Gitiles
Code Review Sign In
review.jami.net / jami-client-android / ddd731eaa67e55a90b61172d00d9fb5cce1c54af / . / jni / libzrtp / sources / zrtp / libzrtpcpp / ZrtpCWrapper.h
blob: 19aebb05b9b3c96f8c25a15f45a3da01ef09ad18 [file] [log] [blame]
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]1/*
2 This file defines the GNU ZRTP C-to-C++ wrapper.
Alexandre Lisionddd731e2014-01-31 11:50:08 -0500[diff] [blame^]3 Copyright (C) 2010 Werner Dittmann
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]4
5 This program is free software: you can redistribute it and/or modify
Alexandre Lisionddd731e2014-01-31 11:50:08 -0500[diff] [blame^]6 it under the terms of the GNU General Public License as published by
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]7 the Free Software Foundation, either version 3 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18*/
19
20#ifndef ZRTPCWRAPPER_H
21#define ZRTPCWRAPPER_H
22
23/**
24 *
25 * @file ZrtpCWrapper.h
26 * @brief The GNU ZRTP C-to-C++ wrapper.
27 *
28 * To avoid any include of C++ header files some structure, defines, and
29 * enumerations are repeated in this file. Refer to the inline comments if
30 * you modify the file.
31 *
32 * @ingroup GNU_ZRTP
33 * @{
34 *
35 * @see ZRtp
36 */
37
38#include <stdint.h>
39
40/**
41 * Defines to specify the role a ZRTP peer has.
42 *
43 * According to the ZRTP specification the role determines which keys to
44 * use to encrypt or decrypt SRTP data.
45 *
46 * <ul>
47 * <li> The Initiator encrypts SRTP data using the <em>keyInitiator</em> and the
48 * <em>saltInitiator</em> data, the Responder uses these data to decrypt.
49 * </li>
50 * <li> The Responder encrypts SRTP data using the <em>keyResponder</em> and the
51 * <em>saltResponder</em> data, the Initiator uses these data to decrypt.
52 * </li>
53 * </ul>
54 */
55/*
56 * Keep the following defines in sync with Role enumeration in ZrtpCallback.h
57 */
58#define Responder 1 /*!< This client is in ZRTP Responder mode */
59#define Initiator 2 /*!< This client is in ZRTP Initiator mode */
60
61#define CRC_SIZE 4 /*!< Size of CRC code of a ZRTP packet */
62#define ZRTP_MAGIC 0x5a525450 /*!< The magic code that identifies a ZRTP packet */
63#define MAX_ZRTP_SIZE 3072 /*!< The biggest ZRTP packet ever possible */
64
65/*
66 * IMPORTANT: keep the following enums in synch with ZrtpCodes. We copy them here
67 * to avoid any C++ header includes and defines. The protocol states are located
68 * ZrtpStateClass.h .
69 */
70/**
71 * This enum defines the information message severity.
72 *
73 * The ZRTP implementation issues information messages to inform the user
74 * about ongoing processing, unusual behavior, or alerts in case of severe
75 * problems. Each main severity code a number of sub-codes exist that
76 * specify the exact nature of the problem.
77 *
78 * An application gets message severity codes and the associated sub-codes
79 * via the ZrtpUserCallback#showMessage method.
80 *
81 * The severity levels and their meaning are:
82 *
83 * <dl>
84 * <dt>Info</dt> <dd>keeps the user informed about ongoing processing and
85 * security setup. The enumeration InfoCodes defines the subcodes.
86 * </dd>
87 * <dt>Warning</dt> <dd>is an information about some security issues, e.g. if
88 * an AES 256 encryption is request but only DH 3072 as public key scheme
89 * is supported. ZRTP will establish a secure session (SRTP). The
90 * enumeration WarningCodes defines the sub-codes.
91 * </dd>
92 * <dt>Severe</dt> <dd>is used if an error occured during ZRTP protocol usage.
93 * In case of <em>Severe</em> ZRTP will <b>not</b> establish a secure session.
94 * The enumeration SevereCodes defines the sub-codes.
95 * </dd>
96 * <dt>Zrtp</dt> <dd>shows a ZRTP security problem. Refer to the enumeration
97 * ZrtpErrorCodes for sub-codes. GNU ZRTP of course will <b>not</b>
98 * establish a secure session.
99 * </dd>
100 * </dl>
101 *
102 */
103enum zrtp_MessageSeverity {
104 zrtp_Info = 1, /*!< Just an info message */
105 zrtp_Warning, /*!< A Warning message - security can be established */
106 zrtp_Severe, /*!< Severe error, security will not be established */
107 zrtp_ZrtpError /*!< ZRTP error, security will not be established */
108};
109
110/**
111 * Sub-codes for Info
112 */
113enum zrtp_InfoCodes {
114 zrtp_InfoHelloReceived = 1, /*!< Hello received, preparing a Commit */
115 zrtp_InfoCommitDHGenerated, /*!< Commit: Generated a public DH key */
116 zrtp_InfoRespCommitReceived, /*!< Responder: Commit received, preparing DHPart1 */
117 zrtp_InfoDH1DHGenerated, /*!< DH1Part: Generated a public DH key */
118 zrtp_InfoInitDH1Received, /*!< Initiator: DHPart1 received, preparing DHPart2 */
119 zrtp_InfoRespDH2Received, /*!< Responder: DHPart2 received, preparing Confirm1 */
120 zrtp_InfoInitConf1Received, /*!< Initiator: Confirm1 received, preparing Confirm2 */
121 zrtp_InfoRespConf2Received, /*!< Responder: Confirm2 received, preparing Conf2Ack */
122 zrtp_InfoRSMatchFound, /*!< At least one retained secrets matches - security OK */
123 zrtp_InfoSecureStateOn, /*!< Entered secure state */
124 zrtp_InfoSecureStateOff /*!< No more security for this session */
125};
126
127/**
128 * Sub-codes for Warning
129 */
130enum zrtp_WarningCodes {
131 zrtp_WarningDHAESmismatch = 1, /*!< Commit contains an AES256 cipher but does not offer a Diffie-Helman 4096 */
132 zrtp_WarningGoClearReceived, /*!< Received a GoClear message */
133 zrtp_WarningDHShort, /*!< Hello offers an AES256 cipher but does not offer a Diffie-Helman 4096 */
134 zrtp_WarningNoRSMatch, /*!< No retained shared secrets available - must verify SAS */
135 zrtp_WarningCRCmismatch, /*!< Internal ZRTP packet checksum mismatch - packet dropped */
136 zrtp_WarningSRTPauthError, /*!< Dropping packet because SRTP authentication failed! */
137 zrtp_WarningSRTPreplayError, /*!< Dropping packet because SRTP replay check failed! */
138 zrtp_WarningNoExpectedRSMatch /*!< Valid retained shared secrets availabe but no matches found - must verify SAS */
139};
140
141/**
142 * Sub-codes for Severe
143 */
144enum zrtp_SevereCodes {
145 zrtp_SevereHelloHMACFailed = 1, /*!< Hash HMAC check of Hello failed! */
146 zrtp_SevereCommitHMACFailed, /*!< Hash HMAC check of Commit failed! */
147 zrtp_SevereDH1HMACFailed, /*!< Hash HMAC check of DHPart1 failed! */
148 zrtp_SevereDH2HMACFailed, /*!< Hash HMAC check of DHPart2 failed! */
149 zrtp_SevereCannotSend, /*!< Cannot send data - connection or peer down? */
150 zrtp_SevereProtocolError, /*!< Internal protocol error occured! */
151 zrtp_SevereNoTimer, /*!< Cannot start a timer - internal resources exhausted? */
152 zrtp_SevereTooMuchRetries /*!< Too much retries during ZRTP negotiation - connection or peer down? */
153};
154
155/**
156 * Error codes according to the ZRTP specification chapter 6.9
157 *
158 * GNU ZRTP uses these error codes in two ways: to fill the appropriate
159 * field ing the ZRTP Error packet and as sub-code in
160 * ZrtpUserCallback#showMessage(). GNU ZRTP uses thes error codes also
161 * to report received Error packts, in this case the sub-codes are their
162 * negative values.
163 *
164 * The enumeration member comments are copied from the ZRTP specification.
165 */
166enum zrtp_ZrtpErrorCodes {
167 zrtp_MalformedPacket = 0x10, /*!< Malformed packet (CRC OK, but wrong structure) */
168 zrtp_CriticalSWError = 0x20, /*!< Critical software error */
169 zrtp_UnsuppZRTPVersion = 0x30, /*!< Unsupported ZRTP version */
170 zrtp_HelloCompMismatch = 0x40, /*!< Hello components mismatch */
171 zrtp_UnsuppHashType = 0x51, /*!< Hash type not supported */
172 zrtp_UnsuppCiphertype = 0x52, /*!< Cipher type not supported */
173 zrtp_UnsuppPKExchange = 0x53, /*!< Public key exchange not supported */
174 zrtp_UnsuppSRTPAuthTag = 0x54, /*!< SRTP auth. tag not supported */
175 zrtp_UnsuppSASScheme = 0x55, /*!< SAS scheme not supported */
176 zrtp_NoSharedSecret = 0x56, /*!< No shared secret available, DH mode required */
177 zrtp_DHErrorWrongPV = 0x61, /*!< DH Error: bad pvi or pvr ( == 1, 0, or p-1) */
178 zrtp_DHErrorWrongHVI = 0x62, /*!< DH Error: hvi != hashed data */
179 zrtp_SASuntrustedMiTM = 0x63, /*!< Received relayed SAS from untrusted MiTM */
180 zrtp_ConfirmHMACWrong = 0x70, /*!< Auth. Error: Bad Confirm pkt HMAC */
181 zrtp_NonceReused = 0x80, /*!< Nonce reuse */
182 zrtp_EqualZIDHello = 0x90, /*!< Equal ZIDs in Hello */
183 zrtp_GoCleatNotAllowed = 0x100, /*!< GoClear packet received, but not allowed */
184 zrtp_IgnorePacket = 0x7fffffff /*!< Internal state, not reported */
185};
186
187/**
188 * Information codes for the Enrollment user callbacks.
189 */
190enum zrtp_InfoEnrollment {
191 zrtp_EnrollmentRequest, //!< Aks user to confirm or deny an Enrollemnt request
192 zrtp_EnrollmentCanceled, //!< User did not confirm the PBX enrollement
193 zrtp_EnrollmentFailed, //!< Enrollment process failed, no PBX secret available
194 zrtp_EnrollmentOk //!< Enrollment process for this PBX was ok
195};
196
197/* The ZRTP protocol states */
198enum zrtpStates {
199 Initial, /*!< Initial state after starting the state engine */
200 Detect, /*!< State sending Hello, try to detect answer message */
201 AckDetected, /*!< HelloAck received */
202 AckSent, /*!< HelloAck sent after Hello received */
203 WaitCommit, /*!< Wait for a Commit message */
204 CommitSent, /*!< Commit message sent */
205 WaitDHPart2, /*!< Wait for a DHPart2 message */
206 WaitConfirm1, /*!< Wait for a Confirm1 message */
207 WaitConfirm2, /*!< Wait for a confirm2 message */
208 WaitConfAck, /*!< Wait for Conf2Ack */
209 WaitClearAck, /*!< Wait for clearAck - not used */
210 SecureState, /*!< This is the secure state - SRTP active */
211 WaitErrorAck, /*!< Wait for ErrorAck message */
212 numberOfStates /*!< Gives total number of protocol states */
213};
214
215/*! The algorihms that we support in SRTP and that ZRTP can negotiate. */
216typedef enum {
217 zrtp_Aes = 1, /*!< Use AES as symmetrical cipher algorithm */
218 zrtp_TwoFish, /*!< Use TwoFish as symmetrical cipher algorithm */
219 zrtp_Sha1, /*!< Use Sha1 as authentication algorithm */
220 zrtp_Skein /*!< Use Skein as authentication algorithm */
221} zrtp_SrtpAlgorithms;
222
223/**
224 * This structure contains pointers to the SRTP secrets and the role info.
225 *
226 * About the role and what the meaning of the role is refer to the
227 * of the enum Role. The pointers to the secrets are valid as long as
228 * the ZRtp object is active. To use these data after the ZRtp object's
229 * lifetime you may copy the data into a save place.
230 */
231typedef struct c_srtpSecrets
232{
233 zrtp_SrtpAlgorithms symEncAlgorithm;/*!< symmetrical cipher algorithm */
234 const uint8_t* keyInitiator; /*!< Initiator's key */
235 int32_t initKeyLen; /*!< Initiator's key length */
236 const uint8_t* saltInitiator; /*!< Initiator's salt */
237 int32_t initSaltLen; /*!< Initiator's salt length */
238 const uint8_t* keyResponder; /*!< Responder's key */
239 int32_t respKeyLen; /*!< Responder's key length */
240 const uint8_t* saltResponder; /*!< Responder's salt */
241 int32_t respSaltLen; /*!< Responder's salt length */
242 zrtp_SrtpAlgorithms authAlgorithm; /*!< SRTP authentication algorithm */
243 int32_t srtpAuthTagLen; /*!< SRTP authentication length */
244 char* sas; /*!< The SAS string */
245 int32_t role; /*!< ZRTP role of this client */
246} C_SrtpSecret_t;
247
248/*
249 * Keep the following defines in sync with enum EnableSecurity in ZrtpCallback.h
250 */
251#define ForReceiver 1 /*!< Enable security for SRTP receiver */
252#define ForSender 2 /*!< Enable security for SRTP sender */
253
254#ifdef __cplusplus
255#pragma GCC visibility push(default)
256extern "C"
257{
258#endif
259
260 typedef struct ZRtp ZRtp;
261 typedef struct ZrtpCallbackWrapper ZrtpCallbackWrapper;
262 typedef struct ZrtpConfigure ZrtpConfigure;
263
264
265 typedef struct zrtpContext
266 {
267 ZRtp* zrtpEngine; /*!< Holds the real ZRTP engine */
268 ZrtpCallbackWrapper* zrtpCallback; /*!< Help class Callback wrapper */
269 ZrtpConfigure* configure; /*!< Optional configuration data */
270 void* userData; /*!< User data, set by application */
271 } ZrtpContext;
272
273 /**
274 * This structure defines the callback functions required by GNU ZRTP.
275 *
276 * The RTP stack specific part must implement the callback methods.
277 * The generic part of GNU ZRTP uses these mehtods
278 * to communicate with the specific part, for example to send data
279 * via the RTP/SRTP stack, to set timers and cancel timer and so on.
280 *
281 * The generiy part of GNU ZRTP needs only a few callback methods to
282 * be implemented by the specific part.
283 *
284 * @author Werner Dittmann <Werner.Dittmann@t-online.de>
285 */
286
287 /**
288 * The following methods define the GNU ZRTP callback interface.
289 * For detailed documentation refer to file ZrtpCallback.h, each C
290 * method has "zrtp_" prepended to the C++ name.
291 *
292 * @see ZrtpCallback
293 */
294 typedef struct zrtp_Callbacks
295 {
296 /**
297 * Send a ZRTP packet via RTP.
298 *
299 * ZRTP calls this method to send a ZRTP packet via the RTP session.
300 * The ZRTP packet will have to be created using the provided ZRTP message.
301 *
302 * @param ctx
303 * Pointer to the opaque ZrtpContext structure.
304 * @param data
305 * Points to ZRTP message to send.
306 * @param length
307 * The length in bytes of the data
308 * @return
309 * zero if sending failed, one if packet was sent
310 */
311 int32_t (*zrtp_sendDataZRTP) (ZrtpContext* ctx, const uint8_t* data, int32_t length ) ;
312
313 /**
314 * Activate timer.
315 *
316 * @param ctx
317 * Pointer to the opaque ZrtpContext structure.
318 * @param time
319 * The time in ms for the timer
320 * @return
321 * zero if activation failed, one if timer was activated
322 */
323 int32_t (*zrtp_activateTimer) (ZrtpContext* ctx, int32_t time ) ;
324
325 /**
326 * Cancel the active timer.
327 *
328 * @param ctx
329 * Pointer to the opaque ZrtpContext structure.
330 * @return
331 * zero if cancel action failed, one if timer was canceled
332 */
333 int32_t (*zrtp_cancelTimer)(ZrtpContext* ctx) ;
334
335 /**
336 * Send information messages to the hosting environment.
337 *
338 * The ZRTP implementation uses this method to send information
339 * messages to the host. Along with the message ZRTP provides a
340 * severity indicator that defines: Info, Warning, Error,
341 * Alert. Refer to the <code>MessageSeverity</code> enum above.
342 *
343 * @param ctx
344 * Pointer to the opaque ZrtpContext structure.
345 * @param severity
346 * This defines the message's severity
347 * @param subCode
348 * The subcode identifying the reason.
349 * @see ZrtpCodes#MessageSeverity
350 */
351 void (*zrtp_sendInfo) (ZrtpContext* ctx, int32_t severity, int32_t subCode ) ;
352
353 /**
354 * SRTP crypto data ready for the sender or receiver.
355 *
356 * The ZRTP implementation calls this method right after all SRTP
357 * secrets are computed and ready to be used. The parameter points
358 * to a structure that contains pointers to the SRTP secrets and a
359 * <code>enum Role</code>. The called method (the implementation
360 * of this abstract method) must either copy the pointers to the SRTP
361 * data or the SRTP data itself to a save place. The SrtpSecret_t
362 * structure is destroyed after the callback method returns to the
363 * ZRTP implementation.
364 *
365 * The SRTP data themselves are obtained in the ZRtp object and are
366 * valid as long as the ZRtp object is active. TheZRtp's
367 * destructor clears the secrets. Thus the called method needs to
368 * save the pointers only, ZRtp takes care of the data.
369 *
370 * The implementing class may enable SRTP processing in this
371 * method or delay it to srtpSecertsOn().
372 *
373 * @param ctx
374 * Pointer to the opaque ZrtpContext structure.
375 * @param secrets A pointer to a SrtpSecret_t structure that
376 * contains all necessary data.
377 *
378 * @param part for which part (Sender or Receiver) this data is
379 * valid.
380 *
381 * @return Returns false if something went wrong during
382 * initialization of SRTP context, for example memory shortage.
383 */
384 int32_t (*zrtp_srtpSecretsReady) (ZrtpContext* ctx, C_SrtpSecret_t* secrets, int32_t part ) ;
385
386 /**
387 * Switch off the security for the defined part.
388 *
389 * @param ctx
390 * Pointer to the opaque ZrtpContext structure.
391 * @param part Defines for which part (sender or receiver) to
392 * switch on security
393 */
394 void (*zrtp_srtpSecretsOff) (ZrtpContext* ctx, int32_t part ) ;
395
396 /**
397 * Switch on the security.
398 *
399 * ZRTP calls this method after it has computed the SAS and check
400 * if it is verified or not. In addition ZRTP provides information
401 * about the cipher algorithm and key length for the SRTP session.
402 *
403 * This method must enable SRTP processing if it was not enabled
404 * during sertSecretsReady().
405 *
406 * @param ctx
407 * Pointer to the opaque ZrtpContext structure.
408 * @param c The name of the used cipher algorithm and mode, or
409 * NULL
410 *
411 * @param s The SAS string
412 *
413 * @param verified if <code>verified</code> is true then SAS was
414 * verified by both parties during a previous call.
415 */
416 void (*zrtp_rtpSecretsOn) (ZrtpContext* ctx, char* c, char* s, int32_t verified ) ;
417
418 /**
419 * This method handles GoClear requests.
420 *
421 * According to the ZRTP specification the user must be informed about
422 * a GoClear request because the ZRTP implementation switches off security
423 * if it could authenticate the GoClear packet.
424 *
425 * <b>Note:</b> GoClear is not yet implemented in GNU ZRTP.
426 *
427 * @param ctx
428 * Pointer to the opaque ZrtpContext structure.
429 */
430 void (*zrtp_handleGoClear)(ZrtpContext* ctx) ;
431
432 /**
433 * Handle ZRTP negotiation failed.
434 *
435 * ZRTP calls this method in case ZRTP negotiation failed. The
436 * parameters show the severity as well as the reason.
437 *
438 * @param ctx
439 * Pointer to the opaque ZrtpContext structure.
440 * @param severity
441 * This defines the message's severity
442 * @param subCode
443 * The subcode identifying the reason.
444 * @see ZrtpCodes#MessageSeverity
445 */
446 void (*zrtp_zrtpNegotiationFailed) (ZrtpContext* ctx, int32_t severity, int32_t subCode ) ;
447
448 /**
449 * ZRTP calls this method if the other side does not support ZRTP.
450 *
451 * @param ctx
452 * Pointer to the opaque ZrtpContext structure.
453 * If the other side does not answer the ZRTP <em>Hello</em> packets then
454 * ZRTP calls this method,
455 *
456 */
457 void (*zrtp_zrtpNotSuppOther)(ZrtpContext* ctx) ;
458
459 /**
460 * Enter synchronization mutex.
461 *
462 * GNU ZRTP requires one mutex to synchronize its
463 * processing. Because mutex implementations depend on the
464 * underlying infrastructure, for example operating system or
465 * thread implementation, GNU ZRTP delegates mutex handling to the
466 * specific part of its implementation.
467 *
468 * @param ctx
469 * Pointer to the opaque ZrtpContext structure.
470 */
471 void (*zrtp_synchEnter)(ZrtpContext* ctx) ;
472
473 /**
474 * Leave synchronization mutex.
475 *
476 * @param ctx
477 * Pointer to the opaque ZrtpContext structure.
478 */
479 void (*zrtp_synchLeave)(ZrtpContext* ctx) ;
480
481 /**
482 * Inform about a PBX enrollment request.
483 *
484 * Please refer to chapter 8.3 ff to get more details about PBX
485 * enrollment and SAS relay.
486 *
487 * <b>Note:</b> PBX enrollement is not yet fully supported by GNU
488 * ZRTP.
489 *
490 * @param ctx
491 * Pointer to the opaque ZrtpContext structure.
492 * @param info Give some information to the user about the PBX
493 * requesting an enrollment.
494 */
495 void (*zrtp_zrtpAskEnrollment) (ZrtpContext* ctx, int32_t info) ;
496
497 /**
498 * Inform about PBX enrollment result.
499 *
500 * Informs the use about the acceptance or denial of an PBX enrollment
501 * request
502 *
503 * <b>Note:</b> PBX enrollement is not yet fully supported by GNU
504 * ZRTP.
505 *
506 * @param ctx
507 * Pointer to the opaque ZrtpContext structure.
508 * @param info Give some information to the user about the result
509 * of an enrollment.
510 */
511 void (*zrtp_zrtpInformEnrollment) (ZrtpContext* ctx, int32_t info ) ;
512
513 /**
514 * Request a SAS signature.
515 *
516 * After ZRTP was able to compute the Short Authentication String
517 * (SAS) it calls this method. The client may now use an
518 * approriate method to sign the SAS. The client may use
519 * ZrtpQueue#setSignatureData() to store the signature data and
520 * enable signature transmission to the other peer. Refer to
521 * chapter 8.2 of ZRTP specification.
522 *
523 * <b>Note:</b> SAS signing is not yet fully supported by GNU
524 * ZRTP.
525 *
526 * @param ctx
527 * Pointer to the opaque ZrtpContext structure.
528 * @param sas
529 * Pointer to the 32 byte SAS hash to sign.
530 *
531 */
532 void (*zrtp_signSAS)(ZrtpContext* ctx, uint8_t* sas) ;
533
534 /**
535 * ZRTPQueue calls this method to request a SAS signature check.
536 *
537 * After ZRTP received a SAS signature in one of the Confirm packets it
538 * call this method. The client may use <code>getSignatureLength()</code>
539 * and <code>getSignatureData()</code>of ZrtpQueue to get the signature
540 * data and perform the signature check. Refer to chapter 8.2 of ZRTP
541 * specification.
542 *
543 * If the signature check fails the client may return false to ZRTP. In
544 * this case ZRTP signals an error to the other peer and terminates
545 * the ZRTP handshake.
546 *
547 * <b>Note:</b> SAS signing is not yet fully supported by GNU
548 * ZRTP.
549 *
550 * @param ctx
551 * Pointer to the opaque ZrtpContext structure.
552 * @param sas
553 * Pointer to the 32 byte SAS hash that was signed by the other peer.
554 * @return
555 * true if the signature was ok, false otherwise.
556 *
557 */
558 int32_t (*zrtp_checkSASSignature) (ZrtpContext* ctx, uint8_t* sas ) ;
559 } zrtp_Callbacks;
560
561 /**
562 * Create the GNU ZRTP C wrapper.
563 *
564 * This wrapper implements the C interface to the C++ based GNU ZRTP.
565 * @returns
566 * Pointer to the ZrtpContext
567 */
Alexandre Lisionddd731e2014-01-31 11:50:08 -0500[diff] [blame^]568 ZrtpContext* zrtp_CreateWrapper();
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]569
570 /**
571 * Initialize the ZRTP protocol engine.
572 *
573 * This method initialized the GNU ZRTP protocol engine. An application
574 * calls this method to actually create the ZRTP protocol engine and
575 * initialize its configuration data. This method does not start the
576 * protocol engine.
577 *
578 * If an application requires a specific algorithm configuration then it
579 * must set the algorithm configuration data before it initializes the
580 * ZRTP protocol engine.
581 *
582 * @param zrtpContext
583 * Pointer to the opaque ZrtpContext structure.
584 * @param cb
585 * The callback structure that holds the addresses of the callback
586 * methods.
587 * @param id
588 * A C string that holds the ZRTP client id, only the first 16 chars
589 * are used.
590 * @param zidFilename
591 * The name of the ZID file. This file holds some parameters and
592 * other data like additional shared secrets.
593 * @param userData
594 * A pointer to user data. The wrapper just stores this pointer in
595 * the ZrtpContext and the application may use it for its purposes.
596 * @param mitmMode
597 * A trusted Mitm (PBX) must set this to true. The ZRTP engine sets
598 * the M Flag in the Hello packet to announce a trusted MitM.
599 * @returns
600 * Pointer to the ZrtpContext
601 *
602 * @see zrtp_InitializeConfig
603 */
604 void zrtp_initializeZrtpEngine(ZrtpContext* zrtpContext,
605 zrtp_Callbacks *cb,
606 const char* id,
607 const char* zidFilename,
608 void* userData,
609 int32_t mitmMode);
610
611 /**
612 * Destroy the ZRTP wrapper and its underlying objects.
613 */
614 void zrtp_DestroyWrapper (ZrtpContext* zrtpContext);
615
616 /**
617 * Computes the ZRTP checksum over a received ZRTP packet buffer and
618 * compares the result with received checksum.
619 *
620 * @param buffer
621 * Pointer to ZRTP packet buffer
622 * @param length
623 * Length of the packet buffer excluding received CRC data
624 * @param crc
625 * The received CRC data.
626 * @returns
627 * True if CRC matches, false otherwise.
628 */
629 int32_t zrtp_CheckCksum(uint8_t* buffer, uint16_t length, uint32_t crc);
630
631 /**
632 * Computes the ZRTP checksum over a newly created ZRTP packet buffer.
633 *
634 * @param buffer
635 * Pointer to the created ZRTP packet buffer
636 * @param length
637 * Length of the packet buffer
638 * @returns
639 * The computed CRC.
640 */
641 uint32_t zrtp_GenerateCksum(uint8_t* buffer, uint16_t length);
642
643 /**
644 * Prepares the ZRTP checksum for appending to ZRTP packet.
645 * @param crc
646 * The computed CRC data.
647 * @returns
648 * Prepared CRC data in host order
649 */
650 uint32_t zrtp_EndCksum(uint32_t crc);
651
652 /**
653 * Kick off the ZRTP protocol engine.
654 *
655 * This method calls the ZrtpStateClass#evInitial() state of the state
656 * engine. After this call we are able to process ZRTP packets
657 * from our peer and to process them.
658 *
659 * <b>NOTE: application shall never call this method directly but use the
660 * appropriate method provided by the RTP implementation. </b>
661 *
662 * @param zrtpContext
663 * Pointer to the opaque ZrtpContext structure.
664 */
665 void zrtp_startZrtpEngine(ZrtpContext* zrtpContext);
666
667 /**
668 * Stop ZRTP security.
669 *
670 * <b>NOTE: An application shall never call this method directly but use the
671 * appropriate method provided by the RTP implementation. </b>
672 *
673 * @param zrtpContext
674 * Pointer to the opaque ZrtpContext structure.
675 */
676 void zrtp_stopZrtpEngine(ZrtpContext* zrtpContext);
677
678 /**
679 * Process RTP extension header.
680 *
681 * This method expects to get a pointer to the message part of
682 * a ZRTP packet.
683 *
684 * <b>NOTE: An application shall never call this method directly. Only
685 * the module that implements the RTP binding shall use this method</b>
686 *
687 * @param zrtpContext
688 * Pointer to the opaque ZrtpContext structure.
689 * @param extHeader
690 * A pointer to the first byte of the ZRTP message part.
691 * @param peerSSRC
692 * The peer's SSRC.
Alexandre Lision7fd5d3d2013-12-04 13:06:40 -0500[diff] [blame]693 * @param length of the received data packet - used to do santity checks.
694 *
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]695 * @return
696 * Code indicating further packet handling, see description above.
697 */
Alexandre Lision7fd5d3d2013-12-04 13:06:40 -0500[diff] [blame]698 void zrtp_processZrtpMessage(ZrtpContext* zrtpContext, uint8_t *extHeader, uint32_t peerSSRC, size_t length);
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]699
700 /**
701 * Process a timeout event.
702 *
703 * We got a timeout from the timeout provider. Forward it to the
704 * protocol state engine.
705 *
706 * <b>NOTE: application shall never call this method directly. Only
707 * the module that implements the RTP binding shall use this method</b>
708 *
709 * @param zrtpContext
710 * Pointer to the opaque ZrtpContext structure.
711 */
712 void zrtp_processTimeout(ZrtpContext* zrtpContext);
713
714 /*
715 * Check for and handle GoClear ZRTP packet header.
716 *
717 * This method checks if this is a GoClear packet. If not, just return
718 * false. Otherwise handle it according to the specification.
719 *
720 * @param zrtpContext
721 * Pointer to the opaque ZrtpContext structure.
722 * @param extHeader
723 * A pointer to the first byte of the extension header. Refer to
724 * RFC3550.
725 * @return
726 * False if not a GoClear, true otherwise.
727 *
728 int32_t zrtp_handleGoClear(ZrtpContext* zrtpContext, uint8_t *extHeader);
729 */
730
731 /**
732 * Set the auxilliary secret.
733 *
734 * Use this method to set the auxilliary secret data. Refer to ZRTP
735 * specification, chapter 4.3 ff
736 *
737 * @param zrtpContext
738 * Pointer to the opaque ZrtpContext structure.
739 * @param data
740 * Points to the secret data.
741 * @param length
742 * Length of the auxilliary secrect in bytes
743 */
744 void zrtp_setAuxSecret(ZrtpContext* zrtpContext, uint8_t* data, int32_t length);
745
746 /**
747 * Check current state of the ZRTP state engine
748 *
749 * <b>NOTE: application usually don't call this method. Only
750 * the m-odule that implements the RTP binding shall use this method</b>
751 *
752 * @param zrtpContext
753 * Pointer to the opaque ZrtpContext structure.
754 * @param state
755 * The state to check.
756 * @return
757 * Returns true if ZRTP engine is in the given state, false otherwise.
758 */
759 int32_t zrtp_inState(ZrtpContext* zrtpContext, int32_t state);
760
761 /**
762 * Set SAS as verified.
763 *
764 * Call this method if the user confirmed (verfied) the SAS. ZRTP
765 * remembers this together with the retained secrets data.
766 *
767 * @param zrtpContext
768 * Pointer to the opaque ZrtpContext structure.
769 */
770 void zrtp_SASVerified(ZrtpContext* zrtpContext);
771
772 /**
773 * Reset the SAS verfied flag for the current active user's retained secrets.
774 *
775 * @param zrtpContext
776 * Pointer to the opaque ZrtpContext structure.
777 */
778 void zrtp_resetSASVerified(ZrtpContext* zrtpContext);
779
780 /**
781 * Get the ZRTP Hello Hash data.
782 *
783 * Use this method to get the ZRTP Hello Hash data. The method
784 * returns the data as a string containing the ZRTP protocol version and
Alexandre Lisionddd731e2014-01-31 11:50:08 -0500[diff] [blame^]785 * hex-digits. Refer to ZRTP specification, chapter 8.
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]786 *
Alexandre Lisionddd731e2014-01-31 11:50:08 -0500[diff] [blame^]787 * <b>NOTE: An application may call this method if it needs this information.
788 * Usually it is not necessary.</b>
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]789 *
790 * @param zrtpContext
791 * Pointer to the opaque ZrtpContext structure.
792 * @return
Alexandre Lisionddd731e2014-01-31 11:50:08 -0500[diff] [blame^]793 * a pointer to a C-string that contains the Hello hash value as
794 * hex-digits. The hello hash is available immediately after
795 * @c zrtp_CreateWrapper .
796 * The caller must @c free() if it does not use the
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]797 * hello hash C-string anymore.
798 */
Alexandre Lisionddd731e2014-01-31 11:50:08 -0500[diff] [blame^]799 char* zrtp_getHelloHash(ZrtpContext* zrtpContext);
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]800
801 /**
802 * Get the peer's ZRTP Hello Hash data.
803 *
804 * Use this method to get the peer's ZRTP Hello Hash data. The method
805 * returns the data as a string containing the ZRTP protocol version and
806 * hex-digits.
807 *
808 * The peer's hello hash is available only after ZRTP received a hello. If
809 * no data is available the function returns an empty string.
810 *
811 * Refer to ZRTP specification, chapter 8.
812 *
813 * @return
814 * a std:string containing the Hello version and the hello hash as hex digits.
815 */
816 char* zrtp_getPeerHelloHash(ZrtpContext* zrtpContext);
817
818 /**
819 * Get Multi-stream parameters.
820 *
821 * Use this method to get the Multi-stream parameters that were computed
822 * during the ZRTP handshake. An application may use these parameters to
823 * enable multi-stream processing for an associated SRTP session.
824 *
825 * The application must not modify the contents of returned char array, it
826 * is opaque data. The application may hand over this string to a new ZRTP
827 * instance to enable multi-stream processing for this new session.
828 *
829 * Refer to chapter 4.4.2 in the ZRTP specification for further details
830 * and restriction how and when to use multi-stream mode.
831 *
832 * @param zrtpContext
833 * Pointer to the opaque ZrtpContext structure.
834 * @param length
835 * Pointer to an integer that receives the length of the char array
836 * @return
837 * a char array that contains the multi-stream parameters.
838 * If ZRTP was not started or ZRTP is not yet in secure state the method
839 * returns NULL and a length of 0.
840 */
841 char* zrtp_getMultiStrParams(ZrtpContext* zrtpContext, int32_t *length);
842
843 /**
844 * Set Multi-stream parameters.
845 *
846 * Use this method to set the parameters required to enable Multi-stream
847 * processing of ZRTP. The multi-stream parameters must be set before the
848 * application starts the ZRTP protocol engine.
849 *
850 * Refer to chapter 4.4.2 in the ZRTP specification for further details
851 * of multi-stream mode.
852 *
853 * @param zrtpContext
854 * Pointer to the opaque ZrtpContext structure.
855 * @param length
856 * The integer that contains the length of the char array
857 * @param parameters
858 * A char array that contains the multi-stream parameters that this
859 * new ZRTP instance shall use. See also
860 * <code>getMultiStrParams()</code>
861 */
862 void zrtp_setMultiStrParams(ZrtpContext* zrtpContext, char* parameters, int32_t length);
863
864 /**
865 * Check if this ZRTP session is a Multi-stream session.
866 *
867 * Use this method to check if this ZRTP instance uses multi-stream.
868 * Refer to chapters 4.2 and 4.4.2 in the ZRTP.
869 *
870 * @param zrtpContext
871 * Pointer to the opaque ZrtpContext structure.
872 * @return
873 * True if multi-stream is used, false otherwise.
874 */
875 int32_t zrtp_isMultiStream(ZrtpContext* zrtpContext);
876
877 /**
878 * Check if the other ZRTP client supports Multi-stream.
879 *
880 * Use this method to check if the other ZRTP client supports
881 * Multi-stream mode.
882 *
883 * @param zrtpContext
884 * Pointer to the opaque ZrtpContext structure.
885 * @return
886 * True if multi-stream is available, false otherwise.
887 */
888 int32_t zrtp_isMultiStreamAvailable(ZrtpContext* zrtpContext);
889
890 /**
891 * Accept a PBX enrollment request.
892 *
893 * If a PBX service asks to enroll the PBX trusted MitM key and the user
894 * accepts this request, for example by pressing an OK button, the client
895 * application shall call this method and set the parameter
896 * <code>accepted</code> to true. If the user does not accept the request
897 * set the parameter to false.
898 *
899 * @param zrtpContext
900 * Pointer to the opaque ZrtpContext structure.
901 * @param accepted
902 * True if the enrollment request is accepted, false otherwise.
903 */
904 void zrtp_acceptEnrollment(ZrtpContext* zrtpContext, int32_t accepted);
905
906 /**
907 * Check the state of the enrollment mode.
908 *
909 * If true then we will set the enrollment flag (E) in the confirm
910 * packets and performs the enrollment actions. A MitM (PBX) enrollment service
911 * started this ZRTP session. Can be set to true only if mitmMode is also true.
912 *
913 * @param zrtpContext
914 * Pointer to the opaque ZrtpContext structure.
915 * @return status of the enrollmentMode flag.
916 */
917 int32_t zrtp_isEnrollmentMode(ZrtpContext* zrtpContext);
918
919 /**
920 * Check the state of the enrollment mode.
921 *
922 * If true then we will set the enrollment flag (E) in the confirm
923 * packets and perform the enrollment actions. A MitM (PBX) enrollment
924 * service must sets this mode to true.
925 *
926 * Can be set to true only if mitmMode is also true.
927 *
928 * @param zrtpContext
929 * Pointer to the opaque ZrtpContext structure.
930 * @param enrollmentMode defines the new state of the enrollmentMode flag
931 */
932 void zrtp_setEnrollmentMode(ZrtpContext* zrtpContext, int32_t enrollmentMode);
933
934 /**
935 * Check if a peer's cache entry has a vaild MitM key.
936 *
937 * If true then the other peer ha a valid MtiM key, i.e. the peer has performed
938 * the enrollment procedure. A PBX ZRTP Back-2-Back application can use this function
939 * to check which of the peers is enrolled.
940 *
941 * @return True if the other peer has a valid Mitm key (is enrolled).
942 */
943 int32_t isPeerEnrolled(ZrtpContext* zrtpContext);
944
945 /**
946 * Send the SAS relay packet.
947 *
948 * The method creates and sends a SAS relay packet according to the ZRTP
949 * specifications. Usually only a MitM capable user agent (PBX) uses this
950 * function.
951 *
952 * @param zrtpContext
953 * Pointer to the opaque ZrtpContext structure.
954 * @param sh the full SAS hash value
955 * @param render the SAS rendering algorithm
956 */
957 int32_t zrtp_sendSASRelayPacket(ZrtpContext* zrtpContext, uint8_t* sh, char* render);
958
959 /**
960 * Get the commited SAS rendering algorithm for this ZRTP session.
961 *
962 * @param zrtpContext
963 * Pointer to the opaque ZrtpContext structure.
964 * @return the commited SAS rendering algorithm
965 */
966 const char* zrtp_getSasType(ZrtpContext* zrtpContext);
967
968 /**
969 * Get the computed SAS hash for this ZRTP session.
970 *
971 * A PBX ZRTP back-to-Back function uses this function to get the SAS
972 * hash of an enrolled client to construct the SAS relay packet for
973 * the other client.
974 *
975 * @param zrtpContext
976 * Pointer to the opaque ZrtpContext structure.
977 * @return a pointer to the byte array that contains the full
978 * SAS hash.
979 */
980 uint8_t* zrtp_getSasHash(ZrtpContext* zrtpContext);
981
982 /**
983 * Set signature data
984 *
985 * This functions stores signature data and transmitts it during ZRTP
986 * processing to the other party as part of the Confirm packets. Refer to
987 * chapters 5.7 and 7.2.
988 *
989 * The signature data must be set before ZRTP the application calls
990 * <code>start()</code>.
991 *
992 * @param zrtpContext
993 * Pointer to the opaque ZrtpContext structure.
994 * @param data
995 * The signature data including the signature type block. The method
996 * copies this data into the Confirm packet at signature type block.
997 * @param length
998 * The length of the signature data in bytes. This length must be
999 * multiple of 4.
1000 * @return
1001 * True if the method stored the data, false otherwise.
1002 */
1003 int32_t zrtp_setSignatureData(ZrtpContext* zrtpContext, uint8_t* data, int32_t length);
1004
1005 /**
1006 * Get signature data
1007 *
1008 * This functions returns signature data that was receivied during ZRTP
1009 * processing. Refer to chapters 5.7 and 7.2.
1010 *
1011 * The signature data can be retrieved after ZRTP enters secure state.
1012 * <code>start()</code>.
1013 *
1014 * @param zrtpContext
1015 * Pointer to the opaque ZrtpContext structure.
1016 * @return
1017 * Number of bytes copied into the data buffer
1018 */
1019 const uint8_t* zrtp_getSignatureData(ZrtpContext* zrtpContext);
1020
1021 /**
1022 * Get length of signature data
1023 *
1024 * This functions returns the length of signature data that was receivied
1025 * during ZRTP processing. Refer to chapters 5.7 and 7.2.
1026 *
1027 * @param zrtpContext
1028 * Pointer to the opaque ZrtpContext structure.
1029 * @return
1030 * Length in bytes of the received signature data. The method returns
1031 * zero if no signature data avilable.
1032 */
1033 int32_t zrtp_getSignatureLength(ZrtpContext* zrtpContext);
1034
1035 /**
1036 * Emulate a Conf2Ack packet.
1037 *
1038 * This method emulates a Conf2Ack packet. According to ZRTP specification
1039 * the first valid SRTP packet that the Initiator receives must switch
1040 * on secure mode. Refer to chapter 4 in the specificaton
1041 *
1042 * <b>NOTE: application shall never call this method directly. Only
1043 * the module that implements the RTP binding shall use this method</b>
1044 *
1045 * @param zrtpContext
1046 * Pointer to the opaque ZrtpContext structure.
1047 */
1048 void zrtp_conf2AckSecure(ZrtpContext* zrtpContext);
1049
1050 /**
1051 * Get other party's ZID (ZRTP Identifier) data
1052 *
1053 * This functions returns the other party's ZID that was receivied
1054 * during ZRTP processing.
1055 *
1056 * The ZID data can be retrieved after ZRTP receive the first Hello
1057 * packet from the other party. The application may call this method
1058 * for example during SAS processing in showSAS(...) user callback
1059 * method.
1060 *
1061 * @param zrtpContext
1062 * Pointer to the opaque ZrtpContext structure.
1063 * @param data
1064 * Pointer to a data buffer. This buffer must have a size of
1065 * at least 12 bytes (96 bit) (ZRTP Identifier, see chap. 4.9)
1066 * @return
1067 * Number of bytes copied into the data buffer - must be equivalent
1068 * to 12 bytes.
1069 */
1070 int32_t zrtp_getPeerZid(ZrtpContext* zrtpContext, uint8_t* data);
1071
1072
Alexandre Lisionddd731e2014-01-31 11:50:08 -0500[diff] [blame^]1073 /**
Alexandre Lision51140e12013-12-02 10:54:09 -0500[diff] [blame]1074 * This enumerations list all configurable algorithm types.
1075 */
1076
1077 /* Keep in synch with enumeration in ZrtpConfigure.h */
1078
1079 typedef enum zrtp_AlgoTypes {
1080 zrtp_HashAlgorithm = 1, zrtp_CipherAlgorithm, zrtp_PubKeyAlgorithm, zrtp_SasType, zrtp_AuthLength
1081 } Zrtp_AlgoTypes;
1082
1083 /**
1084 * Initialize the GNU ZRTP Configure data.
1085 *
1086 * Initializing and setting a ZRTP configuration is optional. GNU ZRTP
1087 * uses a sensible default if an application does not define its own
1088 * ZRTP configuration.
1089 *
1090 * If an application initialize th configure data it must set the
1091 * configuration data.
1092 *
1093 * The ZRTP specification, chapters 5.1.2 through 5.1.6 defines the
1094 * algorithm names and their meaning.
1095 *
1096 * The current ZRTP implementation implements all mandatory algorithms
1097 * plus a set of the optional algorithms. An application shall use
1098 * @c zrtp_getAlgorithmNames to get the names of the available algorithms.
1099 *
1100 * @param zrtpContext
1101 * Pointer to the opaque ZrtpContext structure.
1102 * @returns
1103 * Pointer to the ZrtpConfCtx
1104 *
1105 * @see zrtp_getAlgorithmNames
1106 */
1107 int32_t zrtp_InitializeConfig (ZrtpContext* zrtpContext);
1108
1109 /**
1110 * Get names of all available algorithmes of a given algorithm type.
1111 *
1112 * The algorithm names are as specified in the ZRTP specification, chapters
1113 * 5.1.2 through 5.1.6 .
1114 *
1115 * @param zrtpContext
1116 * Pointer to the opaque ZrtpContext structure.
1117 * @param type
1118 * The algorithm type.
1119 * @returns
1120 * A NULL terminated array of character pointers.
1121 */
1122 char** zrtp_getAlgorithmNames(ZrtpContext* zrtpContext, Zrtp_AlgoTypes type);
1123
1124 /**
1125 * Free storage used to store the algorithm names.
1126 *
1127 * If an application does not longer require the algoritm names it should
1128 * free the space.
1129 *
1130 * @param names
1131 * The NULL terminated array of character pointers.
1132 */
1133 void zrtp_freeAlgorithmNames(char** names);
1134
1135 /**
1136 * Convenience function that sets a pre-defined standard configuration.
1137 *
1138 * The standard configuration consists of the following algorithms:
1139 * <ul>
1140 * <li> Hash: SHA256 </li>
1141 * <li> Symmetric Cipher: AES 128, AES 256 </li>
1142 * <li> Public Key Algorithm: DH2048, DH3027, MultiStream </li>
1143 * <li> SAS type: libase 32 </li>
1144 * <li> SRTP Authentication lengths: 32, 80 </li>
1145 *</ul>
1146 *
1147 * @param zrtpContext
1148 * Pointer to the opaque ZrtpContext structure.
1149 */
1150 void zrtp_setStandardConfig(ZrtpContext* zrtpContext);
1151
1152 /**
1153 * Convenience function that sets the mandatory algorithms only.
1154 *
1155 * Mandatory algorithms are:
1156 * <ul>
1157 * <li> Hash: SHA256 </li>
1158 * <li> Symmetric Cipher: AES 128 </li>
1159 * <li> Public Key Algorithm: DH3027, MultiStream </li>
1160 * <li> SAS type: libase 32 </li>
1161 * <li> SRTP Authentication lengths: 32, 80 </li>
1162 *</ul>
1163 *
1164 * @param zrtpContext
1165 * Pointer to the opaque ZrtpContext structure.
1166 */
1167 void zrtp_setMandatoryOnly(ZrtpContext* zrtpContext);
1168
1169 /**
1170 * Clear all configuration data.
1171 *
1172 * The functions clears all configuration data.
1173 *
1174 * @param zrtpContext
1175 * Pointer to the opaque ZrtpContext structure.
1176 */
1177 void zrtp_confClear(ZrtpContext* zrtpContext);
1178
1179 /**
1180 * Add an algorithm to configuration data.
1181 *
1182 * Adds the specified algorithm to the configuration data.
1183 * If no free configuration data slot is available the
1184 * function does not add the algorithm and returns -1. The
1185 * methods appends the algorithm to the existing algorithms.
1186 *
1187 * @param zrtpContext
1188 * Pointer to the opaque ZrtpContext structure.
1189 * @param algoType
1190 * Specifies which algorithm type to select
1191 * @param algo
1192 * The name of the algorithm to add.
1193 * @return
1194 * Number of free configuration data slots or -1 on error
1195 */
1196 int32_t zrtp_addAlgo(ZrtpContext* zrtpContext, Zrtp_AlgoTypes algoType, const char* algo);
1197
1198 /**
1199 * Add an algorithm to configuration data at given index
1200 *
1201 * Adds the specified algorithm to the configuration data vector
1202 * at a given index. If the index is larger than the actual size
1203 * of the configuration vector the method just appends the algorithm.
1204 *
1205 * @param zrtpContext
1206 * Pointer to the opaque ZrtpContext structure.
1207 * @param algoType
1208 * Specifies which algorithm type to select
1209 * @param algo
1210 * The name of the algorithm to add.
1211 * @param index
1212 * The index where to add the algorihm
1213 * @return
1214 * Number of free configuration data slots or -1 on error
1215 */
1216 int32_t zrtp_addAlgoAt(ZrtpContext* zrtpContext, Zrtp_AlgoTypes algoType, const char* algo, int32_t index);
1217
1218 /**
1219 * Remove a algorithm from configuration data.
1220 *
1221 * Removes the specified algorithm from configuration data. If
1222 * the algorithm was not configured previously the function does
1223 * not modify the configuration data and returns the number of
1224 * free configuration data slots.
1225 *
1226 * If an application removes all algorithms then ZRTP does not
1227 * include any algorithm into the hello message and falls back
1228 * to a predefined mandatory algorithm.
1229 *
1230 * @param zrtpContext
1231 * Pointer to the opaque ZrtpContext structure.
1232 * @param algoType
1233 * Specifies which algorithm type to select
1234 * @param algo
1235 * The name of the algorithm to remove.
1236 * @return
1237 * Number of free configuration slots.
1238 */
1239 int32_t zrtp_removeAlgo(ZrtpContext* zrtpContext, Zrtp_AlgoTypes algoType, const char* algo);
1240
1241 /**
1242 * Returns the number of configured algorithms.
1243 *
1244 * @param zrtpContext
1245 * Pointer to the opaque ZrtpContext structure.
1246 * @param algoType
1247 * Specifies which algorithm type to select
1248 * @return
1249 * The number of configured algorithms (used configuration
1250 * data slots)
1251 */
1252 int32_t zrtp_getNumConfiguredAlgos(ZrtpContext* zrtpContext, Zrtp_AlgoTypes algoType);
1253
1254 /**
1255 * Returns the identifier of the algorithm at index.
1256 *
1257 * @param zrtpContext
1258 * Pointer to the opaque ZrtpContext structure.
1259 * @param algoType
1260 * Specifies which algorithm type to select
1261 * @param index
1262 * The index in the list of the algorihm type
1263 * @return
1264 * A pointer to the algorithm name. If the index
1265 * does not point to a configured slot then the function
1266 * returns NULL.
1267 *
1268 */
1269 const char* zrtp_getAlgoAt(ZrtpContext* zrtpContext, Zrtp_AlgoTypes algoType, int32_t index);
1270
1271 /**
1272 * Checks if the configuration data of the algorihm type already contains
1273 * a specific algorithms.
1274 *
1275 * @param zrtpContext
1276 * Pointer to the opaque ZrtpContext structure.
1277 * @param algoType
1278 * Specifies which algorithm type to select
1279 * @param algo
1280 * The name of the algorithm to check
1281 * @return
1282 * True if the algorithm was found, false otherwise.
1283 *
1284 */
1285 int32_t zrtp_containsAlgo(ZrtpContext* zrtpContext, Zrtp_AlgoTypes algoType, const char* algo);
1286
1287 /**
1288 * Enables or disables trusted MitM processing.
1289 *
1290 * For further details of trusted MitM processing refer to ZRTP
1291 * specification, chapter 7.3
1292 *
1293 * @param zrtpContext
1294 * Pointer to the opaque ZrtpContext structure.
1295 * @param yesNo
1296 * If set to true then trusted MitM processing is enabled.
1297 */
1298 void zrtp_setTrustedMitM(ZrtpContext* zrtpContext, int32_t yesNo);
1299
1300 /**
1301 * Check status of trusted MitM processing.
1302 *
1303 * @param zrtpContext
1304 * Pointer to the opaque ZrtpContext structure.
1305 * @return
1306 * Returns true if trusted MitM processing is enabled.
1307 */
1308 int32_t zrtp_isTrustedMitM(ZrtpContext* zrtpContext);
1309
1310 /**
1311 * Enables or disables SAS signature processing.
1312 *
1313 * For further details of trusted MitM processing refer to ZRTP
1314 * specification, chapter 7.2
1315 *
1316 * @param zrtpContext
1317 * Pointer to the opaque ZrtpContext structure.
1318 * @param yesNo
1319 * If true then certificate processing is enabled.
1320 */
1321 void zrtp_setSasSignature(ZrtpContext* zrtpContext, int32_t yesNo);
1322
1323 /**
1324 * Check status of SAS signature processing.
1325 *
1326 * @param zrtpContext
1327 * Pointer to the opaque ZrtpContext structure.
1328 * @return
1329 * Returns true if certificate processing is enabled.
1330 */
1331 int32_t zrtp_isSasSignature(ZrtpContext* zrtpContext);
1332
1333#ifdef __cplusplus
1334}
1335#pragma GCC visibility pop
1336#endif
1337
1338/**
1339 * @}
1340 */
1341#endif