Source Jam - libzrtpcpp-1.0.0

00001 /*
00002   Copyright (C) 2006-2007 Werner Dittmann
00003 
00004   This program is free software: you can redistribute it and/or modify
00005   it under the terms of the GNU General Public License as published by
00006   the Free Software Foundation, either version 3 of the License, or
00007   (at your option) any later version.
00008 
00009   This program is distributed in the hope that it will be useful,
00010   but WITHOUT ANY WARRANTY; without even the implied warranty of
00011   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00012   GNU General Public License for more details.
00013 
00014   You should have received a copy of the GNU General Public License
00015   along with this program.  If not, see <http://www.gnu.org/licenses/>.
00016 */
00017 
00018 #ifndef _ZRTP_H_
00019 #define _ZRTP_H_
00020 
00021 #include <cstdlib>
00022 
00023 #include <libzrtpcpp/ZrtpPacketHello.h>
00024 #include <libzrtpcpp/ZrtpPacketHelloAck.h>
00025 #include <libzrtpcpp/ZrtpPacketCommit.h>
00026 #include <libzrtpcpp/ZrtpPacketDHPart.h>
00027 #include <libzrtpcpp/ZrtpPacketConfirm.h>
00028 #include <libzrtpcpp/ZrtpPacketConf2Ack.h>
00029 #include <libzrtpcpp/ZrtpPacketGoClear.h>
00030 #include <libzrtpcpp/ZrtpPacketClearAck.h>
00031 #include <libzrtpcpp/ZrtpPacketError.h>
00032 #include <libzrtpcpp/ZrtpPacketErrorAck.h>
00033 #include <libzrtpcpp/ZrtpCallback.h>
00034 #include <libzrtpcpp/ZIDRecord.h>
00035 
00036 #ifndef SHA256_DIGEST_LENGTH
00037 #define SHA256_DIGEST_LENGTH 32
00038 #endif
00039 
00040 
00041 // The ZRTP error codes accroding the specification chapter 6.9
00042 enum zrtpErrorCodes {
00043     MalformedPacket =   0x10,
00044     CriticalSWError =   0x20,
00045     UnsuppZRTPVersion = 0x30,
00046     HelloCompMismatch = 0x40,
00047     UnsuppHashType =    0x51,
00048     UnsuppCiphertype =  0x52,
00049     UnsuppPKExchange =  0x53,
00050     UnsuppSRTPAuthTag = 0x54,
00051     UnsuppSASScheme =   0x55,
00052     DHErrorWrongPV =    0x61,
00053     DHErrorWrongHVI =   0x62,
00054     ConfirmHMACWrong =  0x70,
00055     NonceReused =       0x80,
00056     EqualZIDHello =     0x90
00057 };
00058 
00059 class ZrtpStateClass;
00060 class ZrtpDH;
00061 
00086 class ZRtp {
00087 
00088     public:
00089 
00094         ZRtp(uint8_t* myZid, ZrtpCallback* cb);
00095 
00099         ~ZRtp();
00100 
00108         void startZrtpEngine();
00109 
00114         void stopZrtp();
00115 
00134         int32_t processZrtpMessage(uint8_t *extHeader);
00135 
00143         int32_t processTimeout();
00144 
00157         bool handleGoClear(uint8_t *extHeader);
00158 
00169         void setSigsSecret(uint8_t* data);
00170 
00181         void setSrtpsSecret(uint8_t* data);
00182 
00194         void setOtherSecret(uint8_t* data, int32_t length);
00195 
00207        void setClientId(std::string id);
00208 
00217        int32_t checkState(int32_t state);
00218 
00225        void SASVerified();
00226 
00231        void resetSASVerified();
00232 
00233  private:
00234      friend class ZrtpStateClass;
00235 
00239     ZrtpStateClass* stateEngine;
00240 
00244     uint8_t zid[12];
00245 
00249     uint8_t peerZid[12];
00250 
00255     ZrtpCallback* callback;
00256 
00260     ZrtpDH* dhContext;
00261 
00265     uint8_t* DHss;
00266 
00270     uint8_t pubKeyBytes[1024];
00274     int32_t pubKeyLen;
00278     Role myRole;
00279 
00283     std::string SAS;
00284 
00288     uint8_t sasValue[8];
00292     uint8_t rs1IDr[SHA256_DIGEST_LENGTH];
00293     uint8_t rs2IDr[SHA256_DIGEST_LENGTH];
00294     uint8_t sigsIDr[SHA256_DIGEST_LENGTH];
00295     uint8_t srtpsIDr[SHA256_DIGEST_LENGTH];
00296     uint8_t otherSecretIDr[SHA256_DIGEST_LENGTH];
00297 
00298     uint8_t rs1IDi[SHA256_DIGEST_LENGTH];
00299     uint8_t rs2IDi[SHA256_DIGEST_LENGTH];
00300     uint8_t sigsIDi[SHA256_DIGEST_LENGTH];
00301     uint8_t srtpsIDi[SHA256_DIGEST_LENGTH];
00302     uint8_t otherSecretIDi[SHA256_DIGEST_LENGTH];
00306     uint8_t hvi[SHA256_DIGEST_LENGTH];
00307 
00311     uint8_t peerHvi[SHA256_DIGEST_LENGTH];
00312 
00313     void* msgShaContext;
00317     SupportedHashes hash;
00318     SupportedSymCiphers cipher;
00319     SupportedPubKeys pubKey;
00323     SupportedSASTypes sasType;
00324 
00328     SupportedAuthLengths authLength;
00332     uint8_t messageHash[SHA256_DIGEST_LENGTH];
00336     uint8_t s0[SHA256_DIGEST_LENGTH];
00337 
00341     uint8_t newRs1[RS_LENGTH];
00342 
00346     uint8_t hmacKeyI[SHA256_DIGEST_LENGTH];
00347     uint8_t hmacKeyR[SHA256_DIGEST_LENGTH];
00348 
00352     uint8_t srtpKeyI[SHA256_DIGEST_LENGTH];
00353     uint8_t srtpSaltI[SHA256_DIGEST_LENGTH];
00354 
00358     uint8_t srtpKeyR[SHA256_DIGEST_LENGTH];
00359     uint8_t srtpSaltR[SHA256_DIGEST_LENGTH];
00360 
00364     uint8_t zrtpKeyI[SHA256_DIGEST_LENGTH];
00365     uint8_t zrtpKeyR[SHA256_DIGEST_LENGTH];
00366 
00370     ZrtpPacketHello    zrtpHello;
00371     ZrtpPacketHelloAck zrtpHelloAck;
00372     ZrtpPacketConf2Ack zrtpConf2Ack;
00373     ZrtpPacketClearAck zrtpClearAck;
00374     ZrtpPacketGoClear  zrtpGoClear;
00375     ZrtpPacketError    zrtpError;
00376     ZrtpPacketErrorAck zrtpErrorAck;
00377 
00381     ZrtpPacketDHPart* zpDH2;
00382 
00386     uint8_t randomIV[16];
00400     SupportedHashes findBestHash(ZrtpPacketHello *hello);
00401 
00415     SupportedSymCiphers findBestCipher(ZrtpPacketHello *hello);
00416 
00430     SupportedPubKeys findBestPubkey(ZrtpPacketHello *hello);
00431 
00445     SupportedSASTypes findBestSASType(ZrtpPacketHello *hello);
00446 
00460     SupportedAuthLengths findBestAuthLen(ZrtpPacketHello *hello);
00461 
00465     void computeHvi(ZrtpPacketDHPart* dh, ZrtpPacketHello *hello);
00466 
00467     void computeSharedSecretSet(ZIDRecord& zidRec);
00468 
00469     void computeSRTPKeys();
00470 
00471     void generateS0Initiator(ZrtpPacketDHPart *dhPart, ZIDRecord& zidRec);
00472 
00473     void generateS0Responder(ZrtpPacketDHPart *dhPart, ZIDRecord& zidRec);
00474 
00475     /*
00476      * The following methods are helper functions for ZrtpStateClass.
00477      * ZrtpStateClass calls them to prepare packets, send data, report
00478      * problems, etc.
00479      */
00491     int32_t sendPacketZRTP(ZrtpPacketBase *packet);
00492 
00514     int32_t activateTimer(int32_t tm) {return (callback->activateTimer(tm)); }
00515 
00522     int32_t cancelTimer() {return (callback->cancelTimer()); }
00523 
00533     ZrtpPacketHello *prepareHello() {return &zrtpHello; }
00534 
00544     ZrtpPacketHelloAck *prepareHelloAck() {
00545         return &zrtpHelloAck;
00546     }
00547 
00561     ZrtpPacketCommit *prepareCommit(ZrtpPacketHello *hello, uint32_t* errMsg);
00562 
00575     ZrtpPacketDHPart *prepareDHPart1(ZrtpPacketCommit *commit, uint32_t* errMsg);
00576 
00586     ZrtpPacketDHPart *prepareDHPart2(ZrtpPacketDHPart* dhPart1, uint32_t* errMsg);
00587 
00596     ZrtpPacketConfirm *prepareConfirm1(ZrtpPacketDHPart* dhPart2, uint32_t* errMsg);
00597 
00605     ZrtpPacketConfirm* prepareConfirm2(ZrtpPacketConfirm* confirm1, uint32_t* errMsg);
00606 
00614     ZrtpPacketConf2Ack* prepareConf2Ack(ZrtpPacketConfirm* confirm2, uint32_t* errMsg);
00615 
00622     ZrtpPacketErrorAck* prepareErrorAck(ZrtpPacketError* epkt);
00623 
00630     ZrtpPacketError* prepareError(uint32_t errMsg);
00631 
00644     ZrtpPacketClearAck* prepareClearAck(ZrtpPacketGoClear* gpkt);
00645 
00656     ZrtpPacketGoClear* prepareGoClear(uint32_t errMsg = 0);
00657 
00674     int32_t compareHvi(ZrtpPacketCommit *commit) {
00675         return (memcmp(hvi, commit->getHvi(), SHA256_DIGEST_LENGTH)); };
00676 
00690     void sendInfo(MessageSeverity severity, char* msg) {
00691         callback->sendInfo(severity, msg);
00692     }
00693 
00705     void zrtpNegotiationFailed(MessageSeverity severity, char* msg) {
00706         callback->zrtpNegotiationFailed(severity, msg);
00707     }
00708 
00716     void zrtpNotSuppOther() {
00717         callback->zrtpNotSuppOther();
00718     }
00719 
00732     bool srtpSecretsReady(EnableSecurity part);
00733 
00743     void srtpSecretsOff(EnableSecurity part);
00744 };
00745 
00746 #endif // ZRTP
00747
ZRtp.h
