.Dittmann@t-online.de>
20 */
21
22#ifndef ZRTPPACKET_H
23#define ZRTPPACKET_H
24
25/**
26 *
27 * @file zrtpPacket.h
28 * @brief The data structures and definitions for ZRTP messages
29 *
30 * This include file defines the ZRTP message structures. Refer to
31 * chapter 5 of the ZRTP specification which defines the ZRTP messages and
32 * the transport format.
33 *
34 * @ingroup GNU_ZRTP
35 * @{
36 */
37
38#include <stdio.h>
39
40/**
41 * The following defines match the ZRTP specification, chapter 5
42 */
43#define ZRTP_MAGIC 0x5a525450
44
45#define ZRTP_WORD_SIZE 4
46#define CRC_SIZE 4
47
48#define TYPE_SIZE (2*ZRTP_WORD_SIZE)
49#define CLIENT_ID_SIZE (4*ZRTP_WORD_SIZE)
50#define HASH_IMAGE_SIZE (8*ZRTP_WORD_SIZE)
51#define ZID_SIZE (3*ZRTP_WORD_SIZE)
52#define HVI_SIZE (8*ZRTP_WORD_SIZE)
53#define HMAC_SIZE (2*ZRTP_WORD_SIZE)
54#define ID_SIZE (2*ZRTP_WORD_SIZE)
55#define IV_SIZE (4*ZRTP_WORD_SIZE)
56#define PING_HASH_SIZE (2*ZRTP_WORD_SIZE)
57
58
59/**
60 * The ZRTP message header
61 *
62 * A complete ZRTP message always consists of the ZRTP header
63 * and a message specific part. This specific part may have a variable
64 * length. The length field includes the header.
65 */
66typedef struct zrtpPacketHeader {
67 uint16_t zrtpId; ///< Id to identify the message, always 0x505a
68 uint16_t length; ///< Length of the ZRTP message in words
69 uint8_t messageType[TYPE_SIZE]; ///< 2 word (8 octest) message type in ASCII
70} zrtpPacketHeader_t;
71
72/**
73 * Hello message, fixed part.
74 *
75 * The complete Hello message consists of ZRTP message header, Hello fixed
76 * part and a variable part. The Hello class initializes the variable part.
77 */
78typedef struct Hello {
79 uint8_t version[ZRTP_WORD_SIZE]; ///< Announces the ZRTP protocol version
80 uint8_t clientId[CLIENT_ID_SIZE]; ///< A 4 word ASCII identifier of the ZRTP client
81 uint8_t hashH3[HASH_IMAGE_SIZE]; ///< The last hash of the hash chain (chap. 9)
82 uint8_t zid[ZID_SIZE]; ///< ZID - 3 word identifier for the ZRTP endpoint
83 uint8_t flags; ///< flag bits (chap 7.2)
84 uint8_t lengths[3]; ///< number of algorithms present
85} Hello_t;
86
87/**
88 * The complete ZRTP Hello message.
89 */
90typedef struct HelloPacket {
91 zrtpPacketHeader_t hdr; ///< ZRTP Header
92 Hello_t hello; ///< Fixed part of Hello message
93} HelloPacket_t;
94
95/**
96 * HelloAck message.
97 *
98 * The complete HelloAck message consists of ZRTP message header and
99 * the CRC which is the only HelloAck specific data.
100 */
101typedef struct HelloAckPacket {
102 zrtpPacketHeader_t hdr; ///< ZRTP Header
103 uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
104} HelloAckPacket_t;
105
106/**
107 * Commit message
108 *
109 * There are three subtypes of Commit messages, each of which
110 * has a fixed size. The data structure defines the maximum
111 * Commit message. During the ZRTP protocol the implementation
112 * uses fileds according to the use case (DH handshake,
113 * Multi-stream handshake) and adjusts the length.
114 */
115typedef struct Commit {
116 uint8_t hashH2[HASH_IMAGE_SIZE]; ///< The second hash of the hash chain (chap. 9)
117 uint8_t zid[ZID_SIZE]; ///< ZID - 3 word identifier for the ZRTP endpoint
118 uint8_t hash[ZRTP_WORD_SIZE]; ///< Commited hash algorithm
119 uint8_t cipher[ZRTP_WORD_SIZE]; ///< Commited symmetrical cipher algorithm
120 uint8_t authlengths[ZRTP_WORD_SIZE]; ///< Commited SRTP authentication algorithm
121 uint8_t pubkey[ZRTP_WORD_SIZE]; ///< Commited key agreement algorithm
122 uint8_t sas[ZRTP_WORD_SIZE]; ///< Commited SAS algorithm
123 uint8_t hvi[HVI_SIZE]; ///< Hash value Initiator - chap 4.4.1.1
124 uint8_t hmac[HMAC_SIZE]; ///< MAC of the Commit message
125} Commit_t;
126
127/**
128 * The complete ZRTP Commit message.
129 */
130typedef struct CommitPacket {
131 zrtpPacketHeader_t hdr; ///< ZRTP Header
132 Commit_t commit; ///< Commit message
133 uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
134} CommitPacket_t;
135
136/**
137 * DHPart1 and DHPart2 messages
138 *
139 * The DHPart messages have a variable length. The following struct
140 * defines the fixed part only. The DHPart class initializes the
141 * variable part.
142 */
143typedef struct DHPart {
144 uint8_t hashH1[HASH_IMAGE_SIZE]; ///< The first hash of the hash chain (chap. 9)
145 uint8_t rs1Id[ID_SIZE]; ///< Id of first retained secret
146 uint8_t rs2Id[ID_SIZE]; ///< Id of second retained secret
147 uint8_t auxSecretId[ID_SIZE]; ///< Id of additional (auxilliary) secret
148 uint8_t pbxSecretId[ID_SIZE]; ///< Id of PBX secret (chap 7.3.1)
149} DHPart_t;
150
151/**
152 * The complete ZRTP DHPart message.
153 */
154typedef struct DHPartPacket {
155 zrtpPacketHeader_t hdr; ///< ZRTP Header
156 DHPart_t dhPart; ///< DHPart message fixed part
157} DHPartPacket_t;
158
159/**
160 * Confirm1 and Confirm2 messages
161 *
162 * The Confirm message have a variable length. The following struct
163 * defines the fixed part only. The Confirm class initializes the
164 * variable part.
165 *
166 * ZRTP encrypts a part of the Confirm messages, starting at @c hashH0
167 * and includes the variable part.
168 */
169typedef struct Confirm {
170 uint8_t hmac[HMAC_SIZE]; ///< MAC over the encrypted part of Commit message
171 uint8_t iv[IV_SIZE]; ///< IV for CFB mode to encrypt part of Commit
172 uint8_t hashH0[HASH_IMAGE_SIZE]; ///< starting hash of hash chain (chap. 9)
173 uint8_t filler[2]; ///< Filler bytes
174 uint8_t sigLength; ///< Length of an optional signature length (chap 7.2)
175 uint8_t flags; ///< various flags to control behaviour
176 uint32_t expTime; ///< Expiration time of retained secrets (chap 4.9)
177} Confirm_t;
178
179/**
180 * The complete ZRTP Confirm message.
181 */
182typedef struct ConfirmPacket {
183 zrtpPacketHeader_t hdr; ///< ZRTP Header
184 Confirm_t confirm; ///< Confirm message fixed part
185} ConfirmPacket_t;
186
187/**
188 * Conf2Ack message.
189 *
190 * The complete Conf2Ack message consists of ZRTP message header and
191 * the CRC which is the only Conf2Ack specific data.
192 */
193typedef struct Conf2AckPacket {
194 zrtpPacketHeader_t hdr; ///< ZRTP Header
195 uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
196} Conf2AckPacket_t;
197
198/**
199 * The GoClear message is currently not used in
200 * GNU ZRTP C++ - not support for GoClear.
201 */
202typedef struct GoClear {
203 uint8_t clearHmac[HMAC_SIZE]; ///< no used
204} GoClear_t;
205
206/**
207 * The complete ZRTP GoClear message - no used.
208 */
209typedef struct GoClearPacket {
210 zrtpPacketHeader_t hdr; ///< ZRTP Header
211 GoClear_t goClear; ///< not used
212 uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
213} GoClearPacket_t;
214
215/**
216 * The ClearAck message is currently not used in
217 * GNU ZRTP C++ - not support for GoClear.
218 */
219typedef struct ClearAckPacket {
220 zrtpPacketHeader_t hdr; ///< ZRTP Header
221 uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
222} ClearAckPacket_t;
223
224/**
225 * The Error message
226 */
227typedef struct Error {
228 uint32_t errorCode; ///< Error code, see chap 5.9
229} Error_t;
230
231/**
232 * The complete ZRTP Error message.
233 */
234typedef struct ErrorPacket {
235 zrtpPacketHeader_t hdr; ///< ZRTP Header
236 Error_t error; ///< Error message part
237 uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
238} ErrorPacket_t;
239
240/**
241 * ErrorAck message.
242 *
243 * The complete ErrorAck message consists of ZRTP message header and
244 * the CRC which is the only ErrorAck specific data.
245 */
246typedef struct ErrorAckPacket {
247 zrtpPacketHeader_t hdr; ///< ZRTP Header
248 uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
249} ErrorAckPacket_t;
250
251/**
252 * Ping message.
253 *
254 * The Ping message has a fixed size.
255 */
256typedef struct Ping {
257 uint8_t version[ZRTP_WORD_SIZE]; ///< The ZRTP protocol version
258 uint8_t epHash[PING_HASH_SIZE]; ///< End point hash, see chap 5.16
259} Ping_t;
260
261/**
262 * The complete ZRTP Ping message.
263 */
264typedef struct PingPacket {
265 zrtpPacketHeader_t hdr; ///< ZRTP Header
266 Ping_t ping; ///< Ping message part
267 uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
268} PingPacket_t;
269
270/**
271 * PingAck message.
272 *
273 * The PingAck message has a fixed size.
274 */
275typedef struct PingAck {
276 uint8_t version[ZRTP_WORD_SIZE]; ///< The ZRTP protocol version
277 uint8_t localEpHash[PING_HASH_SIZE]; ///< Local end point hash, see chap 5.16
278 uint8_t remoteEpHash[PING_HASH_SIZE]; ///< Remote end point hash, see chap 5.16
279 uint32_t ssrc; ///< SSRC copied from the Ping message (RTP packet part)
280} PingAck_t;
281
282/**
283 * The complete ZRTP PingAck message.
284 */
285typedef struct PingAckPacket {
286 zrtpPacketHeader_t hdr; ///< ZRTP Header
287 PingAck_t pingAck; ///< PingAck message part
288 uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
289} PingAckPacket_t;
290
291/**
292 * SASrelay message
293 *
294 * The SASrelay message has a variable length. The following struct
295 * defines the fixed part only. The SASrelay class initializes the
296 * variable part.
297 *
298 * ZRTP encrypts a part of the SASrelay message, starting at @c hashH0
299 * and includes the variable part.
300 */
301typedef struct SASrelay {
302 uint8_t hmac[HMAC_SIZE]; ///< MAC over the encrypted part of Commit message
303 uint8_t iv[IV_SIZE]; ///< IV for CFB mode to encrypt part of Commit
304 uint8_t filler[2]; ///< Filler bytes
305 uint8_t sigLength; ///< Length of an optional signature length (chap 7.2)
306 uint8_t flags; ///< various flags to control behaviour
307 uint8_t sas[ZRTP_WORD_SIZE]; ///< SAS algorithm to use
308 uint8_t trustedSasHash[HASH_IMAGE_SIZE]; ///< New trusted SAS hash for enrolled client
309} SASrelay_t;
310
311/**
312 * The complete ZRTP SASrelay message.
313 */
314typedef struct SASrelayPacket {
315 zrtpPacketHeader_t hdr; ///< ZRTP Header
316 SASrelay_t sasrelay; ///< SASrelay message fixed part
317} SASrelayPacket_t;
318
319/**
320 * RelayAck message.
321 *
322 * The complete RelayAck message consists of ZRTP message header and
323 * the CRC which is the only RelayAck specific data.
324 */
325typedef struct RelayAckPacket {
326 zrtpPacketHeader_t hdr; ///< ZRTP Header
327 uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
328} RelayAckPacket_t;
329
330#endif // ZRTPPACKET_H
331
332/**
333 * @}
334 */
335
336/** EMACS **
337 * Local variables:
338 * mode: c++
339 * c-default-style: ellemtel
340 * c-basic-offset: 4
341 * End:
342 */