TimeoutProvider.h   TimeoutProvider.h 
skipping to change at line 172 skipping to change at line 172
/** /**
* Terminates the Timeout provider thread. * Terminates the Timeout provider thread.
*/ */
void stopThread(){ void stopThread(){
stop = true; stop = true;
signal(); // signal event to waiting thread signal(); // signal event to waiting thread
} }
/** /**
* Request a timeout trigger.
*
* @param time_ms Number of milli-seconds until the timeout is * @param time_ms Number of milli-seconds until the timeout is
* wanted. Note that a small additional period of time is * wanted. Note that a small additional period of time is
* added that depends on execution speed. * added that depends on execution speed.
* @param subscriber The receiver of the callback when the command has timed * @param subscriber The receiver of the callback when the command has timed
* out. This argument must not be NULL. * out. This argument must not be NULL.
* @param command Specifies the String command to be passed back in th e * @param command Specifies the String command to be passed back in th e
* callback. * callback.
*/ */
void requestTimeout(int32_t time_ms, TOSubscriber subscriber, const TOC ommand &command) void requestTimeout(int32_t time_ms, TOSubscriber subscriber, const TOC ommand &command)
{ {
skipping to change at line 251 skipping to change at line 253
do { do {
synchLock.enter(); synchLock.enter();
int32_t time = 3600000; int32_t time = 3600000;
int32_t size = 0; int32_t size = 0;
if ((size = requests.size()) > 0) { if ((size = requests.size()) > 0) {
time = requests.front()->getMsToTimeout(); time = requests.front()->getMsToTimeout();
} }
if (time == 0 && size > 0) { if (time == 0 && size > 0) {
if (stop){ // This must be checked so that we will if (stop){ // This must be checked so that we will
// stop even if we have timeouts to deliver. // stop even if we have timeouts to deliver.
synchLock.leave();
return; return;
} }
TPRequest<TOCommand, TOSubscriber>* req = requests.front(); TPRequest<TOCommand, TOSubscriber>* req = requests.front();
TOSubscriber subs = req->getSubscriber(); TOSubscriber subs = req->getSubscriber();
TOCommand command = req->getCommand(); TOCommand command = req->getCommand();
requests.pop_front(); requests.pop_front();
synchLock.leave(); // call the command with free Mutex synchLock.leave(); // call the command with free Mutex
subs->handleTimeout(command); subs->handleTimeout(command);
 End of changes. 2 change blocks. 
0 lines changed or deleted 3 lines changed or added


 ZrtpCallback.h   ZrtpCallback.h 
/* /*
Copyright (C) 2006-2007 Werner Dittmann Copyright (C) 2006-2008 Werner Dittmann
This program is free software: you can redistribute it and/or modify This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or the Free Software Foundation, either version 3 of the License, or
(at your option) any later version. (at your option) any later version.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#ifndef _ZRTPCALLBACK_H_ #ifndef _ZRTPCALLBACK_H_
#define _ZRTPCALLBACK_H_ #define _ZRTPCALLBACK_H_
#include <string> #include <string>
#include <libzrtpcpp/ZrtpPacketBase.h> #include <libzrtpcpp/ZrtpCodes.h>
/**
* This class defines the callback functions required by ZRTP.
*
* This class is a pure abstract class, aka Interface in Java, that specifi
es
* the callback interface for the ZRTP implementation. The ZRTP implementat
ion
* uses these functions to communicate with the host environment, for examp
le
* to send data via the RTP/SRTP stack, to set timers and cancel timer and
so
* on.
*
* <p/>
*
* This ZRTP needs only ten callback methods to be implemented by the host
* environment.
*
* @author: Werner Dittmann <Werner.Dittmann@t-online.de>
*/
/**
* This enum defines the information message severity.
*
* The ZRTP implementation issues information messages to inform the user
* about ongoing processing, unusual behavior, or alerts in case of severe
* problems. The severity levels and their meaning are:
*
* <dl>
* <dt>Info</dt> <dd>keeps the user informed about ongoing processing and
* security setup.
* </dd>
* <dt>Warning</dt> <dd>is an information about some security issues, e.g.
if
* an AES 256 encryption is request but only DH 3072 as public key sche
me
* is supported. ZRTP will establish a secure session (SRTP).
* </dd>
* <dt>Error</dt> <dd>is used if an error occured during ZRTP protocol usag
e. For
* example if an unknown or unsupported alogrithm is offerd. In case of
* <em>Error</em> ZRTP will <b>not</b> establish a secure session.
* </dd>
* <dt>Alert</dt> <dd>shows a real security problem. This probably falls in
to
* a <em>MitM</em> category. ZRTP of course will <b>not</b> establish a
* secure session.
* </dd>
* </dl>
*
*/
enum MessageSeverity {
Info = 1,
Warning,
Error,
Alert
};
/** /**
* This enum defines which role a ZRTP peer has. * This enum defines which role a ZRTP peer has.
* *
* According to the ZRTP specification the role determines which keys to * According to the ZRTP specification the role determines which keys to
* use to encrypt or decrypt SRTP data. * use to encrypt or decrypt SRTP data.
* *
* <ul> * <ul>
* <li> The Initiator encrypts SRTP data using the <em>keyInitiator</em> an d the * <li> The Initiator encrypts SRTP data using the <em>keyInitiator</em> an d the
* <em>saltInitiator</em> data, the Responder uses these data to decry pt. * <em>saltInitiator</em> data, the Responder uses these data to decry pt.
skipping to change at line 122 skipping to change at line 72
int32_t srtpAuthTagLen; int32_t srtpAuthTagLen;
std::string sas; std::string sas;
Role role; Role role;
} SrtpSecret_t; } SrtpSecret_t;
enum EnableSecurity { enum EnableSecurity {
ForReceiver = 1, ForReceiver = 1,
ForSender = 2 ForSender = 2
}; };
/**
* This abstract class defines the callback functions required by GNU ZRTP.
*
* This class is a pure abstract class, aka Interface in Java, that
* defines the callback interface that the specific part of a GNU ZRTP
* must implement. The generic part of GNU ZRTP uses these mehtods
* to communicate with the specific part, for example to send data
* via the RTP/SRTP stack, to set timers and cancel timer and so on.
*
* The generiy part of GNU ZRTP needs only a few callback methods to
* be implemented by the specific part.
*
* @author Werner Dittmann <Werner.Dittmann@t-online.de>
*/
class ZrtpCallback { class ZrtpCallback {
public: protected:
friend class ZRtp;
virtual ~ZrtpCallback() {}; virtual ~ZrtpCallback() {};
/** /**
* Send a ZRTP packet via RTP. * Send a ZRTP packet via RTP.
* *
* ZRTP call this method if it needs to send data via RTP. The * ZRTP calls this method to send a ZRTP packet via the RTP session.
* data must not be encrypted before transfer.
* *
* @param data * @param data
* Points to ZRTP packet to send as RTP extension header. * Points to ZRTP packet to send.
* @param length * @param length
* The length in bytes of the data * The length in bytes of the data
* @return * @return
* zero if sending failed, one if packet was send * zero if sending failed, one if packet was send
*/ */
virtual int32_t sendDataZRTP(const uint8_t* data, int32_t length) =0; virtual int32_t sendDataZRTP(const uint8_t* data, int32_t length) =0;
/** /**
* Activate timer. * Activate timer.
* *
skipping to change at line 155 skipping to change at line 121
* The time in ms for the timer * The time in ms for the timer
* @return * @return
* zero if activation failed, one if timer was activated * zero if activation failed, one if timer was activated
*/ */
virtual int32_t activateTimer(int32_t time) =0; virtual int32_t activateTimer(int32_t time) =0;
/** /**
* Cancel the active timer. * Cancel the active timer.
* *
* @return * @return
* zero if activation failed, one if timer was activated * zero if cancel action failed, one if timer was canceled
*/ */
virtual int32_t cancelTimer() =0; virtual int32_t cancelTimer() =0;
/** /**
* Send information messages to the hosting environment. * Send information messages to the hosting environment.
* *
* The ZRTP implementation uses this method to send information * The ZRTP implementation uses this method to send information
* messages to the host. Along with the message ZRTP provides a * messages to the host. Along with the message ZRTP provides a
* severity indicator that defines: Info, Warning, Error, * severity indicator that defines: Info, Warning, Error,
* Alert. Refer to the <code>MessageSeverity</code> enum above. * Alert. Refer to the <code>MessageSeverity</code> enum above.
* *
* @param severity * @param severity
* This defines the message's severity * This defines the message's severity
* @param msg * @param subCode
* The message string, terminated with a null byte. * The subcode identifying the reason.
* @see #MessageSeverity * @see ZrtpCodes#MessageSeverity
*/ */
virtual void sendInfo(MessageSeverity severity, char* msg) =0; virtual void sendInfo(GnuZrtpCodes::MessageSeverity severity, int32_t s ubCode) =0;
/** /**
* This method gets call by ZRTP as soon as the SRTP secrets are availa ble. * SRTP crypto data ready for the sender or receiver.
* *
* The ZRTP implementation calls this method right after all SRTP * The ZRTP implementation calls this method right after all SRTP
* secrets are computed and ready to be used. The parameter points * secrets are computed and ready to be used. The parameter points
* to a structure that contains pointers to the SRTP secrets and a * to a structure that contains pointers to the SRTP secrets and a
* <code>enum Role</code>. The called host method (the * <code>enum Role</code>. The called method (the implementation
* implementation of this abstract method) must copy the pointers * of this abstract method) must either copy the pointers to the SRTP
* to the SRTP secrets it needs into a save place. The * data or the SRTP data itself to a save place. The SrtpSecret_t
* SrtpSecret_t structure is destroyed when the callback method * structure is destroyed after the callback method returns to the
* returns to the ZRTP implementation. * ZRTP implementation.
* *
* The SRTP secrets themselfs are ontained in the ZRtp object and * The SRTP data themselfs are ontained in the ZRtp object and are
* are valid as long as the ZRtp object is active. TheZRtp's * valid as long as the ZRtp object is active. TheZRtp's
* destructor clears the secrets. * destructor clears the secrets. Thus the called method needs to
* * save the pointers only, ZRtp takes care of the data.
* @param secrets *
* A pointer to a SrtpSecret_t structure that contains all necessar * The implementing class may enable SRTP processing in this
y * method or delay it to srtpSecertsOn().
* data. *
* @param part * @param secrets A pointer to a SrtpSecret_t structure that
* Defines for which part (sender or receiver) to switch on security * contains all necessary data.
* @return *
* Returns false if something went wrong during initialization of SR * @param part for which part (Sender or Receiver) this data is
TP * valid.
* context, for example memory shortage. *
* @return Returns false if something went wrong during
* initialization of SRTP context, for example memory shortage.
*/ */
virtual bool srtpSecretsReady(SrtpSecret_t* secrets, EnableSecurity par t) =0; virtual bool srtpSecretsReady(SrtpSecret_t* secrets, EnableSecurity par t) =0;
/** /**
* This method shall clear the SRTP Context and switch off GUI inidicat ors. * Switch off the security for the defined part.
* *
* @param part * @param part Defines for which part (sender or receiver) to
* Defines for which part (sender or receiver) to switch on security * switch on security
*/ */
virtual void srtpSecretsOff(EnableSecurity part) =0; virtual void srtpSecretsOff(EnableSecurity part) =0;
/** /**
* This method shall switch on GUI inidicators. * Switch on the security.
* *
* @param c * ZRTP calls this method after it has computed the SAS and check
* The name of the used cipher algorithm and mode, or NULL * if it is verified or not. In addition ZRTP provides information
* @param s * about the cipher algorithm and key length for the SRTP session.
* The SAS string or NULL *
* This method must enable SRTP processing if it was not enabled
* during sertSecretsReady().
*
* @param c The name of the used cipher algorithm and mode, or
* NULL
*
* @param s The SAS string
*
* @param verified if <code>verified</code> is true then SAS was
* verified by both parties during a previous call.
*/ */
virtual void srtpSecretsOn(const char* c, const char* s) =0; virtual void srtpSecretsOn(std::string c, std::string s, bool verified) =0;
/** /**
* This method shall handle GoClear requests. * This method handles GoClear requests.
* *
* According to the ZRTP specification the user must be informed about * According to the ZRTP specification the user must be informed about
* this message because the ZRTP implementation switches off security * a GoClear request because the ZRTP implementation switches off secur ity
* if it could authenticate the GoClear packet. * if it could authenticate the GoClear packet.
* *
* <b>Note:</b> GoClear is not yet implemented in GNU ZRTP.
*
*/ */
virtual void handleGoClear() =0; virtual void handleGoClear() =0;
/** /**
* ZRTP calls this if the negotiation failed. * Handle ZRTP negotiation failed.
* *
* ZRTP calls this method in case ZRTP negotiation failed. The paramete * ZRTP calls this method in case ZRTP negotiation failed. The
rs * parameters show the severity as well as the reason.
* show the severity as well as some explanatory text.
* Refer to the <code>MessageSeverity</code> enum above.
* *
* @param severity * @param severity
* This defines the message's severity * This defines the message's severity
* @param msg * @param subCode
* The message string, terminated with a null byte. * The subcode identifying the reason.
* @see ZrtpCodes#MessageSeverity
*/ */
virtual void zrtpNegotiationFailed(MessageSeverity severity, char* msg) =0; virtual void zrtpNegotiationFailed(GnuZrtpCodes::MessageSeverity severi ty, int32_t subCode) =0;
/** /**
* ZRTP calls this methof if the other side does not support ZRTP. * ZRTP calls this method if the other side does not support ZRTP.
* *
* If the other side does not answer the ZRTP <em>Hello</em> packets th en * If the other side does not answer the ZRTP <em>Hello</em> packets th en
* ZRTP calls this method, * ZRTP calls this method,
* *
*/ */
virtual void zrtpNotSuppOther() =0; virtual void zrtpNotSuppOther() =0;
/**
* Enter synchronization mutex.
*
* GNU ZRTP requires one mutes to synchronize its
* processing. Because mutex implementations depend on the
* underlying infrastructure, for example operating system or
* thread implementation, GNU ZRTP delegates mutex handling to the
* spcific part of its implementation.
*/
virtual void synchEnter() =0;
/**
* Leave synchronization mutex.
*/
virtual void synchLeave() =0;
/**
* Inform about a PBX enrollment request.
*
* Please refer to chapter 8.3 ff to get more details about PBX
* enrollment and SAS relay.
*
* <b>Note:</b> PBX enrollement is not yet fully supported by GNU
* ZRTP.
*
* @param info Give some information to the user about the PBX
* requesting an enrollment.
*/
virtual void zrtpAskEnrollment(std::string info) =0;
/**
* Inform about PBX enrollment result.
*
* Informs the use about the acceptance or denial of an PBX enrollment
* request
*
* <b>Note:</b> PBX enrollement is not yet fully supported by GNU
* ZRTP.
*
* @param info Give some information to the user about the result
* of an enrollment.
*/
virtual void zrtpInformEnrollment(std::string info) =0;
/**
* Request a SAS signature.
*
* After ZRTP was able to compute the Short Authentication String
* (SAS) it calls this method. The client may now use an
* approriate method to sign the SAS. The client may use
* ZrtpQueue#setSignatureData() to store the signature data an
* enable signature transmission to the other peer. Refer to
* chapter 8.2 of ZRTP specification.
*
* <b>Note:</b> SAS signing is not yet fully supported by GNU
* ZRTP.
*
* @param sas
* The SAS string to sign.
*
*/
virtual void signSAS(std::string sas) =0;
/**
* ZRTPQueue calls this method to request a SAS signature check.
*
* After ZRTP received a SAS signature in one of the Confirm packets it
* call this method. The client may use <code>getSignatureLength()</cod
e>
* and <code>getSignatureData()</code>of ZrtpQueue to get the signature
* data and perform the signature check. Refer to chapter 8.2 of ZRTP
* specification.
*
* If the signature check fails the client may return false to ZRTP. In
* this case ZRTP signals an error to the other peer and terminates
* the ZRTP handshake.
*
* <b>Note:</b> SAS signing is not yet fully supported by GNU
* ZRTP.
*
* @param sas
* The SAS string that was signed by the other peer.
* @return
* true if the signature was ok, false otherwise.
*
*/
virtual bool checkSASSignature(std::string sas) =0;
}; };
#endif // ZRTPCALLBACK #endif // ZRTPCALLBACK
/** EMACS **
* Local variables:
* mode: c++
* c-default-style: ellemtel
* c-basic-offset: 4
* End:
*/
 End of changes. 26 change blocks. 
110 lines changed or deleted 169 lines changed or added


 ZrtpQueue.h   ZrtpQueue.h 
/* /*
Copyright (C) 2006-2007 Werner Dittmann Copyright (C) 2006-2008 Werner Dittmann
This program is free software: you can redistribute it and/or modify This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or the Free Software Foundation, either version 3 of the License, or
(at your option) any later version. (at your option) any later version.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
skipping to change at line 24 skipping to change at line 24
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#ifndef _ZRTPQUEUE_H_ #ifndef _ZRTPQUEUE_H_
#define _ZRTPQUEUE_H_ #define _ZRTPQUEUE_H_
#include <ccrtp/cqueue.h> #include <ccrtp/cqueue.h>
#include <ccrtp/rtppkt.h> #include <ccrtp/rtppkt.h>
#include <libzrtpcpp/ZrtpCallback.h> #include <libzrtpcpp/ZrtpCallback.h>
#include <libzrtpcpp/ZRtp.h> #include <libzrtpcpp/TimeoutProvider.h>
/**
* The bridge between the ZRTP implementation and GNU ccRTP.
*
* The ZRPT implementation is fairly independent from the underlying
* RTP/SRTP implementation. This class implements specific
* functions and interfaces that ZRTP uses to call functions of the
* hosting RTP/SRTP environment. In this case the host is GNU ccRTP.
*
* <p/>
*
* As required by the ZRTP implementation this class implements
* the ZrtpCallback interface.
*
* <p/>
*
* The <code>initialize</code> method stores the timeout provider and
* reuses it for every instance.
*
* @author Werner Dittmann <Werner.Dittmann@t-online.de>
*/
class ZrtpUserCallback; class ZrtpUserCallback;
class ZRtp;
#ifdef CCXX_NAMESPACES #ifdef CCXX_NAMESPACES
namespace ost { namespace ost {
#endif #endif
class ZrtpQueue : public AVPQueue, public ZrtpCallback {
public:
/**
* Initialize the ZrtpQueue.
*
* Before a programm can use ZRTP it has to initialize ZRTP
* processing. This method initializes the timeout thread and
* the ZID file that contais the retained secrets.
*
* If an application requires several ZRTP sessions all session use
* the same timeout thread and use the same ZID file. Therefore an
* application does not need to do any synchronisation regading
* ZID files or timeouts. This is managed by the ZRTP implementation.
*
* The application may specify its own ZID file name. If no ZID file n
ame
* is specified it defaults to <code>$HOME/.GNUccRTP.zid</code> if the
* <code>HOME</code>environment variable is set. If it is not set the
* current directory is used.
*
* @param zidFilename
* The name of the ZID file, can be a relative or absolut filename
.
* @return 1 on success, -1 on failure. In the latter case the method
also
* sets <code>setEnableZrtp(false)</code>.
*
*/
int32_t initialize(const char *zidFilename);
/*
* The following methods implement the external interface to control
* ZRTP behaviour.
*/
/** /**
* Enable overall ZRTP processing. * GNU ccRTP extension to support GNU ZRTP.
* *
* Call this method to enable ZRTP processing and switch to secure * ZRTP was developed by Phil Zimmermann and provides functions to
* mode eventually. This can be done before a call or at any time * negotiate keys and other necessary data (crypto data) to set-up
* during a call. * the Secure RTP (SRTP) crypto context. Refer to Phil's ZRTP
* specification at his <a href="http://zfoneproject.com/">Zfone
* project</a> site to get more detailed imformation about the
* capabilities of ZRTP.
*
* <b>Short overview of the ZRTP implementation</b>
*
* ZRTP is a specific protocol to negotiate encryption algorithms
* and the required key material. ZRTP uses a RTP session to
* exchange its protocol messages.
*
* A complete GNU ZRTP implementation consists of two parts, the
* GNU ZRTP core and specific code that binds the GNU ZRTP core to
* the underlying RTP/SRTP stack and the operating system:
* <ul>
* <li>
* The GNU ZRTP core is independent of a specific RTP/SRTP
* stack and the operationg system and consists of the ZRTP
* protocol state engine, the ZRTP protocol messages, and the
* GNU ZRTP engine. The GNU ZRTP engine provides methods to
* setup ZRTP message and to analyze received ZRTP messages,
* to compute the crypto data required for SRTP, and to
* maintain the required hashes and HMAC.
* </li>
* <li>
* The second part of an implementation is specific
* <em>glue</em> code the binds the GNU ZRTP core to the
* actual RTP/SRTP implementation and other operating system
* specific services such as timers.
* </li>
* </ul>
*
* The GNU ZRTP core uses a callback interface class (refer to
* ZrtpCallback) to access RTP/SRTP or operating specific methods,
* for example to send data via the RTP/SRTP stack, to access
* timers, provide mutex handling, and to report events to the
* application.
*
* <b>The ZrtpQueue</b>
*
* ZrtpQueue implements code that is specific to the GNU ccRTP
* implementation. ZrtpQueue also implements the specific code to
* provide the mutex and timeout handling to the GNU ZRTP
* core. Both, the mutex and the timeout handling, use the GNU
* Common C++ library to stay independent of the operating
* seystem. For more information refer to the <a
* href="http://www.gnutelephony.org/index.php/GNU_Common_C%2B%2B">GNU
* Common C++</a> web site.
*
* To perform its tasks ZrtpQueue
* <ul>
* <li> extends GNU ccRTP classes to use the underlying
* ccRTP methods and the RTP/SRTP send and receive queues
* </li>
* <li> implements the ZrtpCallback interface to provide ccRTP
* access and other specific services (timer, mutex) to GNU
* ZRTP
* </li>
* <li> provides ZRTP specific methods that applications may use
* to control and setup GNU ZRTP
* </li>
* <li> can register and use an application specific callback
* class (refer to ZrtpUserCallback)
* </li>
* </ul>
*
* After instantiating a GNU ZRTP session (see below for a short
* example) applications may use the ZRTP specific methods of
* ZrtpQueue to control and setup GNU ZRTP, for example enable or
* disable ZRTP processing or getting ZRTP status information.
*
* GNU ZRTP provides a ZrtpUserCallback class that an application
* may extend and register with ZrtpQueue. GNU ZRTP and ZrtpQueue
* use the ZrtpUserCallback methods to report ZRTP events to the
* application. The application may display this information to
* the user or act otherwise.
*
* The following figure depicts the relationships between
* ZrtpQueue, ccRTP RTP/SRTP implementation, the GNU ZRTP core,
* and an application that provides an ZrtpUserCallback class.
*
@verbatim
+----------+
| ccRTP |
| RTP/SRTP |
| |
+----------+
^
| extends
|
+----------------+ +-----+------+
| Application | | | +-----------------+
| instantiates | uses | ZrtpQueue | uses | |
| a ZRTP Session +------+ implements +------+ GNU ZRTP |
| and provides | |ZrtpCallback| | core |
|ZrtpUserCallback| | | | implementation |
+----------------+ +------------+ | (ZRtp et al) |
| |
+-----------------+
@endverbatim
*
* Because ZrtpQueue extends the ccRTP RTP/SRTP implementation
* (AVPQueue) all public methods defined by ccRTP are also
* available for a ZRTP session. ZrtpQueue overwrites some of the
* public methods of ccRTP (AVPQueue) to implement ZRTP specific
* code.
*
* GNU ZRTP provides a <em>SymmetricZRTPSession</em> type to
* simplify its use. An application uses this type in the same way
* as it would use the normal ccRTP <em>SymmetricRTPSession</em>
* type. The following short code snippets show how an application
* could instantiate ccRTP and GNU ZRTP sessions. The first
* snippet shows how to instantiate a ccRTP session:
*
* @code
* ...
* #include <ccrtp/rtp.h>
* ...
* SymmetricRTPSession tx(pattern.getSsrc(),
* InetHostAddress("localhost"));
* ...
*
* @endcode
*
* The same code as above but using a GNU ZRTP session this time:
* @code
* ...
* #include <libzrtpcpp/zrtpccrtp.h>
* ...
* SymmetricZRTPSession tx(pattern.getSsrc(),
* InetHostAddress("localhost"));
* ...
*
* @endcode
*
* The only differences are the different include statements and
* the different session types.
*
* The <em>demo</em> folder contains a small example that shows
* how to use GNU ZRTP.
*
* Please refer to the GNU ccRTP documentation for a description
* of ccRTP methods and functions. This ZrtpQueue documentation
* shows the ZRTP specific extensions and describes overloaded
* methods and a possible different behaviour.
* *
* @param onOff * @author Werner Dittmann <Werner.Dittmann@t-online.de>
* If set to true enable ZRTP, disable otherwise
*/ */
void setEnableZrtp(bool onOff) {
enableZrtp = onOff;
}
/** class ZrtpQueue : public AVPQueue, ZrtpCallback {
* Set SAS as verified.
*
* Call this method if the user confirmed (verfied) the SAS. ZRTP
* remembers this together with the retained secrets data.
*/
void SASVerified() {
if (zrtpEngine != NULL)
zrtpEngine->SASVerified();
}
/** public:
* Reset the SAS verfied flag for the current active user's retained se
crets.
*
*/
void resetSASVerified() {
if (zrtpEngine != NULL)
zrtpEngine->resetSASVerified();
}
/** /**
* Confirm a go clear request. * Initialize the ZrtpQueue.
* *
* Call this method if the user confirmed a go clear (secure mode off). * Before an application can use ZRTP it has to initialize the
*/ * ZRTP implementation. This method initializes the timeout
void goClearOk() { } * thread and opens a file that contains ZRTP specific
* information such as the applications ZID (ZRTP id) and its
* retained shared secrets.
*
* If one application requires several ZRTP sessions all
* sessions use the same timeout thread and use the same ZID
* file. Therefore an application does not need to do any
* synchronisation regading ZID files or timeouts. This is
* managed by the ZRTP implementation.
*
* The current implementation of ZrtpQueue does not support
* different ZID files for one application instance. This
* restriction may be removed in later versions.
*
* The application may specify its own ZID file name. If no
* ZID file name is specified it defaults to
* <code>$HOME/.GNUccRTP.zid</code> if the <code>HOME</code>
* environment variable is set. If it is not set the current
* directory is used.
*
* If the method could set up the timeout thread and open the ZID
* file then it enables ZRTP processing and returns.
*
* @param zidFilename
* The name of the ZID file, can be a relative or absolut
* filename.
* @return
* 1 on success, ZRTP processing enabled, -1 on failure,
* ZRTP processing disabled.
*
*/
int32_t initialize(const char *zidFilename);
/** /*
* Request to switch off secure mode. * Applications use the following methods to control ZRTP, for exam
* ple
* Call this method is the user itself wants to switch off secure * to enable ZRTP, set flags etc.
* mode (go clear). After sending the "go clear" request to the peer */
* ZRTP immediatly switch off SRTP processing. Every RTP data is sent
* in clear after the go clear request.
*/
void requestGoClear() { }
/** /**
* Set the sigs secret. * Enable or disable ZRTP processing.
* *
* Use this method to set the sigs secret data. Refer to ZRTP * Call this method to enable or disable ZRTP processing after
* specification, chapter 3.2.1 * calling <code>initialize()</code>. This can be done before
* * using a RTP session or at any time during a RTP session.
* @param data *
* Points to the sigs secret data. The data must have a length * Existing SRTP sessions or currently active ZRTP processing will
* of 32 bytes (length of SHA256 hash) * not be stopped or disconnected.
*/ *
void setSigsSecret(uint8* data) { * If the application enables ZRTP then:
if (zrtpEngine != NULL) * <ul>
zrtpEngine->setSigsSecret(data); * <li>ZrtpQueue starts to send ZRTP Hello packets after at least
} * one RTP packet was sent and received on the associated RTP
* session. Thus if an application enables ZRTP and ZrtpQueue
* detects traffic on the RTP session then ZrtpQueue automatically
* starts the ZRTP protocol. This automatic start is convenient
* for applications that negotiate RTP parameters and set up RTP
* sessions but the actual RTP traffic starts some time later.
* </li>
* <li>ZrtpQueue analyses incoming packets to detect ZRTP
* messages. If ZRTP was started, either via automatic start (see
* above) or explicitly via startZrtp(), then ZrtpQueue
* forwards ZRTP packets to the GNU ZRTP core.
* </ul>
*
* @param onOff
* @c true to enable ZRTP, @c false to disable ZRTP
*/
void setEnableZrtp(bool onOff);
/** /**
* Set the srtps secret. * Return the state of ZRTP enable state.
* *
* Use this method to set the srtps secret data. Refer to ZRTP * @return @c true if ZRTP processing is enabled, @c false
* specification, chapter 3.2.1 * otherwise.
* */
* @param data bool isEnableZrtp();
* Points to the srtps secret data. The data must have a length
* of 32 bytes (length of SHA256 hash)
*/
void setSrtpsSecret(uint8* data) {
if (zrtpEngine != NULL)
zrtpEngine->setSrtpsSecret(data);
}
/** /**
* Set the other secret. * Set SAS as verified.
* *
* Use this method to set the other secret data. Refer to ZRTP * The application may call this method if the user confirmed
* specification, chapter 3.2.1 * (verfied) the Short Authentication String (SAS) with the peer.
* *
* @param data * ZRTP calls ZrtpUserCallback#showSAS after it computed the SAS
* Points to the other secret data. * and the application registered a user callback class. The
* @param length * application should display the SAS and provide a mechanism at
* The length in bytes of the data. * the user interface that enables the user to confirm the SAS.
*/ *
void setOtherSecret(uint8* data, int32 length) { * ZRTP remembers the SAS confirmation status together with the
if (zrtpEngine != NULL) * retained secrets data. If both parties confirmed the SAS then
zrtpEngine->setOtherSecret(data, length); * ZRTP informs the application about this status on the next ZRTP
} * session.
*
* For more detailed information regarding SAS please refer to the
* ZRTP specification, chapter 8.
*/
void SASVerified();
/** /**
* Set the callback class for UI intercation. * Reset the SAS verfied flag for the current user's retained secre
* ts.
* The destructior of ZrtpQueue also destorys the user callback *
* class if it was set. */
* void resetSASVerified();
* @param ucb
* Implementation of the ZrtpUserCallback interface class
*/
void setUserCallback(ZrtpUserCallback* ucb) {
zrtpUserCallback = ucb;
}
/** /**
* Set the client ID for ZRTP Hello message. * To confirm a go clear request.
* *
* The GNU ccRTP client may set its id to identify itself in the * Call this method if the user confirmed a go clear (secure mode o
* ZRTP HELLO message. The maximum length is 15 characters. Shorter ff).
* id string are allowed, the will be filled with blanks. Longer id */
* will be truncated to 15 characters. void goClearOk();
*
* @param id
* The client's id
*/
void setClientId(std::string id) {
clientIdString = id;
}
/** /**
* This is used to create a data packet in the send queue. * Request to switch off secure mode.
* Sometimes a "NULL" or empty packet will be used instead, and *
* these are known as "silent" packets. "Silent" packets are * Call this method is the user itself wants to switch off secure
* used simply to "push" the scheduler along more accurately * mode (go clear). After sending the "go clear" request to the pee
* by giving the appearence that a next packet is waiting to r
* be sent and to provide a valid timestamp for that packet. * ZRTP immediatly switch off SRTP processing. Every RTP data is se
* nt
* This method overrides the same method in OutgoingDataQueue class. * in clear after the go clear request.
* During ZRTP processing it may be necessary to control the */
* flow of outgoing RTP payload packets (GoClear processing). void requestGoClear();
*
* @param stamp Timestamp for expected send time of packet.
* @param data Value or NULL if special "silent" packet.
* @param len May be 0 to indicate a default by payload type.
**/
void
putData(uint32 stamp, const unsigned char* data = NULL, size_t len = 0)
;
/** /**
* This is used to create a data packet and send it immediately. * Set the sigs secret.
* Sometimes a "NULL" or empty packet will be used instead, and *
* these are known as "silent" packets. "Silent" packets are * Use this method to set the sigs secret data. Refer to ZRTP
* used simply to "push" the scheduler along more accurately * specification, chapter 3.2.1
* by giving the appearence that a next packet is waiting to *
* be sent and to provide a valid timestamp for that packet. * @param data
* * Points to the sigs secret data. The data must have a length
* This method overrides the same method in OutgoingDataQueue class. * of 32 bytes (length of SHA256 hash)
* During ZRTP processing it may be necessary to control the */
* flow of outgoing RTP payload packets (GoClear processing). void setSigsSecret(uint8* data);
*
* @param stamp Timestamp immediate send time of packet.
* @param data Value or NULL if special "silent" packet.
* @param len May be 0 to indicate a default by payload type.
**/
void
sendImmediate(uint32 stamp, const unsigned char* data = NULL, size_t le
n = 0);
void start(); /**
void stop(); * Set the srtps secret.
*
* Use this method to set the srtps secret data. Refer to ZRTP
* specification, chapter 3.2.1
*
* @param data
* Points to the srtps secret data. The data must have a length
* of 32 bytes (length of SHA256 hash)
*/
void setSrtpsSecret(uint8* data);
/** /**
* This function is used by the service thread to process * Set the other secret.
* the next incoming packet and place it in the receive list. *
* * Use this method to set the other secret data. Refer to ZRTP
* This class overloads the function of IncomingDataQueue * specification, chapter 3.2.1
* implementation. *
* * @param data
* @return number of payload bytes received, <0 if error. * Points to the other secret data.
*/ * @param length
virtual size_t takeInDataPacket(); * The length in bytes of the data.
*/
void setOtherSecret(uint8* data, int32 length);
/** /**
* A hook that gets called if the decoding of an incoming SRTP was erro * Set the application's callback class.
neous *
* * The destructor of ZrtpQueue also destorys the user callback
* @param pkt * class if it was set. The application must not delete the
* The SRTP packet with error. * callback object or use/reference the callback object after
* @param errorCode * ZrtpQueue was destroyed.
* The error code: -1 - SRTP authentication failure, -2 - replay *
* check failed * @param ucb
* @return * Implementation of the application's ZrtpUserCallback class
* True: put the packet in incoming queue for further processing */
* by the applications; false: dismiss packet. The default void setUserCallback(ZrtpUserCallback* ucb);
* implementation returns false.
*/
virtual bool
onSRTPPacketError(IncomingRTPPkt& pkt, int32 errorCode);
/** /**
* Handle timeout event forwarded by the TimeoutProvider. * Set the client ID for ZRTP Hello message.
* *
* Just call the ZRTP engine for further processing. * The GNU ccRTP client may set its id to identify itself in the
*/ * ZRTP Hello message. The maximum length is 16 characters. A
void handleTimeout(const std::string &c) { * shorter id string is possible, it will be filled with blanks. A
if (zrtpEngine != NULL) { * longer id string will be truncated to 16 characters. The
zrtpEngine->processTimeout(); * standard client id is <code>GNU ccRTP ZRTP </code>.
} *
}; * Setting the client's id must be done before calling
* initialize() or starting the ZRTP protocol with startZrtp() .
*
* @param id
* The client's id string
*/
void setClientId(std::string id);
/* /**
* Refer to ZrtpCallback.h * Get the ZRTP Hello Hash data.
*/ *
int32_t sendDataZRTP(const unsigned char* data, int32_t length); * Use this method to get the ZRTP Hello Hash data. The method
* returns the data as a string containing hex-digits. Refer to ZRT
P
* specification, chapter 9.1.
*
* @return
* a std:string containing the Hello hash value as hex-digits. T
he
* hello hash is available immediatly after starting the ZrtpQue
ue.
* If ZRTP was not started or ZRTP the method returns an empty s
tring.
*/
std::string getHelloHash();
int32_t activateTimer(int32_t time); /**
* Get the ZRTP SAS data.
*
* Use this method to get the ZRTP SAS data formatted as string
* and ready to use in the SDP as defined in the ZRTP
* specification, chapter 9.4. The format of this SAS string is
* different from the SAS string sent to the application via
* ZrtpUserCallback#showSAS.
*
* @return a std:string containing the SAS and the SAS hash,
* formatted as specified in chapter 9.4. If ZRTP was not
* started or ZRTP is not yet in secure state the method
* returns an empty string.
*/
std::string getSasData();
int32_t cancelTimer(); /**
* Get Multi-stream parameters.
*
* Use this method to get the Multi-stream that were computed durin
g
* the ZRTP handshake. An application may use these parameters to
* enable multi-stream processing for an associated SRTP session.
*
* Refer to chapter 5.4.2 in the ZRTP specification for further det
ails
* and restriction how and when to use multi-stream mode.
*
* @return
* a string that contains the multi-stream parameters. The appli
cation
* must not modify the contents of this string, it is opaque dat
a. The
* application may hand over this string to a new ZrtpQueue inst
ance
* to enable multi-stream processing for this ZrtpQueue. If ZRTP
was
* not started or ZRTP is not yet in secure state the method ret
urns an
* empty string.
*/
std::string getMultiStrParams();
void sendInfo(MessageSeverity severity, char* msg); /**
/** * Set Multi-stream parameters.
* Switch on the security for the defined part. *
* * Use this method to set the parameters required to enable Multi-s
* Create an CryproContext with the negotiated ZRTP data and tream
* register it with the respective part (sender or receiver) thus * processing of ZRTP. The multi-stream parameters must be set befo
* replacing the current active context (usually an empty re the
* context). This effectively enables SRTP. * application starts the ZRTP protocol engine.
* *
* @param secrets * Refer to chapter 5.4.2 in the ZRTP specification for further det
* The secret keys and salt negotiated by ZRTP ails
* @param part * of multi-stream mode.
* An enum that defines wich direction to switch on: sender or recei *
ver * @param parameters
* @return * A string that contains the multi-stream parameters that this
* Returns false if something went wrong during initialization of SR * new ZrtpQueue instanace shall use. See also
TP * <code>getMultiStrParams()</code>
* context, for example memory shortage. */
*/ void setMultiStrParams(std::string parameters);
bool srtpSecretsReady(SrtpSecret_t* secrets, EnableSecurity part);
/** /**
* Switch off the security for the defined part. * Check if this ZRTP use Multi-stream.
* *
* Create an empty CryproContext and register it with the * Use this method to check if this ZRTP instance uses multi-stream
* repective part (sender or receiver) thus replacing the current . Even
* active context. This effectively disables SRTP. * if the application provided multi-stram parameters it may happen
* that
* @param part * full DH mode was used. Refer to chapters 5.2 and 5.4.2 in the ZR
* An enum that defines wich direction to switch off: sender or rece TP #
iver * when this may happen.
*/ *
void srtpSecretsOff(EnableSecurity part); * @return
* True if multi-stream is used, false otherwise.
*/
bool isMultiStream();
/** /**
* This method shall switch on GUI inidicators. * Accept a PBX enrollment request.
* *
* @param c * If a PBX service asks to enroll the MiTM key and the user accept
* The name of the used cipher algorithm and mode, or NULL s this
* @param s * requtes, for example by pressing an OK button, the client applic
* The SAS string or NULL ation
*/ * shall call this method and set the parameter <code>accepted</cod
void srtpSecretsOn(const char* c, const char* s); e> to
* true. If the user does not accept the request set the parameter
to
* false.
*
* @param accepted
* True if the enrollment request is accepted, false otherwise.
*/
void acceptEnrollment(bool accepted);
/** /**
* This method shall handle GoClear requests. * Set signature data
* *
* According to the ZRTP specification the user must be informed about * This functions stores signature data and transmitts it during ZR
* this message because the ZRTP implementation switches off security TP
* if it could authenticate the GoClear packet. * processing to the other party as part of the Confirm packets. Re
* fer to
*/ * chapters 6.7 and 8.2 in the ZRTP specification.
void handleGoClear(); *
* @param data
* The signature data including the signature type block. The me
thod
* copies this data into the Confirm packet at signature type bl
ock.
* @param length
* The length of the signature data in bytes. This length must b
e
* multiple of 4.
* @return
* True if the method stored the data, false otherwise.
*/
bool setSignatureData(uint8* data, int32 length);
/** /**
* ZRTP calls this if the negotiation failed. * Get signature data
* *
* ZRTP calls this method in case ZRTP negotiation failed. The paramete * This functions returns signature data that was receivied during
rs ZRTP
* show the severity as well as some explanatory text. * processing. Refer to chapters 6.7 and 8.2.
* Refer to the <code>MessageSeverity</code> enum above. *
* * The signature data can be retrieved after ZRTP enters secure sta
* @param severity te.
* This defines the message's severity * <code>start()</code>.
* @param msg *
* The message string, terminated with a null byte. * @param data
*/ * Pointer to a data buffer. This buffer must be large enough to
void zrtpNegotiationFailed(MessageSeverity severity, char* msg); * hold the signature data. Refer to <code>getSignatureLength()<
/code>
* to get the length of the received signature data.
* @return
* Number of bytes copied into the data buffer
*/
int32 getSignatureData(uint8* data);
/** /**
* ZRTP calls this methof if the other side does not support ZRTP. * Get length of signature data
* *
* If the other side does not answer the ZRTP <em>Hello</em> packets th * This functions returns the length of signature data that was rec
en eivied
* ZRTP calls this method, * during ZRTP processing. Refer to chapters 6.7 and 8.2.
* *
*/ * @return
void zrtpNotSuppOther(); * Length in bytes of the received signature data. The method re
turns
* zero if no signature data avilable.
*/
int32 getSignatureLength();
/* /**
* End of ZrtpCallback functions. * Enable PBX enrollment
*/ *
* The application calls this method to allow or disallow PBX enrol
lment.
* If the applications allows PBX enrollment then the ZRTP implemen
tation
* honors the PBX enrollment flag in Confirm packets. Refer to chap
ter 8.3
* for further details of PBX enrollment.
*
* @param yesNo
* If set to true then ZRTP honors the PBX enrollment flag in Co
mmit
* packets and calls the appropriate user callback methods. If
* the parameter is set to false ZRTP ignores the PBX enrollment
flags.
*/
void setPBXEnrollment(bool yesNo);
/**
* Put data into the RTP output queue.
*
* This is used to create a data packet in the send queue.
* Sometimes a "NULL" or empty packet will be used instead, and
* these are known as "silent" packets. "Silent" packets are
* used simply to "push" the scheduler along more accurately
* by giving the appearence that a next packet is waiting to
* be sent and to provide a valid timestamp for that packet.
*
* This method overrides the same method in OutgoingDataQueue class
.
* During ZRTP processing it may be necessary to control the
* flow of outgoing RTP payload packets (GoClear processing).
*
* @param stamp Timestamp for expected send time of packet.
* @param data Value or NULL if special "silent" packet.
* @param len May be 0 to indicate a default by payload type.
**/
void
putData(uint32 stamp, const unsigned char* data = NULL, size_t len
= 0);
/**
* Immediatly send a data packet.
*
* This is used to create a data packet and send it immediately.
* Sometimes a "NULL" or empty packet will be used instead, and
* these are known as "silent" packets. "Silent" packets are
* used simply to "push" the scheduler along more accurately
* by giving the appearence that a next packet is waiting to
* be sent and to provide a valid timestamp for that packet.
*
* This method overrides the same method in OutgoingDataQueue
* class. During ZRTP processing it may be necessary to
* control the flow of outgoing RTP payload packets (GoClear
* processing).
*
* @param stamp Timestamp immediate send time of packet.
* @param data Value or NULL if special "silent" packet.
* @param len May be 0 to indicate a default by payload type.
**/
void
sendImmediate(uint32 stamp, const unsigned char* data = NULL, size_
t len = 0);
/**
* Starts the ZRTP protocol engine.
*
* Applications may call this method to immediatly start the ZRTP p
rotocol
* engine any time after initializing ZRTP and setting optinal para
meters,
* for example client id or multi-stream parameters.
*
* If the application does not call this method but sucessfully ini
tialized
* the ZRTP engine using <code>initialize()</code> then ZRTP also s
tarts
* after the application sent and received RTP packets. An applicat
ion can
* disable this automatic, delayed start of the ZRTP engine using
* <code>setEnableZrtp(false)</code> before sending or receiving RT
P
* packets.
*
*/
void startZrtp();
/**
* Stops the ZRTP protocol engine.
*
* Applications call this method to stop the ZRTP protocol
* engine.
*
*/
void stopZrtp();
protected: protected:
friend class TimeoutProvider<std::string, ost::ZrtpQueue*>;
/**
* A hook that gets called if the decoding of an incoming SRTP
* was erroneous
*
* @param pkt
* The SRTP packet with error.
* @param errorCode
* The error code: -1 - SRTP authentication failure, -2 - repla
y
* check failed
* @return
* True: put the packet in incoming queue for further processin
g
* by the applications; false: dismiss packet. The default
* implementation returns false.
*/
virtual bool
onSRTPPacketError(IncomingRTPPkt& pkt, int32 errorCode);
/**
* Handle timeout event forwarded by the TimeoutProvider.
*
* Just call the ZRTP engine for further processing.
*/
void handleTimeout(const std::string &c);
/**
* This function is used by the service thread to process
* the next incoming packet and place it in the receive list.
*
* This class overloads the function of IncomingDataQueue
* implementation.
*
* @return number of payload bytes received, <0 if error.
*/
virtual size_t takeInDataPacket();
/*
* The following methods implement the GNU ZRTP callback interface.
* For detailed documentation refer to file ZrtpCallback.h
*/
int32_t sendDataZRTP(const unsigned char* data, int32_t length);
int32_t activateTimer(int32_t time);
int32_t cancelTimer();
void sendInfo(GnuZrtpCodes::MessageSeverity severity, int32_t subCo
de);
bool srtpSecretsReady(SrtpSecret_t* secrets, EnableSecurity part);
void srtpSecretsOff(EnableSecurity part);
void srtpSecretsOn(std::string c, std::string s, bool verified);
void handleGoClear();
void zrtpNegotiationFailed(GnuZrtpCodes::MessageSeverity severity,
int32_t subCode);
void zrtpNotSuppOther();
void synchEnter();
void synchLeave();
void zrtpAskEnrollment(std::string info);
void zrtpInformEnrollment(std::string info);
void signSAS(std::string sas);
bool checkSASSignature(std::string sas);
/*
* End of ZrtpCallback functions.
*/
ZrtpQueue(uint32 size = RTPDataQueue::defaultMembersHashSize, ZrtpQueue(uint32 size = RTPDataQueue::defaultMembersHashSize,
RTPApplication& app = defaultApplication()); RTPApplication& app = defaultApplication());
/** /**
* Local SSRC is given instead of computed by the queue. * Local SSRC is given instead of computed by the queue.
*/ */
ZrtpQueue(uint32 ssrc, uint32 size = ZrtpQueue(uint32 ssrc, uint32 size =
RTPDataQueue::defaultMembersHashSize, RTPDataQueue::defaultMembersHashSize,
RTPApplication& app = defaultApplication()); RTPApplication& app = defaultApplication());
virtual ~ZrtpQueue(); virtual ~ZrtpQueue();
private: private:
void init(); void init();
size_t rtpDataPacket(IncomingRTPPkt* packet, int32 rtn, size_t rtpDataPacket(IncomingRTPPkt* packet, int32 rtn,
InetHostAddress network_address, InetHostAddress network_address,
tpport_t transport_port); tpport_t transport_port);
ZRtp *zrtpEngine; ZRtp *zrtpEngine;
skipping to change at line 409 skipping to change at line 719
std::string clientIdString; std::string clientIdString;
bool enableZrtp; bool enableZrtp;
int32 secureParts; int32 secureParts;
CryptoContext* recvCryptoContext; CryptoContext* recvCryptoContext;
CryptoContext* senderCryptoContext; CryptoContext* senderCryptoContext;
int16 senderZrtpSeqNo; int16 senderZrtpSeqNo;
}; ost::Mutex synchLock; // Mutex for ZRTP (used by ZrtpStateClass)
class IncomingZRTPPkt : public IncomingRTPPkt {
public:
/**
* Build a ZRTP packet object from a data buffer.
*
* @param block pointer to the buffer the whole packet is stored in.
* @param len length of the whole packet, expressed in octets.
*
**/
IncomingZRTPPkt(const unsigned char* block, size_t len); };
~IncomingZRTPPkt() class IncomingZRTPPkt : public IncomingRTPPkt {
{ }
inline uint32 public:
getZrtpMagic() const /**
{ return ntohl(getHeader()->timestamp); } * Build a ZRTP packet object from a data buffer.
}; *
* @param block pointer to the buffer the whole packet is stored in
.
* @param len length of the whole packet, expressed in octets.
*
**/
IncomingZRTPPkt(const unsigned char* block, size_t len);
~IncomingZRTPPkt()
{ }
inline uint32
getZrtpMagic() const
{ return ntohl(getHeader()->timestamp); }
};
class OutgoingZRTPPkt : public OutgoingRTPPkt { class OutgoingZRTPPkt : public OutgoingRTPPkt {
public: public:
/** /**
* Construct a new ZRTP packet to be sent. * Construct a new ZRTP packet to be sent.
* *
* A new copy in memory (holding all this components * A new copy in memory (holding all this components
* along with the fixed header) is created. * along with the fixed header) is created.
* *
* @param hdrext whole header extension. * @param hdrext whole header extension.
* @param hdrextlen size of whole header extension, in octets. * @param hdrextlen size of whole header extension, in octets.
**/ **/
OutgoingZRTPPkt(const unsigned char* const hdrext, uint32 hdrextlen); OutgoingZRTPPkt(const unsigned char* const hdrext, uint32 hdrextlen
~OutgoingZRTPPkt() );
{ } ~OutgoingZRTPPkt()
}; { }
};
#ifdef CCXX_NAMESPACES #ifdef CCXX_NAMESPACES
}; }
#endif #endif
#endif #endif
/** EMACS **
* Local variables:
* mode: c++
* c-default-style: ellemtel
* c-basic-offset: 4
* End:
*/
 End of changes. 43 change blocks. 
366 lines changed or deleted 722 lines changed or added


 ZrtpUserCallback.h   ZrtpUserCallback.h 
/* /*
Copyright (C) 2006-2007 Werner Dittmann Copyright (C) 2006-2008 Werner Dittmann
This program is free software: you can redistribute it and/or modify This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or the Free Software Foundation, either version 3 of the License, or
(at your option) any later version. (at your option) any later version.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
skipping to change at line 25 skipping to change at line 25
along with this program. If not, see <http://www.gnu.org/licenses/>. along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#ifndef _ZRTPUSERCALLBACK_H_ #ifndef _ZRTPUSERCALLBACK_H_
#define _ZRTPUSERCALLBACK_H_ #define _ZRTPUSERCALLBACK_H_
#include <stdint.h> #include <stdint.h>
#include <string> #include <string>
// For message severity codes // For message severity codes
#include <libzrtpcpp/ZrtpCallback.h> #include <libzrtpcpp/ZrtpCodes.h>
#include <libzrtpcpp/ZrtpQueue.h>
/** /**
* This class defines the user callback functions supported by ZRTP. * Application callback methods.
* *
* This class is a pure abstract class, aka Interface in Java, that specifi * The ccRTP specific part of GNU ZRTP uses these callback methods
es * to report ZRTP events to the application. This class implements a
* the user callback interface for the ZRTP implementation. The ZRTP * default behaviour for each callback method, usually just a return.
* implementation uses these functions to communicate with a user interface *
* environment, for example to inform about security state, display message * An application may extend this class and overload methods
s, * to implement its own behaviour. The application must register its
* and so on. * callback class using ZrtpQueue#setUserCallback().
*
* <b>CAVEAT</b><br/>
* All methods of the user callback class and classes that
* extend this class run in the context of the RTP thread. Thus it is
* of paramount importance to keep the execution time of the methods
* as short as possible.
* *
* <p/> * @author Werner Dittmann <Werner.Dittmann@t-online.de>
*
* This ZRTP interface defines five abstract callback methods to be
* implemented by the user interface environment.
*
* This class also defines standard methods to interact with the ZrtpQueue
* to control ZRTP behaviour.
*
* The destructor does not destroy any objects, it only sets pointers to
* referenced classes to <ode>NULL</code>.
*
* @author: Werner Dittmann <Werner.Dittmann@t-online.de>
*/ */
class ZrtpUserCallback { class ZrtpUserCallback {
public: public:
ZrtpUserCallback(ost::ZrtpQueue* queue) : zrtpQueue(queue) {}
ZrtpUserCallback() {}
virtual ~ZrtpUserCallback() {}; virtual ~ZrtpUserCallback() {};
/** /**
* Inform user interface that security is active now. * Inform user interface that security is active now.
* *
* ZRTP calls this method if the sender and the receiver are * ZRTP calls this method if the sender and the receiver are
* in secure mode now. * in secure mode now.
* *
* @param cipher * @param cipher
* Name and mode of cipher used to encrypt the SRTP stream * Name and mode of cipher used to encrypt the SRTP stream
*/ */
virtual void secureOn(std::string cipher) =0; virtual void secureOn(std::string cipher) {
return;
}
/** /**
* Inform user interface that security is not active any more. * Inform user interface that security is not active any more.
* *
* ZRTP calls this method if either the sender or the receiver * ZRTP calls this method if either the sender or the receiver
* left secure mode. * left secure mode.
* *
*/ */
virtual void secureOff() =0; virtual void secureOff() {
return;
}
/** /**
* Show the Short Authentication String (SAS) on user interface. * Show the Short Authentication String (SAS) on user interface.
* *
* ZRTP calls this method to display the SAS. After the SAS was * ZRTP calls this method to display the SAS and inform about the S
* displayed the user interface code shall enable a SAS verfication AS
* verification status. The user interface shall enable a SAS verfi
cation
* button (or similar UI element). The user shall click on this UI * button (or similar UI element). The user shall click on this UI
* element after he/she confirmed the SAS code with the partner. * element after he/she confirmed the SAS code with the partner.
* *
* @param sas * @param sas
* The string containing the SAS. * The string containing the SAS.
* @param verified
* If <code>verified</code> is true then SAS was verified by bot
h
* parties during a previous call, otherwise it is set to false.
*/ */
virtual void showSAS(std::string sas) =0; virtual void showSAS(std::string sas, bool verified) {
return;
}
/** /**
* Inform the user that ZRTP received "go clear" message from its p eer. * Inform the user that ZRTP received "go clear" message from its p eer.
* *
* On receipt of a go clear message the user is requested to confir m * On receipt of a go clear message the user is requested to confir m
* a switch to unsecure (clear) modus. Until the user confirms ZRTP * a switch to unsecure (clear) modus. Until the user confirms ZRTP
* (and the underlying RTP) does not send any data. * (and the underlying RTP) does not send any data.
*/ */
virtual void confirmGoClear() =0; virtual void confirmGoClear() {
return;
}
/** /**
* Show some information to user. * Show some information to user.
* *
* ZRTP calls this method to display some information to the user. * ZRTP calls this method to display some information to the user.
* Along with the message ZRTP provides a severity indicator that * Along with the message ZRTP provides a severity indicator that
* defines: Info, Warning, Error, and Alert. Refer to the <code> * defines: Info, Warning, Error, and Alert. Refer to the <code>
* MessageSeverity</code> enum in <code>ZrtpCallback.h</code>. The * MessageSeverity</code> enum in <code>ZrtpCodes.h</code>. The
* UI may use this indicator to highlight messages or alike. * UI may use this indicator to highlight messages or alike.
* *
* @param sev * @param sev
* Severity of the message. * Severity of the message.
* @param message * @param subCode
* The string containing the SAS. * The subcode identifying the reason.
*/ */
virtual void showMessage(MessageSeverity sev, std::string message) virtual void showMessage(GnuZrtpCodes::MessageSeverity sev, int32_t
=0; subCode) {
return;
}
/** /**
* ZRTPQueue calls this if the negotiation failed. * ZRTPQueue calls this if the negotiation failed.
* *
* ZRTPQueue calls this method in case ZRTP negotiation failed. The * ZRTPQueue calls this method in case ZRTP negotiation failed. The
* parameters show the severity as well as some explanatory text. * parameters show the severity as well as some explanatory text.
* Refer to the <code>MessageSeverity</code> enum above. * Refer to the <code>MessageSeverity</code> enum above.
* *
* @param severity * @param severity
* This defines the message's severity * This defines the message's severity
* @param msg * @param subCode
* The message string, terminated with a null byte. * The subcode identifying the reason.
*/ */
virtual void zrtpNegotiationFailed(MessageSeverity severity, std::s virtual void zrtpNegotiationFailed(GnuZrtpCodes::MessageSeverity se
tring message) =0; verity,
int32_t subCode) {
return;
}
/** /**
* ZRTPQueue calls this methof if the other side does not support Z RTP. * ZRTPQueue calls this method if the other side does not support Z RTP.
* *
* If the other side does not answer the ZRTP <em>Hello</em> packet s then * If the other side does not answer the ZRTP <em>Hello</em> packet s then
* ZRTP calls this method, * ZRTP calls this method.
* *
*/ */
virtual void zrtpNotSuppOther() =0; virtual void zrtpNotSuppOther() {
return;
/** }
* A user interface implementation uses the following methods to
* control ZRTP. The standard methods are just proxies to the
* according ZrtpQueue methods. An inheriting class may override
* this implementation.
*/
/** /**
* Enable overall ZRTP processing. * ZRTPQueue calls this method to inform about a PBX enrollment req uest.
* *
* Call this method to enable ZRTP processing and switch to secure * Please refer to chapter 8.3 ff to get more details about PBX enr
* mode eventually. This can be done before a call or at any time ollment
* during a call. * and SAS relay.
* *
* @param onOff * @param info
* If set to true enable ZRTP, disable otherwise * Give some information to the user about the PBX requesting an
*/ * enrollment.
virtual void enableZrtp(bool onOff) {
zrtpQueue->setEnableZrtp(onOff);
}
/**
* Set SAS as verified.
* *
* Call this method if the user confirmed (verfied) the SAS. ZRTP
* remembers this together with the retained secrets data.
*/ */
virtual void SASVerified() { virtual void zrtpAskEnrollment(std::string info) {
zrtpQueue->SASVerified(); return;
} }
/** /**
* Confirm a go clear request. * ZRTPQueue calls this method to inform about PBX enrollment resul t.
* *
* Call this method if the user confirmed a go clear (secure mode o * Informs the use about the acceptance or denial of an PBX enrollm
ff). ent
*/ * request
virtual void goClearOk() { *
zrtpQueue->goClearOk(); * @param info
} * Give some information to the user about the result of an
* enrollment.
/**
* Request to switch off secure mode.
* *
* Call this method is the user itself wants to switch off secure
* mode (go clear). After sending the "go clear" request to the pee
r
* ZRTP immediatly switch off SRTP processing. Every RTP data is se
nt
* in clear after the go clear request.
*/ */
virtual void requestGoClear() { virtual void zrtpInformEnrollment(std::string info) {
zrtpQueue->requestGoClear(); return;
} }
/** /**
* Set the sigs secret. * ZRTPQueue calls this method to request a SAS signature.
* *
* Use this method to set the sigs secret data. Refer to ZRTP * After ZRTP core was able to compute the Short Authentication Str
* specification, chapter 3.2.1 ing
* (SAS) it calls this method. The client may now use an approriate
* method to sign the SAS. The client may use
* setSignatureData() of ZrtpQueue to store the signature
* data an enable signature transmission to the other peer. Refer
* to chapter 8.2 of ZRTP specification.
*
* @param sas
* The SAS string to sign.
* @see ZrtpQueue#setSignatureData
* *
* @param data
* Points to the sigs secret data. The data must have a length
* of 32 bytes (length of SHA256 hash)
*/ */
virtual void setSigsSecret(uint8* data) { virtual void signSAS(std::string sas) {
zrtpQueue->setSigsSecret(data); return;
} }
/** /**
* Set the srtps secret. * ZRTPQueue calls this method to request a SAS signature check.
* *
* Use this method to set the srtps secret data. Refer to ZRTP * After ZRTP received a SAS signature in one of the Confirm packet
* specification, chapter 3.2.1 s it
* call this method. The client may use <code>getSignatureLength()<
/code>
* and <code>getSignatureData()</code>of ZrtpQueue to get the signa
ture
* data and perform the signature check. Refer to chapter 8.2 of ZR
TP
* specification.
* *
* @param data * If the signature check fails the client may return false to ZRTP
* Points to the srtps secret data. The data must have a length . In
* of 32 bytes (length of SHA256 hash) * this case ZRTP signals an error to the other peer and terminates
*/ * the ZRTP handshake.
virtual void setSrtpsSecret(uint8* data) {
zrtpQueue->setSrtpsSecret(data);
}
/**
* Set the other secret.
* *
* Use this method to set the other secret data. Refer to ZRTP * @param sas
* specification, chapter 3.2.1 * The SAS string that was signed by the other peer.
* @return
* true if the signature was ok, false otherwise.
* *
* @param data
* Points to the other secret data.
* @param length
* The length in bytes of the data.
*/ */
virtual void setOtherSecret(uint8* data, int32 length) { virtual bool checkSASSignature(std::string sas) {
zrtpQueue->setOtherSecret(data, length); return true;
} }
private:
ost::ZrtpQueue* zrtpQueue;
}; };
#endif #endif
 End of changes. 40 change blocks. 
118 lines changed or deleted 111 lines changed or added


 zrtpccrtp.h   zrtpccrtp.h 
skipping to change at line 45 skipping to change at line 45
* inherits from AVPQueue and adds support for ZRTP thus enabling * inherits from AVPQueue and adds support for ZRTP thus enabling
* ad-hoc key negotiation to setup SRTP sessions. * ad-hoc key negotiation to setup SRTP sessions.
* *
* @short Symmetric UDP/IPv4 RTP session scheduled by one thread of executi on. * @short Symmetric UDP/IPv4 RTP session scheduled by one thread of executi on.
**/ **/
typedef SingleThreadRTPSession<SymmetricRTPChannel, typedef SingleThreadRTPSession<SymmetricRTPChannel,
SymmetricRTPChannel, SymmetricRTPChannel,
ZrtpQueue> SymmetricZRTPSession; ZrtpQueue> SymmetricZRTPSession;
#ifdef CCXX_IPV6
/** /**
* @typedef SymmetricRTPSession * @typedef SymmetricZRTPSession
* *
* Uses one pair of sockets, (1) for RTP data and (2) for RTCP * Uses one pair of sockets, (1) for RTP data and (2) for RTCP
* transmission/reception. * transmission/reception.
* *
* This session uses the ZrtpQueue instead of the AVPQueue. The ZrtpQueue
* inherits from AVPQueue and adds support for ZRTP thus enabling
* ad-hoc key negotiation to setup SRTP sessions.
*
* @short Symmetric UDP/IPv6 RTP session scheduled by one thread of executi on. * @short Symmetric UDP/IPv6 RTP session scheduled by one thread of executi on.
**/ **/
typedef SingleThreadRTPSessionIPV6<SymmetricRTPChannelIPV6, typedef SingleThreadRTPSessionIPV6<SymmetricRTPChannelIPV6,
SymmetricRTPChannelIPV6, SymmetricRTPChannelIPV6,
ZrtpQueue> SymmetricZRTPSessionIPV6; ZrtpQueue> SymmetricZRTPSessionIPV6;
#endif // CCXX_IPV6
#ifdef CCXX_NAMESPACES #ifdef CCXX_NAMESPACES
} }
#endif #endif
#endif // _ZRTPCCRTP_H_ #endif // _ZRTPCCRTP_H_
/** EMACS ** /** EMACS **
* Local variables: * Local variables:
* mode: c++ * mode: c++
* c-default-style: ellemtel * c-default-style: ellemtel
 End of changes. 4 change blocks. 
1 lines changed or deleted 8 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/