ZrtpCWrapper.h   ZrtpCWrapper.h 
skipping to change at line 187 skipping to change at line 187
zrtp_DHErrorWrongPV = 0x61, /*!< DH Error: bad pvi or pvr ( == 1, 0, or p-1) */ zrtp_DHErrorWrongPV = 0x61, /*!< DH Error: bad pvi or pvr ( == 1, 0, or p-1) */
zrtp_DHErrorWrongHVI = 0x62, /*!< DH Error: hvi != hashed data */ zrtp_DHErrorWrongHVI = 0x62, /*!< DH Error: hvi != hashed data */
zrtp_SASuntrustedMiTM = 0x63, /*!< Received relayed SAS from untrus ted MiTM */ zrtp_SASuntrustedMiTM = 0x63, /*!< Received relayed SAS from untrus ted MiTM */
zrtp_ConfirmHMACWrong = 0x70, /*!< Auth. Error: Bad Confirm pkt HMA C */ zrtp_ConfirmHMACWrong = 0x70, /*!< Auth. Error: Bad Confirm pkt HMA C */
zrtp_NonceReused = 0x80, /*!< Nonce reuse */ zrtp_NonceReused = 0x80, /*!< Nonce reuse */
zrtp_EqualZIDHello = 0x90, /*!< Equal ZIDs in Hello */ zrtp_EqualZIDHello = 0x90, /*!< Equal ZIDs in Hello */
zrtp_GoCleatNotAllowed = 0x100, /*!< GoClear packet received, but not allowed */ zrtp_GoCleatNotAllowed = 0x100, /*!< GoClear packet received, but not allowed */
zrtp_IgnorePacket = 0x7fffffff /*!< Internal state, not reported * / zrtp_IgnorePacket = 0x7fffffff /*!< Internal state, not reported * /
}; };
/**
* Information codes for the Enrollment user callbacks.
*/
enum zrtp_InfoEnrollment {
zrtp_EnrollmentRequest, //!< Aks user to confirm or deny a
n Enrollemnt request
zrtp_EnrollmentCanceled, //!< User did not confirm the PBX
enrollement
zrtp_EnrollmentFailed, //!< Enrollment process failed, no
PBX secret available
zrtp_EnrollmentOk //!< Enrollment process for this P
BX was ok
};
/* The ZRTP protocol states */ /* The ZRTP protocol states */
enum zrtpStates { enum zrtpStates {
Initial, /*!< Initial state after starting the state engine */ Initial, /*!< Initial state after starting the state engine */
Detect, /*!< State sending Hello, try to detect answer mess age */ Detect, /*!< State sending Hello, try to detect answer mess age */
AckDetected, /*!< HelloAck received */ AckDetected, /*!< HelloAck received */
AckSent, /*!< HelloAck sent after Hello received */ AckSent, /*!< HelloAck sent after Hello received */
WaitCommit, /*!< Wait for a Commit message */ WaitCommit, /*!< Wait for a Commit message */
CommitSent, /*!< Commit message sent */ CommitSent, /*!< Commit message sent */
WaitDHPart2, /*!< Wait for a DHPart2 message */ WaitDHPart2, /*!< Wait for a DHPart2 message */
WaitConfirm1, /*!< Wait for a Confirm1 message */ WaitConfirm1, /*!< Wait for a Confirm1 message */
skipping to change at line 245 skipping to change at line 255
int32_t role; /*!< ZRTP role of this client */ int32_t role; /*!< ZRTP role of this client */
} C_SrtpSecret_t; } C_SrtpSecret_t;
/* /*
* Keep the following defines in sync with enum EnableSecurity in ZrtpCallb ack.h * Keep the following defines in sync with enum EnableSecurity in ZrtpCallb ack.h
*/ */
#define ForReceiver 1 /*!< Enable security for SRTP receiver */ #define ForReceiver 1 /*!< Enable security for SRTP receiver */
#define ForSender 2 /*!< Enable security for SRTP sender */ #define ForSender 2 /*!< Enable security for SRTP sender */
#ifdef __cplusplus #ifdef __cplusplus
#pragma GCC visibility push(default)
extern "C" extern "C"
{ {
#endif #endif
typedef struct ZRtp ZRtp; typedef struct ZRtp ZRtp;
typedef struct ZrtpCallbackWrapper ZrtpCallbackWrapper; typedef struct ZrtpCallbackWrapper ZrtpCallbackWrapper;
typedef struct ZrtpConfigure ZrtpConfigure; typedef struct ZrtpConfigure ZrtpConfigure;
typedef struct zrtpContext typedef struct zrtpContext
{ {
skipping to change at line 288 skipping to change at line 299
* method has "zrtp_" prepended to the C++ name. * method has "zrtp_" prepended to the C++ name.
* *
* @see ZrtpCallback * @see ZrtpCallback
*/ */
typedef struct zrtp_Callbacks typedef struct zrtp_Callbacks
{ {
/** /**
* Send a ZRTP packet via RTP. * Send a ZRTP packet via RTP.
* *
* ZRTP calls this method to send a ZRTP packet via the RTP session. * ZRTP calls this method to send a ZRTP packet via the RTP session.
* The ZRTP packet will have to be created using the provided ZRTP m essage.
* *
* @param ctx * @param ctx
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param data * @param data
* Points to ZRTP packet to send. * Points to ZRTP message to send.
* @param length * @param length
* The length in bytes of the data * The length in bytes of the data
* @return * @return
* zero if sending failed, one if packet was send * zero if sending failed, one if packet was sent
*/ */
int32_t (*zrtp_sendDataZRTP) (ZrtpContext* ctx, const uint8_t* data , int32_t length ) ; int32_t (*zrtp_sendDataZRTP) (ZrtpContext* ctx, const uint8_t* data , int32_t length ) ;
/** /**
* Activate timer. * Activate timer.
* *
* @param ctx * @param ctx
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param time * @param time
* The time in ms for the timer * The time in ms for the timer
skipping to change at line 352 skipping to change at line 364
* *
* The ZRTP implementation calls this method right after all SRTP * The ZRTP implementation calls this method right after all SRTP
* secrets are computed and ready to be used. The parameter points * secrets are computed and ready to be used. The parameter points
* to a structure that contains pointers to the SRTP secrets and a * to a structure that contains pointers to the SRTP secrets and a
* <code>enum Role</code>. The called method (the implementation * <code>enum Role</code>. The called method (the implementation
* of this abstract method) must either copy the pointers to the SR TP * of this abstract method) must either copy the pointers to the SR TP
* data or the SRTP data itself to a save place. The SrtpSecret_t * data or the SRTP data itself to a save place. The SrtpSecret_t
* structure is destroyed after the callback method returns to the * structure is destroyed after the callback method returns to the
* ZRTP implementation. * ZRTP implementation.
* *
* The SRTP data themselfs are ontained in the ZRtp object and are * The SRTP data themselves are obtained in the ZRtp object and are
* valid as long as the ZRtp object is active. TheZRtp's * valid as long as the ZRtp object is active. TheZRtp's
* destructor clears the secrets. Thus the called method needs to * destructor clears the secrets. Thus the called method needs to
* save the pointers only, ZRtp takes care of the data. * save the pointers only, ZRtp takes care of the data.
* *
* The implementing class may enable SRTP processing in this * The implementing class may enable SRTP processing in this
* method or delay it to srtpSecertsOn(). * method or delay it to srtpSecertsOn().
* *
* @param ctx * @param ctx
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param secrets A pointer to a SrtpSecret_t structure that * @param secrets A pointer to a SrtpSecret_t structure that
skipping to change at line 449 skipping to change at line 461
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* If the other side does not answer the ZRTP <em>Hello</em> packet s then * If the other side does not answer the ZRTP <em>Hello</em> packet s then
* ZRTP calls this method, * ZRTP calls this method,
* *
*/ */
void (*zrtp_zrtpNotSuppOther)(ZrtpContext* ctx) ; void (*zrtp_zrtpNotSuppOther)(ZrtpContext* ctx) ;
/** /**
* Enter synchronization mutex. * Enter synchronization mutex.
* *
* GNU ZRTP requires one mutes to synchronize its * GNU ZRTP requires one mutex to synchronize its
* processing. Because mutex implementations depend on the * processing. Because mutex implementations depend on the
* underlying infrastructure, for example operating system or * underlying infrastructure, for example operating system or
* thread implementation, GNU ZRTP delegates mutex handling to the * thread implementation, GNU ZRTP delegates mutex handling to the
* spcific part of its implementation. * specific part of its implementation.
* *
* @param ctx * @param ctx
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
*/ */
void (*zrtp_synchEnter)(ZrtpContext* ctx) ; void (*zrtp_synchEnter)(ZrtpContext* ctx) ;
/** /**
* Leave synchronization mutex. * Leave synchronization mutex.
* *
* @param ctx * @param ctx
skipping to change at line 482 skipping to change at line 494
* enrollment and SAS relay. * enrollment and SAS relay.
* *
* <b>Note:</b> PBX enrollement is not yet fully supported by GNU * <b>Note:</b> PBX enrollement is not yet fully supported by GNU
* ZRTP. * ZRTP.
* *
* @param ctx * @param ctx
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param info Give some information to the user about the PBX * @param info Give some information to the user about the PBX
* requesting an enrollment. * requesting an enrollment.
*/ */
void (*zrtp_zrtpAskEnrollment) (ZrtpContext* ctx, char* info ) ; void (*zrtp_zrtpAskEnrollment) (ZrtpContext* ctx, int32_t info) ;
/** /**
* Inform about PBX enrollment result. * Inform about PBX enrollment result.
* *
* Informs the use about the acceptance or denial of an PBX enrollm ent * Informs the use about the acceptance or denial of an PBX enrollm ent
* request * request
* *
* <b>Note:</b> PBX enrollement is not yet fully supported by GNU * <b>Note:</b> PBX enrollement is not yet fully supported by GNU
* ZRTP. * ZRTP.
* *
* @param ctx * @param ctx
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param info Give some information to the user about the result * @param info Give some information to the user about the result
* of an enrollment. * of an enrollment.
*/ */
void (*zrtp_zrtpInformEnrollment) (ZrtpContext* ctx, char* info ) ; void (*zrtp_zrtpInformEnrollment) (ZrtpContext* ctx, int32_t info ) ;
/** /**
* Request a SAS signature. * Request a SAS signature.
* *
* After ZRTP was able to compute the Short Authentication String * After ZRTP was able to compute the Short Authentication String
* (SAS) it calls this method. The client may now use an * (SAS) it calls this method. The client may now use an
* approriate method to sign the SAS. The client may use * approriate method to sign the SAS. The client may use
* ZrtpQueue#setSignatureData() to store the signature data an * ZrtpQueue#setSignatureData() to store the signature data and
* enable signature transmission to the other peer. Refer to * enable signature transmission to the other peer. Refer to
* chapter 8.2 of ZRTP specification. * chapter 8.2 of ZRTP specification.
* *
* <b>Note:</b> SAS signing is not yet fully supported by GNU * <b>Note:</b> SAS signing is not yet fully supported by GNU
* ZRTP. * ZRTP.
* *
* @param ctx * @param ctx
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param sas * @param sas
* The SAS string to sign. * Pointer to the 32 byte SAS hash to sign.
* *
*/ */
void (*zrtp_signSAS)(ZrtpContext* ctx, char* sas) ; void (*zrtp_signSAS)(ZrtpContext* ctx, uint8_t* sas) ;
/** /**
* ZRTPQueue calls this method to request a SAS signature check. * ZRTPQueue calls this method to request a SAS signature check.
* *
* After ZRTP received a SAS signature in one of the Confirm packet s it * After ZRTP received a SAS signature in one of the Confirm packet s it
* call this method. The client may use <code>getSignatureLength()< /code> * call this method. The client may use <code>getSignatureLength()< /code>
* and <code>getSignatureData()</code>of ZrtpQueue to get the signa ture * and <code>getSignatureData()</code>of ZrtpQueue to get the signa ture
* data and perform the signature check. Refer to chapter 8.2 of ZR TP * data and perform the signature check. Refer to chapter 8.2 of ZR TP
* specification. * specification.
* *
* If the signature check fails the client may return false to ZRTP . In * If the signature check fails the client may return false to ZRTP . In
* this case ZRTP signals an error to the other peer and terminates * this case ZRTP signals an error to the other peer and terminates
* the ZRTP handshake. * the ZRTP handshake.
* *
* <b>Note:</b> SAS signing is not yet fully supported by GNU * <b>Note:</b> SAS signing is not yet fully supported by GNU
* ZRTP. * ZRTP.
* *
* @param ctx * @param ctx
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param sas * @param sas
* The SAS string that was signed by the other peer. * Pointer to the 32 byte SAS hash that was signed by the other peer.
* @return * @return
* true if the signature was ok, false otherwise. * true if the signature was ok, false otherwise.
* *
*/ */
int32_t (*zrtp_checkSASSignature) (ZrtpContext* ctx, char* sas ) ; int32_t (*zrtp_checkSASSignature) (ZrtpContext* ctx, uint8_t* sas ) ;
} zrtp_Callbacks; } zrtp_Callbacks;
/** /**
* Create the GNU ZRTP C wrapper. * Create the GNU ZRTP C wrapper.
* *
* This wrapper implements the C interface to the C++ based GNU ZRTP. * This wrapper implements the C interface to the C++ based GNU ZRTP.
* @returns * @returns
* Pointer to the ZrtpContext * Pointer to the ZrtpContext
*/ */
ZrtpContext* zrtp_CreateWrapper(); ZrtpContext* zrtp_CreateWrapper();
/** /**
* Initialize the ZRTP protocol engine. * Initialize the ZRTP protocol engine.
* *
* This method initialized the GNU ZRTP protocol engine. An application * This method initialized the GNU ZRTP protocol engine. An application
* call this method to actually create the ZRTP protocol engine and * calls this method to actually create the ZRTP protocol engine and
* initialize its configuration data. This method does not start the * initialize its configuration data. This method does not start the
* protocol engine. * protocol engine.
* *
* If an application requires a specific algorithm configuration then i t * If an application requires a specific algorithm configuration then i t
* must set the algorithm configuration data before it initializes the * must set the algorithm configuration data before it initializes the
* ZRTP protocol engine. * ZRTP protocol engine.
* *
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param cb * @param cb
skipping to change at line 583 skipping to change at line 595
* methods. * methods.
* @param id * @param id
* A C string that holds the ZRTP client id, only the first 16 char s * A C string that holds the ZRTP client id, only the first 16 char s
* are used. * are used.
* @param zidFilename * @param zidFilename
* The name of the ZID file. This file holds some parameters and * The name of the ZID file. This file holds some parameters and
* other data like additional shared secrets. * other data like additional shared secrets.
* @param userData * @param userData
* A pointer to user data. The wrapper just stores this pointer in * A pointer to user data. The wrapper just stores this pointer in
* the ZrtpContext and the application may use it for its purposes. * the ZrtpContext and the application may use it for its purposes.
* @param mitmMode
* A trusted Mitm (PBX) must set this to true. The ZRTP engine sets
* the M Flag in the Hello packet to announce a trusted MitM.
* @returns * @returns
* Pointer to the ZrtpContext * Pointer to the ZrtpContext
* *
* @see zrtp_InitializeConfig * @see zrtp_InitializeConfig
*/ */
void zrtp_initializeZrtpEngine(ZrtpContext* zrtpContext, void zrtp_initializeZrtpEngine(ZrtpContext* zrtpContext,
zrtp_Callbacks *cb, zrtp_Callbacks *cb,
char* id, const char* id,
const char* zidFilename, const char* zidFilename,
void* userData); void* userData,
int32_t mitmMode);
/** /**
* Destroy the ZRTP wrapper and its underlying objects. * Destroy the ZRTP wrapper and its underlying objects.
*/ */
void zrtp_DestroyWrapper (ZrtpContext* zrtpContext); void zrtp_DestroyWrapper (ZrtpContext* zrtpContext);
/** /**
* Computes the ZRTP checksum over a received ZRTP packet buffer and * Computes the ZRTP checksum over a received ZRTP packet buffer and
* compares the result with received checksum. * compares the result with received checksum.
* *
skipping to change at line 615 skipping to change at line 631
* @param length * @param length
* Length of the packet buffer excluding received CRC data * Length of the packet buffer excluding received CRC data
* @param crc * @param crc
* The received CRC data. * The received CRC data.
* @returns * @returns
* True if CRC matches, false otherwise. * True if CRC matches, false otherwise.
*/ */
int32_t zrtp_CheckCksum(uint8_t* buffer, uint16_t length, uint32_t crc) ; int32_t zrtp_CheckCksum(uint8_t* buffer, uint16_t length, uint32_t crc) ;
/** /**
* Computes the ZRTP checksum over a newly created ZRTP packet buffer. * Computes the ZRTP checksum over a newly created ZRTP packet buffer.
* *
* @param buffer * @param buffer
* Pointer to the created ZRTP packet buffer * Pointer to the created ZRTP packet buffer
* @param length * @param length
* Length of the packet buffer * Length of the packet buffer
* @returns * @returns
* The computed CRC. * The computed CRC.
*/ */
uint32_t zrtp_GenerateCksum(uint8_t* buffer, uint16_t length); uint32_t zrtp_GenerateCksum(uint8_t* buffer, uint16_t length);
skipping to change at line 653 skipping to change at line 669
* appropriate method provided by the RTP implementation. </b> * appropriate method provided by the RTP implementation. </b>
* *
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
*/ */
void zrtp_startZrtpEngine(ZrtpContext* zrtpContext); void zrtp_startZrtpEngine(ZrtpContext* zrtpContext);
/** /**
* Stop ZRTP security. * Stop ZRTP security.
* *
* <b>NOTE: application shall never call this method directly but use t he * <b>NOTE: An application shall never call this method directly but us e the
* appropriate method provided by the RTP implementation. </b> * appropriate method provided by the RTP implementation. </b>
* *
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
*/ */
void zrtp_stopZrtpEngine(ZrtpContext* zrtpContext); void zrtp_stopZrtpEngine(ZrtpContext* zrtpContext);
/** /**
* Process RTP extension header. * Process RTP extension header.
* *
* This method expects to get a pointer to the message part of * This method expects to get a pointer to the message part of
* a ZRTP packet. * a ZRTP packet.
* *
* <b>NOTE: application shall never call this method directly. Only * <b>NOTE: An application shall never call this method directly. Only
* the module that implements the RTP binding shall use this method</b> * the module that implements the RTP binding shall use this method</b>
* *
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param extHeader * @param extHeader
* A pointer to the first byte of the ZRTP message part. * A pointer to the first byte of the ZRTP message part.
* @param peerSSRC * @param peerSSRC
* The peer's SSRC. * The peer's SSRC.
* @return * @return
* Code indicating further packet handling, see description above. * Code indicating further packet handling, see description above.
skipping to change at line 728 skipping to change at line 744
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param data * @param data
* Points to the secret data. * Points to the secret data.
* @param length * @param length
* Length of the auxilliary secrect in bytes * Length of the auxilliary secrect in bytes
*/ */
void zrtp_setAuxSecret(ZrtpContext* zrtpContext, uint8_t* data, int32_t length); void zrtp_setAuxSecret(ZrtpContext* zrtpContext, uint8_t* data, int32_t length);
/** /**
* Set the PBX secret.
*
* Use this method to set the PBX secret data. Refer to ZRTP
* specification, chapter 4.3 ff and 7.3
*
* @param zrtpContext
* Pointer to the opaque ZrtpContext structure.
* @param data
* Points to the other PBX data.
* @param length
* The length in bytes of the data.
*/
void zrtp_setPbxSecret(ZrtpContext* zrtpContext, uint8_t* data, int32_t
length);
/**
* Check current state of the ZRTP state engine * Check current state of the ZRTP state engine
* *
* <b>NOTE: application usually don't call this method. Only * <b>NOTE: application usually don't call this method. Only
* the module that implements the RTP binding shall use this method</b> * the m-odule that implements the RTP binding shall use this method</b >
* *
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param state * @param state
* The state to check. * The state to check.
* @return * @return
* Returns true id ZRTP engine is in the given state, false otherwis e. * Returns true if ZRTP engine is in the given state, false otherwis e.
*/ */
int32_t zrtp_inState(ZrtpContext* zrtpContext, int32_t state); int32_t zrtp_inState(ZrtpContext* zrtpContext, int32_t state);
/** /**
* Set SAS as verified. * Set SAS as verified.
* *
* Call this method if the user confirmed (verfied) the SAS. ZRTP * Call this method if the user confirmed (verfied) the SAS. ZRTP
* remembers this together with the retained secrets data. * remembers this together with the retained secrets data.
* *
* @param zrtpContext * @param zrtpContext
skipping to change at line 798 skipping to change at line 799
* @return * @return
* a pointer to a C-string that contains the Hello hash value as * a pointer to a C-string that contains the Hello hash value as
* hex-digits. The hello hash is available immediately after * hex-digits. The hello hash is available immediately after
* @c zrtp_CreateWrapper . * @c zrtp_CreateWrapper .
* The caller must @c free() if it does not use the * The caller must @c free() if it does not use the
* hello hash C-string anymore. * hello hash C-string anymore.
*/ */
char* zrtp_getHelloHash(ZrtpContext* zrtpContext); char* zrtp_getHelloHash(ZrtpContext* zrtpContext);
/** /**
* Get the peer's ZRTP Hello Hash data.
*
* Use this method to get the peer's ZRTP Hello Hash data. The method
* returns the data as a string containing the ZRTP protocol version an
d
* hex-digits.
*
* The peer's hello hash is available only after ZRTP received a hello.
If
* no data is available the function returns an empty string.
*
* Refer to ZRTP specification, chapter 8.
*
* @return
* a std:string containing the Hello version and the hello hash as h
ex digits.
*/
char* zrtp_getPeerHelloHash(ZrtpContext* zrtpContext);
/**
* Get Multi-stream parameters. * Get Multi-stream parameters.
* *
* Use this method to get the Multi-stream parameters that were compute d * Use this method to get the Multi-stream parameters that were compute d
* during the ZRTP handshake. An application may use these parameters t o * during the ZRTP handshake. An application may use these parameters t o
* enable multi-stream processing for an associated SRTP session. * enable multi-stream processing for an associated SRTP session.
* *
* The application must not modify the contents of returned char array, it * The application must not modify the contents of returned char array, it
* is opaque data. The application may hand over this string to a new Z RTP * is opaque data. The application may hand over this string to a new Z RTP
* instance to enable multi-stream processing for this new session. * instance to enable multi-stream processing for this new session.
* *
skipping to change at line 838 skipping to change at line 856
* *
* Refer to chapter 4.4.2 in the ZRTP specification for further details * Refer to chapter 4.4.2 in the ZRTP specification for further details
* of multi-stream mode. * of multi-stream mode.
* *
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param length * @param length
* The integer that contains the length of the char array * The integer that contains the length of the char array
* @param parameters * @param parameters
* A char array that contains the multi-stream parameters that this * A char array that contains the multi-stream parameters that this
* new ZRTP instanace shall use. See also * new ZRTP instance shall use. See also
* <code>getMultiStrParams()</code> * <code>getMultiStrParams()</code>
*/ */
void zrtp_setMultiStrParams(ZrtpContext* zrtpContext, char* parameters, int32_t length); void zrtp_setMultiStrParams(ZrtpContext* zrtpContext, char* parameters, int32_t length);
/** /**
* Check if this ZRTP session is a Multi-stream session. * Check if this ZRTP session is a Multi-stream session.
* *
* Use this method to check if this ZRTP instance uses multi-stream. * Use this method to check if this ZRTP instance uses multi-stream.
* Refer to chapters 4.2 and 4.4.2 in the ZRTP. * Refer to chapters 4.2 and 4.4.2 in the ZRTP.
* *
skipping to change at line 886 skipping to change at line 904
* set the parameter to false. * set the parameter to false.
* *
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param accepted * @param accepted
* True if the enrollment request is accepted, false otherwise. * True if the enrollment request is accepted, false otherwise.
*/ */
void zrtp_acceptEnrollment(ZrtpContext* zrtpContext, int32_t accepted); void zrtp_acceptEnrollment(ZrtpContext* zrtpContext, int32_t accepted);
/** /**
* Enable PBX enrollment * Check the state of the enrollment mode.
* *
* The application calls this method to allow or disallow PBX enrollmen * If true then we will set the enrollment flag (E) in the confirm
t. * packets and performs the enrollment actions. A MitM (PBX) enrollment
* If the applications allows PBX enrollment then the ZRTP implementati service
on * started this ZRTP session. Can be set to true only if mitmMode is al
* honors the PBX enrollment flag in Confirm packets. Refer to chapter so true.
7.3
* for further details of PBX enrollment.
* *
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param yesNo * @return status of the enrollmentMode flag.
* If set to true then ZRTP honors the PBX enrollment flag in Commit */
* packets and calls the appropriate user callback methods. If int32_t zrtp_isEnrollmentMode(ZrtpContext* zrtpContext);
* the parameter is set to false ZRTP ignores the PBX enrollment fla
gs. /**
* Check the state of the enrollment mode.
*
* If true then we will set the enrollment flag (E) in the confirm
* packets and perform the enrollment actions. A MitM (PBX) enrollment
* service must sets this mode to true.
*
* Can be set to true only if mitmMode is also true.
*
* @param zrtpContext
* Pointer to the opaque ZrtpContext structure.
* @param enrollmentMode defines the new state of the enrollmentMode fl
ag
*/
void zrtp_setEnrollmentMode(ZrtpContext* zrtpContext, int32_t enrollmen
tMode);
/**
* Check if a peer's cache entry has a vaild MitM key.
*
* If true then the other peer ha a valid MtiM key, i.e. the peer has p
erformed
* the enrollment procedure. A PBX ZRTP Back-2-Back application can use
this function
* to check which of the peers is enrolled.
*
* @return True if the other peer has a valid Mitm key (is enrolled).
*/
int32_t isPeerEnrolled(ZrtpContext* zrtpContext);
/**
* Send the SAS relay packet.
*
* The method creates and sends a SAS relay packet according to the ZRT
P
* specifications. Usually only a MitM capable user agent (PBX) uses th
is
* function.
*
* @param zrtpContext
* Pointer to the opaque ZrtpContext structure.
* @param sh the full SAS hash value
* @param render the SAS rendering algorithm
*/
int32_t zrtp_sendSASRelayPacket(ZrtpContext* zrtpContext, uint8_t* sh,
char* render);
/**
* Get the commited SAS rendering algorithm for this ZRTP session.
*
* @param zrtpContext
* Pointer to the opaque ZrtpContext structure.
* @return the commited SAS rendering algorithm
*/ */
void zrtp_setPBXEnrollment(ZrtpContext* zrtpContext, int32_t yesNo); const char* zrtp_getSasType(ZrtpContext* zrtpContext);
/**
* Get the computed SAS hash for this ZRTP session.
*
* A PBX ZRTP back-to-Back function uses this function to get the SAS
* hash of an enrolled client to construct the SAS relay packet for
* the other client.
*
* @param zrtpContext
* Pointer to the opaque ZrtpContext structure.
* @return a pointer to the byte array that contains the full
* SAS hash.
*/
uint8_t* zrtp_getSasHash(ZrtpContext* zrtpContext);
/** /**
* Set signature data * Set signature data
* *
* This functions stores signature data and transmitts it during ZRTP * This functions stores signature data and transmitts it during ZRTP
* processing to the other party as part of the Confirm packets. Refer to * processing to the other party as part of the Confirm packets. Refer to
* chapters 5.7 and 7.2. * chapters 5.7 and 7.2.
* *
* The signature data must be set before ZRTP the application calls * The signature data must be set before ZRTP the application calls
* <code>start()</code>. * <code>start()</code>.
skipping to change at line 936 skipping to change at line 1013
* Get signature data * Get signature data
* *
* This functions returns signature data that was receivied during ZRTP * This functions returns signature data that was receivied during ZRTP
* processing. Refer to chapters 5.7 and 7.2. * processing. Refer to chapters 5.7 and 7.2.
* *
* The signature data can be retrieved after ZRTP enters secure state. * The signature data can be retrieved after ZRTP enters secure state.
* <code>start()</code>. * <code>start()</code>.
* *
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param data
* Pointer to a data buffer. This buffer must be large enough to
* hold the signature data. Refer to <code>getSignatureLength()</cod
e>
* to get the length of the received signature data.
* @return * @return
* Number of bytes copied into the data buffer * Number of bytes copied into the data buffer
*/ */
int32_t zrtp_getSignatureData(ZrtpContext* zrtpContext, uint8_t* data); const uint8_t* zrtp_getSignatureData(ZrtpContext* zrtpContext);
/** /**
* Get length of signature data * Get length of signature data
* *
* This functions returns the length of signature data that was receivi ed * This functions returns the length of signature data that was receivi ed
* during ZRTP processing. Refer to chapters 5.7 and 7.2. * during ZRTP processing. Refer to chapters 5.7 and 7.2.
* *
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @return * @return
skipping to change at line 994 skipping to change at line 1067
* *
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @param data * @param data
* Pointer to a data buffer. This buffer must have a size of * Pointer to a data buffer. This buffer must have a size of
* at least 12 bytes (96 bit) (ZRTP Identifier, see chap. 4.9) * at least 12 bytes (96 bit) (ZRTP Identifier, see chap. 4.9)
* @return * @return
* Number of bytes copied into the data buffer - must be equivalent * Number of bytes copied into the data buffer - must be equivalent
* to 12 bytes. * to 12 bytes.
*/ */
int32_t zrtp_getZid(ZrtpContext* zrtpContext, uint8_t* data); int32_t zrtp_getPeerZid(ZrtpContext* zrtpContext, uint8_t* data);
/** /**
* This enumerations list all configurable algorithm types. * This enumerations list all configurable algorithm types.
*/ */
/* Keep in synch with enumeration in ZrtpConfigure.h */ /* Keep in synch with enumeration in ZrtpConfigure.h */
typedef enum zrtp_AlgoTypes { typedef enum zrtp_AlgoTypes {
zrtp_HashAlgorithm = 1, zrtp_CipherAlgorithm, zrtp_PubKeyAlgorithm, zrtp_SasType, zrtp_AuthLength zrtp_HashAlgorithm = 1, zrtp_CipherAlgorithm, zrtp_PubKeyAlgorithm, zrtp_SasType, zrtp_AuthLength
} Zrtp_AlgoTypes; } Zrtp_AlgoTypes;
skipping to change at line 1258 skipping to change at line 1331
* *
* @param zrtpContext * @param zrtpContext
* Pointer to the opaque ZrtpContext structure. * Pointer to the opaque ZrtpContext structure.
* @return * @return
* Returns true if certificate processing is enabled. * Returns true if certificate processing is enabled.
*/ */
int32_t zrtp_isSasSignature(ZrtpContext* zrtpContext); int32_t zrtp_isSasSignature(ZrtpContext* zrtpContext);
#ifdef __cplusplus #ifdef __cplusplus
} }
#pragma GCC visibility pop
#endif #endif
/** /**
* @} * @}
*/ */
#endif #endif
 End of changes. 35 change blocks. 
58 lines changed or deleted 142 lines changed or added


 ZrtpCallback.h   ZrtpCallback.h 
skipping to change at line 30 skipping to change at line 30
/** /**
* @file ZrtpCallback.h * @file ZrtpCallback.h
* @brief Callback interface between ZRTP and the RTP stack implementation * @brief Callback interface between ZRTP and the RTP stack implementation
* @ingroup GNU_ZRTP * @ingroup GNU_ZRTP
* @{ * @{
*/ */
#include <string> #include <string>
#include <stdint.h> #include <stdint.h>
#include <commoncpp/config.h>
#include <libzrtpcpp/ZrtpCodes.h> #include <libzrtpcpp/ZrtpCodes.h>
#ifndef __EXPORT
#if __GNUC__ >= 4
#define __EXPORT __attribute__ ((visibility("default")))
#define __LOCAL __attribute__ ((visibility("hidden")))
#elif defined _WIN32 || defined __CYGWIN__
#define __EXPORT __declspec(dllimport)
#define __LOCAL
#else
#define __EXPORT
#define __LOCAL
#endif
#endif
/** /**
* This enum defines which role a ZRTP peer has. * This enum defines which role a ZRTP peer has.
* *
* According to the ZRTP specification the role determines which keys to * According to the ZRTP specification the role determines which keys to
* use to encrypt or decrypt SRTP data. * use to encrypt or decrypt SRTP data.
* *
* <ul> * <ul>
* <li> The Initiator encrypts SRTP data using the <em>keyInitiator</em> an d the * <li> The Initiator encrypts SRTP data using the <em>keyInitiator</em> an d the
* <em>saltInitiator</em> data, the Responder uses these data to decry pt. * <em>saltInitiator</em> data, the Responder uses these data to decry pt.
* </li> * </li>
skipping to change at line 284 skipping to change at line 296
* *
* Please refer to chapter 8.3 ff to get more details about PBX * Please refer to chapter 8.3 ff to get more details about PBX
* enrollment and SAS relay. * enrollment and SAS relay.
* *
* <b>Note:</b> PBX enrollement is not yet fully supported by GNU * <b>Note:</b> PBX enrollement is not yet fully supported by GNU
* ZRTP. * ZRTP.
* *
* @param info Give some information to the user about the PBX * @param info Give some information to the user about the PBX
* requesting an enrollment. * requesting an enrollment.
*/ */
virtual void zrtpAskEnrollment(std::string info) =0; virtual void zrtpAskEnrollment(GnuZrtpCodes::InfoEnrollment info) =0;
/** /**
* Inform about PBX enrollment result. * Inform about PBX enrollment result.
* *
* Informs the use about the acceptance or denial of an PBX enrollment * Informs the use about the acceptance or denial of an PBX enrollment
* request * request
* *
* <b>Note:</b> PBX enrollement is not yet fully supported by GNU * <b>Note:</b> PBX enrollement is not yet fully supported by GNU
* ZRTP. * ZRTP.
* *
* @param info Give some information to the user about the result * @param info information to the user about the result
* of an enrollment. * of an enrollment.
*/ */
virtual void zrtpInformEnrollment(std::string info) =0; virtual void zrtpInformEnrollment(GnuZrtpCodes::InfoEnrollment info) =0 ;
/** /**
* Request a SAS signature. * Request a SAS signature.
* *
* After ZRTP was able to compute the Short Authentication String * After ZRTP was able to compute the Short Authentication String
* (SAS) it calls this method. The client may now use an * (SAS) it calls this method. The client may now use an
* approriate method to sign the SAS. The client may use * approriate method to sign the SAS. The client may use
* ZrtpQueue#setSignatureData() to store the signature data an * ZrtpQueue#setSignatureData() to store the signature data an
* enable signature transmission to the other peer. Refer to * enable signature transmission to the other peer. Refer to
* chapter 8.2 of ZRTP specification. * chapter 8.2 of ZRTP specification.
* *
* <b>Note:</b> SAS signing is not yet fully supported by GNU * <b>Note:</b> SAS signing is not yet fully supported by GNU
* ZRTP. * ZRTP.
* *
* @param sas * @param sasHash
* The SAS string to sign. * The SAS hash to sign.
* *
*/ */
virtual void signSAS(std::string sas) =0; virtual void signSAS(uint8_t* sasHash) =0;
/** /**
* ZRTPQueue calls this method to request a SAS signature check. * ZRTPQueue calls this method to request a SAS signature check.
* *
* After ZRTP received a SAS signature in one of the Confirm packets it * After ZRTP received a SAS signature in one of the Confirm packets it
* call this method. The client may use <code>getSignatureLength()</cod e> * call this method. The client may use <code>getSignatureLength()</cod e>
* and <code>getSignatureData()</code>of ZrtpQueue to get the signature * and <code>getSignatureData()</code>of ZrtpQueue to get the signature
* data and perform the signature check. Refer to chapter 8.2 of ZRTP * data and perform the signature check. Refer to chapter 8.2 of ZRTP
* specification. * specification.
* *
* If the signature check fails the client may return false to ZRTP. In * If the signature check fails the client may return false to ZRTP. In
* this case ZRTP signals an error to the other peer and terminates * this case ZRTP signals an error to the other peer and terminates
* the ZRTP handshake. * the ZRTP handshake.
* *
* <b>Note:</b> SAS signing is not yet fully supported by GNU * <b>Note:</b> SAS signing is not yet fully supported by GNU
* ZRTP. * ZRTP.
* *
* @param sas * @param sasHash
* The SAS string that was signed by the other peer. * The SAS hash that was signed by the other peer.
* @return * @return
* true if the signature was ok, false otherwise. * true if the signature was ok, false otherwise.
* *
*/ */
virtual bool checkSASSignature(std::string sas) =0; virtual bool checkSASSignature(uint8_t* sasHash) =0;
}; };
#endif // ZRTPCALLBACK #endif // ZRTPCALLBACK
/** /**
* @} * @}
*/ */
/** EMACS ** /** EMACS **
* Local variables: * Local variables:
* mode: c++ * mode: c++
 End of changes. 9 change blocks. 
10 lines changed or deleted 22 lines changed or added


 ZrtpCodes.h   ZrtpCodes.h 
skipping to change at line 148 skipping to change at line 148
NoSharedSecret = 0x56, //!< No shared secret available, DH mode r equired NoSharedSecret = 0x56, //!< No shared secret available, DH mode r equired
DHErrorWrongPV = 0x61, //!< DH Error: bad pvi or pvr ( == 1, 0, o r p-1) DHErrorWrongPV = 0x61, //!< DH Error: bad pvi or pvr ( == 1, 0, o r p-1)
DHErrorWrongHVI = 0x62, //!< DH Error: hvi != hashed data DHErrorWrongHVI = 0x62, //!< DH Error: hvi != hashed data
SASuntrustedMiTM = 0x63, //!< Received relayed SAS from untrusted M iTM SASuntrustedMiTM = 0x63, //!< Received relayed SAS from untrusted M iTM
ConfirmHMACWrong = 0x70, //!< Auth. Error: Bad Confirm pkt HMAC ConfirmHMACWrong = 0x70, //!< Auth. Error: Bad Confirm pkt HMAC
NonceReused = 0x80, //!< Nonce reuse NonceReused = 0x80, //!< Nonce reuse
EqualZIDHello = 0x90, //!< Equal ZIDs in Hello EqualZIDHello = 0x90, //!< Equal ZIDs in Hello
GoCleatNotAllowed = 0x100, //!< GoClear packet received, but not allo wed GoCleatNotAllowed = 0x100, //!< GoClear packet received, but not allo wed
IgnorePacket = 0x7fffffff IgnorePacket = 0x7fffffff
}; };
/**
* Information codes for the Enrollment user callbacks.
*/
enum InfoEnrollment {
EnrollmentRequest, //!< Aks user to confirm or deny an Enr
ollemnt request
EnrollmentCanceled, //!< User did not confirm the PBX enrol
lement
EnrollmentFailed, //!< Enrollment process failed, no PBX
secret available
EnrollmentOk //!< Enrollment process for this PBX wa
s ok
};
} }
/** /**
* @} * @}
*/ */
#endif #endif
 End of changes. 1 change blocks. 
0 lines changed or deleted 15 lines changed or added


 ZrtpConfigure.h   ZrtpConfigure.h 
skipping to change at line 72 skipping to change at line 72
class AlgorithmEnum { class AlgorithmEnum {
public: public:
/** /**
* Create an AlgorithmEnum object. * Create an AlgorithmEnum object.
* *
* @param type * @param type
* Defines the algorithm type * Defines the algorithm type
* @param name * @param name
* Set the names of the algorithm. The name is copied * Set the names of the algorithm. The name is copied
* and the call may reuse the space. * and the call may reuse the space.
* @param klen
* The key length for this algorihm in byte, for example 16 or 32
* @param ra
* A human readable short string that describes the algorihm.
* @param en
* Pointer to the encryption function of this algorithn
* @param de
* Pointer to the decryption funtions of this algorithm.
* @param alId
* The algorithm id used by SRTP to identify an algorithm type, for
* example Skein, Sha1, Aes, ...
* *
* @see AlgoTypes * @see AlgoTypes
*/ */
AlgorithmEnum(const AlgoTypes type, const char* name, int32_t klen, AlgorithmEnum(const AlgoTypes type, const char* name, int32_t klen,
const char* ra, encrypt_t en, decrypt_t de, SrtpAlgorithm s alId); const char* ra, encrypt_t en, decrypt_t de, SrtpAlgorithm s alId);
/** /**
* AlgorithmEnum destructor * AlgorithmEnum destructor
*/ */
~AlgorithmEnum(); ~AlgorithmEnum();
skipping to change at line 249 skipping to change at line 260
const char* ra, encrypt_t en, decrypt_t de, SrtpAlgorithms alId); const char* ra, encrypt_t en, decrypt_t de, SrtpAlgorithms alId);
private: private:
AlgoTypes algoType; AlgoTypes algoType;
std::vector <AlgorithmEnum* > algos; std::vector <AlgorithmEnum* > algos;
}; };
/** /**
* The enumaration subclasses that contain the supported algorithm enumerat ions. * The enumaration subclasses that contain the supported algorithm enumerat ions.
*/ */
class HashEnum : public EnumBase { class HashEnum : public EnumBase {
public: public:
HashEnum(); HashEnum();
~HashEnum(); ~HashEnum();
}; };
class SymCipherEnum : public EnumBase { class SymCipherEnum : public EnumBase {
public: public:
SymCipherEnum(); SymCipherEnum();
~SymCipherEnum(); ~SymCipherEnum();
skipping to change at line 302 skipping to change at line 312
* algorithms via its Hello message. An application may use this class to * algorithms via its Hello message. An application may use this class to
* restrict or allow use of algorithms. * restrict or allow use of algorithms.
* *
* The constructor does not set any algorithms, thus it is an empty * The constructor does not set any algorithms, thus it is an empty
* configuration. An application may use this empty configuration and * configuration. An application may use this empty configuration and
* hand it over to ZRTP. In this case ZRTP does not announce any algorithms * hand it over to ZRTP. In this case ZRTP does not announce any algorithms
* in its Hello message and uses mandatory algorithms only. * in its Hello message and uses mandatory algorithms only.
* *
* An application can configure implemented algorithms only. * An application can configure implemented algorithms only.
*/ */
class __EXPORT ZrtpConfigure { class __EXPORT ZrtpConfigure {
public: public:
ZrtpConfigure(); /* Creates Configuration data */ ZrtpConfigure(); /* Creates Configuration data */
~ZrtpConfigure(); ~ZrtpConfigure();
/** /**
* Set the maximum number of algorithms per algorithm type that an appl ication can * Set the maximum number of algorithms per algorithm type that an appl ication can
* configure. * configure.
*/ */
static const int maxNoOfAlgos = 7; static const int maxNoOfAlgos = 7;
skipping to change at line 482 skipping to change at line 491
void setSasSignature(bool yesNo); void setSasSignature(bool yesNo);
/** /**
* Check status of SAS signature processing. * Check status of SAS signature processing.
* *
* @return * @return
* Returns true if certificate processing is enabled. * Returns true if certificate processing is enabled.
*/ */
bool isSasSignature(); bool isSasSignature();
/**
* Enables or disables paranoid mode.
*
* For further explanation of paranoid mode refer to the documentation
* of ZRtp class.
*
* @param yesNo
* If set to true then paranoid mode is enabled.
*/
void setParanoidMode(bool yesNo);
/**
* Check status of paranoid mode.
*
* @return
* Returns true if paranoid mode is enabled.
*/
bool isParanoidMode();
/// Helper function to print some internal data /// Helper function to print some internal data
void printConfiguredAlgos(AlgoTypes algoTyp); void printConfiguredAlgos(AlgoTypes algoTyp);
private: private:
std::vector<AlgorithmEnum* > hashes; std::vector<AlgorithmEnum* > hashes;
std::vector<AlgorithmEnum* > symCiphers; std::vector<AlgorithmEnum* > symCiphers;
std::vector<AlgorithmEnum* > publicKeyAlgos; std::vector<AlgorithmEnum* > publicKeyAlgos;
std::vector<AlgorithmEnum* > sasTypes; std::vector<AlgorithmEnum* > sasTypes;
std::vector<AlgorithmEnum* > authLengths; std::vector<AlgorithmEnum* > authLengths;
bool enableTrustedMitM; bool enableTrustedMitM;
bool enableSasSignature; bool enableSasSignature;
bool enableParanoidMode;
AlgorithmEnum& getAlgoAt(std::vector<AlgorithmEnum* >& a, int32_t index ); AlgorithmEnum& getAlgoAt(std::vector<AlgorithmEnum* >& a, int32_t index );
int32_t addAlgo(std::vector<AlgorithmEnum* >& a, AlgorithmEnum& algo); int32_t addAlgo(std::vector<AlgorithmEnum* >& a, AlgorithmEnum& algo);
int32_t addAlgoAt(std::vector<AlgorithmEnum* >& a, AlgorithmEnum& algo, int32_t index); int32_t addAlgoAt(std::vector<AlgorithmEnum* >& a, AlgorithmEnum& algo, int32_t index);
int32_t removeAlgo(std::vector<AlgorithmEnum* >& a, AlgorithmEnum& alg o); int32_t removeAlgo(std::vector<AlgorithmEnum* >& a, AlgorithmEnum& alg o);
int32_t getNumConfiguredAlgos(std::vector<AlgorithmEnum* >& a); int32_t getNumConfiguredAlgos(std::vector<AlgorithmEnum* >& a);
bool containsAlgo(std::vector<AlgorithmEnum* >& a, AlgorithmEnum& algo) ; bool containsAlgo(std::vector<AlgorithmEnum* >& a, AlgorithmEnum& algo) ;
std::vector<AlgorithmEnum* >& getEnum(AlgoTypes algoType); std::vector<AlgorithmEnum* >& getEnum(AlgoTypes algoType);
void printConfiguredAlgos(std::vector<AlgorithmEnum* >& a); void printConfiguredAlgos(std::vector<AlgorithmEnum* >& a);
 End of changes. 5 change blocks. 
2 lines changed or deleted 31 lines changed or added


 ZrtpQueue.h   ZrtpQueue.h 
skipping to change at line 32 skipping to change at line 32
#include <ccrtp/rtppkt.h> #include <ccrtp/rtppkt.h>
#include <libzrtpcpp/ZrtpCallback.h> #include <libzrtpcpp/ZrtpCallback.h>
#include <libzrtpcpp/TimeoutProvider.h> #include <libzrtpcpp/TimeoutProvider.h>
#include <libzrtpcpp/ZrtpConfigure.h> #include <libzrtpcpp/ZrtpConfigure.h>
class __EXPORT ZrtpUserCallback; class __EXPORT ZrtpUserCallback;
class __EXPORT ZRtp; class __EXPORT ZRtp;
NAMESPACE_COMMONCPP NAMESPACE_COMMONCPP
/**
* GNU ccRTP extension to support GNU ZRTP.
*
* ZRTP was developed by Phil Zimmermann and provides functions to
* negotiate keys and other necessary data (crypto data) to set-up
* the Secure RTP (SRTP) crypto context. Refer to Phil's ZRTP
* specification at his <a href="http://zfoneproject.com/">Zfone
* project</a> site to get more detailed imformation about the
* capabilities of ZRTP.
*
* <b>Short overview of the ZRTP implementation</b>
*
* ZRTP is a specific protocol to negotiate encryption algorithms
* and the required key material. ZRTP uses a RTP session to
* exchange its protocol messages.
*
* A complete GNU ZRTP implementation consists of two parts, the
* GNU ZRTP core and specific code that binds the GNU ZRTP core to
* the underlying RTP/SRTP stack and the operating system:
* <ul>
* <li>
* The GNU ZRTP core is independent of a specific RTP/SRTP
* stack and the operationg system and consists of the ZRTP
* protocol state engine, the ZRTP protocol messages, and the
* GNU ZRTP engine. The GNU ZRTP engine provides methods to
* setup ZRTP message and to analyze received ZRTP messages,
* to compute the crypto data required for SRTP, and to
* maintain the required hashes and HMAC.
* </li>
* <li>
* The second part of an implementation is specific
* <em>glue</em> code the binds the GNU ZRTP core to the
* actual RTP/SRTP implementation and other operating system
* specific services such as timers.
* </li>
* </ul>
*
* The GNU ZRTP core uses a callback interface class (refer to
* ZrtpCallback) to access RTP/SRTP or operating specific methods,
* for example to send data via the RTP/SRTP stack, to access
* timers, provide mutex handling, and to report events to the
* application.
*
* <b>The ZrtpQueue</b>
*
* ZrtpQueue implements code that is specific to the GNU ccRTP
* implementation. ZrtpQueue also implements the specific code to
* provide the mutex and timeout handling to the GNU ZRTP
* core. Both, the mutex and the timeout handling, use the GNU
* Common C++ library to stay independent of the operating
* seystem. For more information refer to the <a
* href="http://www.gnutelephony.org/index.php/GNU_Common_C%2B%2B">GNU
* Common C++</a> web site.
*
* To perform its tasks ZrtpQueue
* <ul>
* <li> extends GNU ccRTP classes to use the underlying
* ccRTP methods and the RTP/SRTP send and receive queues
* </li>
* <li> implements the ZrtpCallback interface to provide ccRTP
* access and other specific services (timer, mutex) to GNU
* ZRTP
* </li>
* <li> provides ZRTP specific methods that applications may use
* to control and setup GNU ZRTP
* </li>
* <li> can register and use an application specific callback
* class (refer to ZrtpUserCallback)
* </li>
* </ul>
*
* After instantiating a GNU ZRTP session (see below for a short
* example) applications may use the ZRTP specific methods of
* ZrtpQueue to control and setup GNU ZRTP, for example enable or
* disable ZRTP processing or getting ZRTP status information.
*
* GNU ZRTP provides a ZrtpUserCallback class that an application
* may extend and register with ZrtpQueue. GNU ZRTP and ZrtpQueue
* use the ZrtpUserCallback methods to report ZRTP events to the
* application. The application may display this information to
* the user or act otherwise.
*
* The following figure depicts the relationships between
* ZrtpQueue, ccRTP RTP/SRTP implementation, the GNU ZRTP core,
* and an application that provides an ZrtpUserCallback class.
*
@verbatim
+----------+
| ccRTP |
| RTP/SRTP |
| |
+----------+
^
| extends
|
+----------------+ +-----+------+
| Application | | | +-----------------+
| instantiates | uses | ZrtpQueue | uses | |
| a ZRTP Session +------+ implements +------+ GNU ZRTP |
| and provides | |ZrtpCallback| | core |
|ZrtpUserCallback| | | | implementation |
+----------------+ +------------+ | (ZRtp et al) |
| |
+-----------------+
@endverbatim
*
* Because ZrtpQueue extends the ccRTP RTP/SRTP implementation
* (AVPQueue) all public methods defined by ccRTP are also
* available for a ZRTP session. ZrtpQueue overwrites some of the
* public methods of ccRTP (AVPQueue) to implement ZRTP specific
* code.
*
* GNU ZRTP provides a <em>SymmetricZRTPSession</em> type to
* simplify its use. An application uses this type in the same way
* as it would use the normal ccRTP <em>SymmetricRTPSession</em>
* type. The following short code snippets show how an application
* could instantiate ccRTP and GNU ZRTP sessions. The first
* snippet shows how to instantiate a ccRTP session:
*
* @code
* ...
* #include <ccrtp/rtp.h>
* ...
* SymmetricRTPSession tx(pattern.getSsrc(),
* InetHostAddress("localhost"));
* ...
*
* @endcode
*
* The same code as above but using a GNU ZRTP session this time:
* @code
* ...
* #include <libzrtpcpp/zrtpccrtp.h>
* ...
* SymmetricZRTPSession tx(pattern.getSsrc(),
* InetHostAddress("localhost"));
* ...
*
* @endcode
*
* The only differences are the different include statements and
* the different session types.
*
* The <em>demo</em> folder contains a small example that shows
* how to use GNU ZRTP.
*
* Please refer to the GNU ccRTP documentation for a description
* of ccRTP methods and functions. This ZrtpQueue documentation
* shows the ZRTP specific extensions and describes overloaded
* methods and a possible different behaviour.
*
* @author Werner Dittmann <Werner.Dittmann@t-online.de>
*/
class __EXPORT ZrtpQueue : public AVPQueue, ZrtpCallback {
public:
/**
* Initialize the ZrtpQueue.
*
* Before an application can use ZRTP it has to initialize the
* ZRTP implementation. This method initializes the timeout
* thread and opens a file that contains ZRTP specific
* information such as the applications ZID (ZRTP id) and its
* retained shared secrets.
*
* If one application requires several ZRTP sessions all
* sessions use the same timeout thread and use the same ZID
* file. Therefore an application does not need to do any
* synchronisation regading ZID files or timeouts. This is
* managed by the ZRTP implementation.
*
* The current implementation of ZrtpQueue does not support
* different ZID files for one application instance. This
* restriction may be removed in later versions.
*
* The application may specify its own ZID file name. If no
* ZID file name is specified it defaults to
* <code>$HOME/.GNUccRTP.zid</code> if the <code>HOME</code>
* environment variable is set. If it is not set the current
* directory is used.
*
* If the method could set up the timeout thread and open the ZID
* file then it enables ZRTP processing and returns.
*
* @param zidFilename
* The name of the ZID file, can be a relative or absolut
* filename.
*
* @param autoEnable
* if set to true the method automatically sets enableZrtp to
* true. This enables the ZRTP auto-sense mode. Default is true.
*
* @param config
* this parameter points to ZRTP configuration data. If it is
* NULL then ZrtpQueue uses a default setting. Default is NULL.
*
* @return
* 1 on success, ZRTP processing enabled, -1 on failure,
* ZRTP processing disabled.
*
*/
int32_t initialize(const char *zidFilename, bool autoEnable = true,
ZrtpConfigure* config = NULL);
/*
* Applications use the following methods to control ZRTP, for example
* to enable ZRTP, set flags etc.
*/
/** /**
* GNU ccRTP extension to support GNU ZRTP. * Enable or disable ZRTP processing.
* *
* ZRTP was developed by Phil Zimmermann and provides functions to * Call this method to enable or disable ZRTP processing after
* negotiate keys and other necessary data (crypto data) to set-up * calling <code>initialize()</code>. This can be done before
* the Secure RTP (SRTP) crypto context. Refer to Phil's ZRTP * using a RTP session or at any time during a RTP session.
* specification at his <a href="http://zfoneproject.com/">Zfone *
* project</a> site to get more detailed imformation about the * Existing SRTP sessions or currently active ZRTP processing will
* capabilities of ZRTP. * not be stopped or disconnected.
* *
* <b>Short overview of the ZRTP implementation</b> * If the application enables ZRTP then:
*
* ZRTP is a specific protocol to negotiate encryption algorithms
* and the required key material. ZRTP uses a RTP session to
* exchange its protocol messages.
*
* A complete GNU ZRTP implementation consists of two parts, the
* GNU ZRTP core and specific code that binds the GNU ZRTP core to
* the underlying RTP/SRTP stack and the operating system:
* <ul> * <ul>
* <li> * <li>ZrtpQueue starts to send ZRTP Hello packets after at least
* The GNU ZRTP core is independent of a specific RTP/SRTP * one RTP packet was sent and received on the associated RTP
* stack and the operationg system and consists of the ZRTP * session. Thus if an application enables ZRTP and ZrtpQueue
* protocol state engine, the ZRTP protocol messages, and the * detects traffic on the RTP session then ZrtpQueue automatically
* GNU ZRTP engine. The GNU ZRTP engine provides methods to * starts the ZRTP protocol. This automatic start is convenient
* setup ZRTP message and to analyze received ZRTP messages, * for applications that negotiate RTP parameters and set up RTP
* to compute the crypto data required for SRTP, and to * sessions but the actual RTP traffic starts some time later.
* maintain the required hashes and HMAC.
* </li>
* <li>
* The second part of an implementation is specific
* <em>glue</em> code the binds the GNU ZRTP core to the
* actual RTP/SRTP implementation and other operating system
* specific services such as timers.
* </li> * </li>
* <li>ZrtpQueue analyses incoming packets to detect ZRTP
* messages. If ZRTP was started, either via automatic start (see
* above) or explicitly via startZrtp(), then ZrtpQueue
* forwards ZRTP packets to the GNU ZRTP core.
* </ul> * </ul>
* *
* The GNU ZRTP core uses a callback interface class (refer to * @param onOff
* ZrtpCallback) to access RTP/SRTP or operating specific methods, * @c true to enable ZRTP, @c false to disable ZRTP
* for example to send data via the RTP/SRTP stack, to access */
* timers, provide mutex handling, and to report events to the void setEnableZrtp(bool onOff);
* application.
* /**
* <b>The ZrtpQueue</b> * Return the state of ZRTP enable state.
* *
* ZrtpQueue implements code that is specific to the GNU ccRTP * @return @c true if ZRTP processing is enabled, @c false
* implementation. ZrtpQueue also implements the specific code to * otherwise.
* provide the mutex and timeout handling to the GNU ZRTP */
* core. Both, the mutex and the timeout handling, use the GNU bool isEnableZrtp();
* Common C++ library to stay independent of the operating
* seystem. For more information refer to the <a /**
* href="http://www.gnutelephony.org/index.php/GNU_Common_C%2B%2B">GNU * Set SAS as verified.
* Common C++</a> web site. *
* The application may call this method if the user confirmed
* (verfied) the Short Authentication String (SAS) with the peer.
*
* ZRTP calls ZrtpUserCallback#showSAS after it computed the SAS
* and the application registered a user callback class. The
* application should display the SAS and provide a mechanism at
* the user interface that enables the user to confirm the SAS.
*
* ZRTP remembers the SAS confirmation status together with the
* retained secrets data. If both parties confirmed the SAS then
* ZRTP informs the application about this status on the next ZRTP
* session.
*
* For more detailed information regarding SAS please refer to the
* ZRTP specification, chapter 8.
*/
void SASVerified();
/**
* Reset the SAS verfied flag for the current user's retained secrets.
*
*/
void resetSASVerified();
/**
* To confirm a go clear request.
*
* Call this method if the user confirmed a go clear (secure mode off).
*/
void goClearOk();
/**
* Request to switch off secure mode.
*
* Call this method is the user itself wants to switch off secure
* mode (go clear). After sending the "go clear" request to the peer
* ZRTP immediatly switch off SRTP processing. Every RTP data is sent
* in clear after the go clear request.
*/
void requestGoClear();
/**
* Set the auxilliary secret.
*
* Use this method to set the srtps secret data. Refer to ZRTP
* specification, chapter 5.3 ff
*
* @param data
* Points to the auxilliary secret data.
* @param length
* Length of the auxilliary secrect in bytes
*/
void setAuxSecret(uint8_t* data, int32_t length);
/**
* Set the application's callback class.
*
* The destructor of ZrtpQueue also destorys the user callback
* class if it was set. The application must not delete the
* callback object or use/reference the callback object after
* ZrtpQueue was destroyed.
*
* @param ucb
* Implementation of the application's ZrtpUserCallback class
*/
void setUserCallback(ZrtpUserCallback* ucb);
/**
* Set the client ID for ZRTP Hello message.
*
* The GNU ccRTP client may set its id to identify itself in the
* ZRTP Hello message. The maximum length is 16 characters. A
* shorter id string is possible, it will be filled with blanks. A
* longer id string will be truncated to 16 characters. The
* standard client id is <code>'GNU ccRTP ZRTP '</code> (without
* the quotes).
*
* Setting the client's id must be done before calling
* ZrtpQueue#initialize() or ZrtpQueue#startZrtp() .
*
* @param id
* The client's id string
*/
void setClientId(std::string id);
/**
* Get the ZRTP Hello Hash data.
*
* Use this method to get the ZRTP Hello Hash data. The method
* returns the data as a string containing hex-digits. Refer
* to ZRTP specification, chapter 9.1.
*
* @return
* a std:string containing the Hello hash value as hex-digits. The
* hello hash is available immediatly after calling
* ZrtpQueue#startZrtp. If ZRTP was not started the method returns
* an empty string.
*/
std::string getHelloHash();
/**
* Get the peer's ZRTP Hello Hash data.
*
* Use this method to get the peer's ZRTP Hello Hash data. The method
* returns the data as a string containing the ZRTP protocol version an
d
* hex-digits.
*
* The peer's hello hash is available only after ZRTP received a hello.
If
* no data is available the function returns an empty string.
*
* Refer to ZRTP specification, chapter 8.
*
* @return
* a std:string containing the Hello version and the hello hash as h
ex digits.
*/
std::string getPeerHelloHash();
/**
* Get Multi-stream parameters.
*
* Use this method to get the Multi-stream that were computed during
* the ZRTP handshake. An application may use these parameters to
* enable multi-stream processing for an associated SRTP session.
*
* Refer to chapter 5.4.2 in the ZRTP specification for further details
* and restriction how and when to use multi-stream mode.
*
* @return
* a string that contains the multi-stream parameters. The applicati
on
* must not modify the contents of this string, it is opaque data. T
he
* application may hand over this string to a new ZrtpQueue instance
* to enable multi-stream processing for this ZrtpQueue. If ZRTP was
* not started or ZRTP is not yet in secure state the method returns
an
* empty string.
*
* @see setMultiStrParams()
*/
std::string getMultiStrParams();
/**
* Set Multi-stream parameters.
*
* Use this method to set the parameters required to enable Multi-strea
m
* processing of ZRTP. The multi-stream parameters must be set before t
he
* application starts the ZRTP protocol engine.
*
* Refer to chapter 5.4.2 in the ZRTP specification for further details
* of multi-stream mode.
*
* @param parameters
* A string that contains the multi-stream parameters that this
* new ZrtpQueue instanace shall use.
*
* @see getMultiStrParams()
*/
void setMultiStrParams(std::string parameters);
/**
* Check if this ZRTP use Multi-stream.
*
* Use this method to check if this ZRTP instance uses multi-stream. Ev
en
* if the application provided multi-stram parameters it may happen tha
t
* full DH mode was used. Refer to chapters 5.2 and 5.4.2 in the ZRTP #
* when this may happen.
*
* @return
* True if multi-stream is used, false otherwise.
*/
bool isMultiStream();
/**
* Check if the other ZRTP client supports Multi-stream.
*
* Use this method to check if the other ZRTP client supports
* Multi-stream mode.
*
* @return
* True if multi-stream is available, false otherwise.
*/
bool isMultiStreamAvailable();
/**
* Accept a PBX enrollment request.
*
* If a PBX service asks to enroll the MiTM key and the user accepts th
is
* requtes, for example by pressing an OK button, the client applicatio
n
* shall call this method and set the parameter <code>accepted</code> t
o
* true. If the user does not accept the request set the parameter to
* false.
*
* @param accepted
* True if the enrollment request is accepted, false otherwise.
*/
void acceptEnrollment(bool accepted);
/**
* Get the commited SAS rendering algorithm for this ZRTP session.
*
* @return the commited SAS rendering algorithm
*/
std::string getSasType();
/**
* Get the computed SAS hash for this ZRTP session.
*
* A PBX ZRTP back-to-Back function uses this function to get the SAS
* hash of an enrolled client to construct the SAS relay packet for
* the other client.
*
* @return a refernce to the byte array that contains the full
* SAS hash.
*/
uint8_t* getSasHash();
/**
* Send the SAS relay packet.
*
* The method creates and sends a SAS relay packet according to the ZRT
P
* specifications. Usually only a MitM capable user agent (PBX) uses th
is
* function.
*
* @param sh the full SAS hash value
* @param render the SAS rendering algorithm
*/
bool sendSASRelayPacket(uint8_t* sh, std::string render);
/**
* Check the state of the MitM mode flag.
*
* If true then this ZRTP session acts as MitM, usually enabled by a PB
X
* client (user agent)
*
* @return state of mitmMode
*/
bool isMitmMode();
/**
* Set the state of the MitM mode flag.
*
* If MitM mode is set to true this ZRTP session acts as MitM, usually
* enabled by a PBX client (user agent).
*
* @param mitmMode defines the new state of the mitmMode flag
*/
void setMitmMode(bool mitmMode);
/**
* Enable or disable paranoid mode.
*
* The Paranoid mode controls the behaviour and handling of the SAS ver
ify flag. If
* Panaoid mode is set to flase then ZRtp applies the normal handling.
If Paranoid
* mode is set to true then the handling is:
* *
* To perform its tasks ZrtpQueue
* <ul> * <ul>
* <li> extends GNU ccRTP classes to use the underlying * <li> always set the SAS verify flag to <code>false</code> at srtpSec
* ccRTP methods and the RTP/SRTP send and receive queues retsOn() callback. The
* </li> * user interface (UI) must show <b>SAS not verified</b>. See impl
* <li> implements the ZrtpCallback interface to provide ccRTP ementation note below.</li>
* access and other specific services (timer, mutex) to GNU * <li> don't set the SAS verify flag in the <code>Confirm</code> packe
* ZRTP ts, thus forcing the other
* </li> * peer to report <b>SAS not verified</b>.</li>
* <li> provides ZRTP specific methods that applications may use * <li> ignore the <code>SASVerified()</code> function, thus do not set
* to control and setup GNU ZRTP the SAS verified flag
* </li> * in the ZRTP cache. </li>
* <li> can register and use an application specific callback * <li> Disable the <em>Trusted PBX MitM</em> feature. Just send the <c
* class (refer to ZrtpUserCallback) ode>SASRelay</code> packet
* </li> * but do not process the relayed data. This protects the user fro
m a malicious
* "trusted PBX".</li>
* </ul> * </ul>
* ZRtp performs alls other steps during the ZRTP negotiations as usual
, in particular it
* computes, compares, uses, and stores the retained secrets. This avoi
ds unnecessary warning
* messages. The user may enable or disable the Paranoid mode on a call
-by-call basis without
* breaking the key continuity data.
*
* <b>Implementation note:</b><br/>
* An application shall <b>always display the SAS if the SAS verify fla
g is <code>false</code></b>.
* The application shall remind the user to compare the SAS code, for e
xample using larger fonts,
* different colours and other display features.
*/
void setParanoidMode(bool yesNo);
/**
* Check status of paranoid mode.
* *
* After instantiating a GNU ZRTP session (see below for a short * @return
* example) applications may use the ZRTP specific methods of * Returns true if paranoid mode is enabled.
* ZrtpQueue to control and setup GNU ZRTP, for example enable or */
* disable ZRTP processing or getting ZRTP status information. bool isParanoidMode();
*
* GNU ZRTP provides a ZrtpUserCallback class that an application /**
* may extend and register with ZrtpQueue. GNU ZRTP and ZrtpQueue * Check the state of the enrollment mode.
* use the ZrtpUserCallback methods to report ZRTP events to the *
* application. The application may display this information to * If true then we will set the enrollment flag (E) in the confirm
* the user or act otherwise. * packets and performs the enrollment actions. A MitM (PBX) enrollment
* service sets this flagstarted this ZRTP
* The following figure depicts the relationships between * session. Can be set to true only if mitmMode is also true.
* ZrtpQueue, ccRTP RTP/SRTP implementation, the GNU ZRTP core, * @return status of the enrollmentMode flag.
* and an application that provides an ZrtpUserCallback class. */
* bool isEnrollmentMode();
@verbatim
/**
+----------+ * Check the state of the enrollment mode.
| ccRTP | *
| RTP/SRTP | * If true then we will set the enrollment flag (E) in the confirm
| | * packets and perform the enrollment actions. A MitM (PBX) enrollment
+----------+ * service must sets this mode to true.
^ *
| extends * Can be set to true only if mitmMode is also true.
| *
+----------------+ +-----+------+ * @param enrollmentMode defines the new state of the enrollmentMode fl
| Application | | | +-----------------+ ag
| instantiates | uses | ZrtpQueue | uses | | */
| a ZRTP Session +------+ implements +------+ GNU ZRTP | void setEnrollmentMode(bool enrollmentMode);
| and provides | |ZrtpCallback| | core |
|ZrtpUserCallback| | | | implementation | /**
+----------------+ +------------+ | (ZRtp et al) | * Backwards compatible api fix...
| | */
+-----------------+ inline void setPBXEnrollment(bool enrollmentMode)
@endverbatim {setMitmMode(enrollmentMode); setEnrollmentMode(enrollmentMode);}
/**
* Check if a peer's cache entry has a vaild MitM key.
*
* If true then the other peer ha a valid MtiM key, i.e. the peer has p
erformed
* the enrollment procedure. A PBX ZRTP Back-2-Back application can use
this function
* to check which of the peers is enrolled.
*
* @return True if the other peer has a valid Mitm key (is enrolled).
*/
bool isPeerEnrolled();
/**
* Set the state of the SAS signature mode flag.
*
* If SAS signature mode is set to true this ZRTP session support SAS s
ignature
* callbacks and signature transfer between clients.
*
* @param sasSignMode defines the new state of the sasSignMode flag
*/
void setSignSas(bool sasSignMode);
/**
* Set signature data
*
* This functions stores signature data and transmitts it during ZRTP
* processing to the other party as part of the Confirm packets. Refer
to
* chapters 6.7 and 8.2 in the ZRTP specification.
*
* @param data
* The signature data including the signature type block. The method
* copies this data into the Confirm packet at signature type block.
* @param length
* The length of the signature data in bytes. This length must be
* multiple of 4.
* @return
* True if the method stored the data, false otherwise.
*/
bool setSignatureData(uint8* data, int32 length);
/**
* Get signature data
*
* This functions returns signature data that was receivied during ZRTP
* processing. Refer to chapters 6.7 and 8.2.
*
* @return
* Pointer to signature data. This is a pointer to volatile data tha
t is
* only valid during the checkSASSignature() callback. The applicati
on
* shall copy the data if necessary.
*/
const uint8* getSignatureData();
/**
* Get length of signature data
*
* This functions returns the length of signature data that was receivi
ed
* during ZRTP processing. Refer to chapters 6.7 and 8.2.
*
* @return
* Length in bytes of the received signature data. The method return
s
* zero if no signature data avilable.
*/
int32 getSignatureLength();
/**
* Put data into the RTP output queue.
*
* This is used to create a data packet in the send queue.
* Sometimes a "NULL" or empty packet will be used instead, and
* these are known as "silent" packets. "Silent" packets are
* used simply to "push" the scheduler along more accurately
* by giving the appearence that a next packet is waiting to
* be sent and to provide a valid timestamp for that packet.
*
* This method overrides the same method in OutgoingDataQueue class.
* During ZRTP processing it may be necessary to control the
* flow of outgoing RTP payload packets (GoClear processing).
*
* @param stamp Timestamp for expected send time of packet.
* @param data Value or NULL if special "silent" packet.
* @param len May be 0 to indicate a default by payload type.
**/
void
putData(uint32 stamp, const unsigned char* data = NULL, size_t len = 0)
;
/**
* Immediatly send a data packet.
*
* This is used to create a data packet and send it immediately.
* Sometimes a "NULL" or empty packet will be used instead, and
* these are known as "silent" packets. "Silent" packets are
* used simply to "push" the scheduler along more accurately
* by giving the appearence that a next packet is waiting to
* be sent and to provide a valid timestamp for that packet.
*
* This method overrides the same method in OutgoingDataQueue
* class. During ZRTP processing it may be necessary to
* control the flow of outgoing RTP payload packets (GoClear
* processing).
*
* @param stamp Timestamp immediate send time of packet.
* @param data Value or NULL if special "silent" packet.
* @param len May be 0 to indicate a default by payload type.
**/
void
sendImmediate(uint32 stamp, const unsigned char* data = NULL, size_t le
n = 0);
/**
* Starts the ZRTP protocol engine.
* *
* Because ZrtpQueue extends the ccRTP RTP/SRTP implementation * Applications may call this method to immediatly start the ZRTP proto
* (AVPQueue) all public methods defined by ccRTP are also col
* available for a ZRTP session. ZrtpQueue overwrites some of the * engine any time after initializing ZRTP and setting optinal paramete
* public methods of ccRTP (AVPQueue) to implement ZRTP specific rs,
* code. * for example client id or multi-stream parameters.
* *
* GNU ZRTP provides a <em>SymmetricZRTPSession</em> type to * If the application does not call this method but sucessfully initial
* simplify its use. An application uses this type in the same way ized
* as it would use the normal ccRTP <em>SymmetricRTPSession</em> * the ZRTP engine using <code>initialize()</code> then ZRTP also start
* type. The following short code snippets show how an application s
* could instantiate ccRTP and GNU ZRTP sessions. The first * after the application sent and received RTP packets. An application
* snippet shows how to instantiate a ccRTP session: can
* * disable this automatic, delayed start of the ZRTP engine using
* @code * <code>setEnableZrtp(false)</code> before sending or receiving RTP
* ... * packets.
* #include <ccrtp/rtp.h> *
* ... */
* SymmetricRTPSession tx(pattern.getSsrc(), void startZrtp();
* InetHostAddress("localhost"));
* ...
*
* @endcode
*
* The same code as above but using a GNU ZRTP session this time:
* @code
* ...
* #include <libzrtpcpp/zrtpccrtp.h>
* ...
* SymmetricZRTPSession tx(pattern.getSsrc(),
* InetHostAddress("localhost"));
* ...
*
* @endcode
*
* The only differences are the different include statements and
* the different session types.
*
* The <em>demo</em> folder contains a small example that shows
* how to use GNU ZRTP.
*
* Please refer to the GNU ccRTP documentation for a description
* of ccRTP methods and functions. This ZrtpQueue documentation
* shows the ZRTP specific extensions and describes overloaded
* methods and a possible different behaviour.
*
* @author Werner Dittmann <Werner.Dittmann@t-online.de>
*/
class __EXPORT ZrtpQueue : public AVPQueue, ZrtpCallback {
public:
/**
* Initialize the ZrtpQueue.
*
* Before an application can use ZRTP it has to initialize the
* ZRTP implementation. This method initializes the timeout
* thread and opens a file that contains ZRTP specific
* information such as the applications ZID (ZRTP id) and its
* retained shared secrets.
*
* If one application requires several ZRTP sessions all
* sessions use the same timeout thread and use the same ZID
* file. Therefore an application does not need to do any
* synchronisation regading ZID files or timeouts. This is
* managed by the ZRTP implementation.
*
* The current implementation of ZrtpQueue does not support
* different ZID files for one application instance. This
* restriction may be removed in later versions.
*
* The application may specify its own ZID file name. If no
* ZID file name is specified it defaults to
* <code>$HOME/.GNUccRTP.zid</code> if the <code>HOME</code>
* environment variable is set. If it is not set the current
* directory is used.
*
* If the method could set up the timeout thread and open the ZID
* file then it enables ZRTP processing and returns.
*
* @param zidFilename
* The name of the ZID file, can be a relative or absolut
* filename.
*
* @param autoEnable
* if set to true the method automatically sets enableZrtp to
* true. This enables the ZRTP auto-sense mode. Default is true
.
*
* @param config
* this parameter points to ZRTP configuration data. If it is
* NULL then ZrtpQueue uses a default setting. Default is NULL.
*
* @return
* 1 on success, ZRTP processing enabled, -1 on failure,
* ZRTP processing disabled.
*
*/
int32_t initialize(const char *zidFilename, bool autoEnable = true,
ZrtpConfigure* config = NULL);
/*
* Applications use the following methods to control ZRTP, for exam
ple
* to enable ZRTP, set flags etc.
*/
/**
* Enable or disable ZRTP processing.
*
* Call this method to enable or disable ZRTP processing after
* calling <code>initialize()</code>. This can be done before
* using a RTP session or at any time during a RTP session.
*
* Existing SRTP sessions or currently active ZRTP processing will
* not be stopped or disconnected.
*
* If the application enables ZRTP then:
* <ul>
* <li>ZrtpQueue starts to send ZRTP Hello packets after at least
* one RTP packet was sent and received on the associated RTP
* session. Thus if an application enables ZRTP and ZrtpQueue
* detects traffic on the RTP session then ZrtpQueue automatically
* starts the ZRTP protocol. This automatic start is convenient
* for applications that negotiate RTP parameters and set up RTP
* sessions but the actual RTP traffic starts some time later.
* </li>
* <li>ZrtpQueue analyses incoming packets to detect ZRTP
* messages. If ZRTP was started, either via automatic start (see
* above) or explicitly via startZrtp(), then ZrtpQueue
* forwards ZRTP packets to the GNU ZRTP core.
* </ul>
*
* @param onOff
* @c true to enable ZRTP, @c false to disable ZRTP
*/
void setEnableZrtp(bool onOff);
/**
* Return the state of ZRTP enable state.
*
* @return @c true if ZRTP processing is enabled, @c false
* otherwise.
*/
bool isEnableZrtp();
/**
* Set SAS as verified.
*
* The application may call this method if the user confirmed
* (verfied) the Short Authentication String (SAS) with the peer.
*
* ZRTP calls ZrtpUserCallback#showSAS after it computed the SAS
* and the application registered a user callback class. The
* application should display the SAS and provide a mechanism at
* the user interface that enables the user to confirm the SAS.
*
* ZRTP remembers the SAS confirmation status together with the
* retained secrets data. If both parties confirmed the SAS then
* ZRTP informs the application about this status on the next ZRTP
* session.
*
* For more detailed information regarding SAS please refer to the
* ZRTP specification, chapter 8.
*/
void SASVerified();
/**
* Reset the SAS verfied flag for the current user's retained secre
ts.
*
*/
void resetSASVerified();
/**
* To confirm a go clear request.
*
* Call this method if the user confirmed a go clear (secure mode o
ff).
*/
void goClearOk();
/**
* Request to switch off secure mode.
*
* Call this method is the user itself wants to switch off secure
* mode (go clear). After sending the "go clear" request to the pee
r
* ZRTP immediatly switch off SRTP processing. Every RTP data is se
nt
* in clear after the go clear request.
*/
void requestGoClear();
/**
* Set the auxilliary secret.
*
* Use this method to set the srtps secret data. Refer to ZRTP
* specification, chapter 5.3 ff
*
* @param data
* Points to the auxilliary secret data.
* @param length
* Length of the auxilliary secrect in bytes
*/
void setAuxSecret(uint8_t* data, int32_t length);
/**
* Set the other secret.
*
* Use this method to set the other secret data. Refer to ZRTP
* specification, chapter 5.3 ff
*
* @param data
* Points to the other secret data.
* @param length
* The length in bytes of the data.
*/
void setPbxSecret(uint8* data, int32 length);
/**
* Set the application's callback class.
*
* The destructor of ZrtpQueue also destorys the user callback
* class if it was set. The application must not delete the
* callback object or use/reference the callback object after
* ZrtpQueue was destroyed.
*
* @param ucb
* Implementation of the application's ZrtpUserCallback class
*/
void setUserCallback(ZrtpUserCallback* ucb);
/**
* Set the client ID for ZRTP Hello message.
*
* The GNU ccRTP client may set its id to identify itself in the
* ZRTP Hello message. The maximum length is 16 characters. A
* shorter id string is possible, it will be filled with blanks. A
* longer id string will be truncated to 16 characters. The
* standard client id is <code>'GNU ccRTP ZRTP '</code> (without
* the quotes).
*
* Setting the client's id must be done before calling
* ZrtpQueue#initialize() or ZrtpQueue#startZrtp() .
*
* @param id
* The client's id string
*/
void setClientId(std::string id);
/**
* Get the ZRTP Hello Hash data.
*
* Use this method to get the ZRTP Hello Hash data. The method
* returns the data as a string containing hex-digits. Refer
* to ZRTP specification, chapter 9.1.
*
* @return
* a std:string containing the Hello hash value as hex-digits. T
he
* hello hash is available immediatly after calling
* ZrtpQueue#startZrtp. If ZRTP was not started the method retur
ns
* an empty string.
*/
std::string getHelloHash();
/**
* Get Multi-stream parameters.
*
* Use this method to get the Multi-stream that were computed durin
g
* the ZRTP handshake. An application may use these parameters to
* enable multi-stream processing for an associated SRTP session.
*
* Refer to chapter 5.4.2 in the ZRTP specification for further det
ails
* and restriction how and when to use multi-stream mode.
*
* @return
* a string that contains the multi-stream parameters. The appli
cation
* must not modify the contents of this string, it is opaque dat
a. The
* application may hand over this string to a new ZrtpQueue inst
ance
* to enable multi-stream processing for this ZrtpQueue. If ZRTP
was
* not started or ZRTP is not yet in secure state the method ret
urns an
* empty string.
*
* @see setMultiStrParams()
*/
std::string getMultiStrParams();
/**
* Set Multi-stream parameters.
*
* Use this method to set the parameters required to enable Multi-s
tream
* processing of ZRTP. The multi-stream parameters must be set befo
re the
* application starts the ZRTP protocol engine.
*
* Refer to chapter 5.4.2 in the ZRTP specification for further det
ails
* of multi-stream mode.
*
* @param parameters
* A string that contains the multi-stream parameters that this
* new ZrtpQueue instanace shall use.
*
* @see getMultiStrParams()
*/
void setMultiStrParams(std::string parameters);
/**
* Check if this ZRTP use Multi-stream.
*
* Use this method to check if this ZRTP instance uses multi-stream
. Even
* if the application provided multi-stram parameters it may happen
that
* full DH mode was used. Refer to chapters 5.2 and 5.4.2 in the ZR
TP #
* when this may happen.
*
* @return
* True if multi-stream is used, false otherwise.
*/
bool isMultiStream();
/**
* Check if the other ZRTP client supports Multi-stream.
*
* Use this method to check if the other ZRTP client supports
* Multi-stream mode.
*
* @return
* True if multi-stream is available, false otherwise.
*/
bool isMultiStreamAvailable();
/**
* Accept a PBX enrollment request.
*
* If a PBX service asks to enroll the MiTM key and the user accept
s this
* requtes, for example by pressing an OK button, the client applic
ation
* shall call this method and set the parameter <code>accepted</cod
e> to
* true. If the user does not accept the request set the parameter
to
* false.
*
* @param accepted
* True if the enrollment request is accepted, false otherwise.
*/
void acceptEnrollment(bool accepted);
/**
* Set signature data
*
* This functions stores signature data and transmitts it during ZR
TP
* processing to the other party as part of the Confirm packets. Re
fer to
* chapters 6.7 and 8.2 in the ZRTP specification.
*
* @param data
* The signature data including the signature type block. The me
thod
* copies this data into the Confirm packet at signature type bl
ock.
* @param length
* The length of the signature data in bytes. This length must b
e
* multiple of 4.
* @return
* True if the method stored the data, false otherwise.
*/
bool setSignatureData(uint8* data, int32 length);
/**
* Get signature data
*
* This functions returns signature data that was receivied during
ZRTP
* processing. Refer to chapters 6.7 and 8.2.
*
* The signature data can be retrieved after ZRTP enters secure sta
te.
* <code>start()</code>.
*
* @param data
* Pointer to a data buffer. This buffer must be large enough to
* hold the signature data. Refer to <code>getSignatureLength()<
/code>
* to get the length of the received signature data.
* @return
* Number of bytes copied into the data buffer
*/
int32 getSignatureData(uint8* data);
/**
* Get length of signature data
*
* This functions returns the length of signature data that was rec
eivied
* during ZRTP processing. Refer to chapters 6.7 and 8.2.
*
* @return
* Length in bytes of the received signature data. The method re
turns
* zero if no signature data avilable.
*/
int32 getSignatureLength();
/**
* Enable PBX enrollment
*
* The application calls this method to allow or disallow PBX enrol
lment.
* If the applications allows PBX enrollment then the ZRTP implemen
tation
* honors the PBX enrollment flag in Confirm packets. Refer to chap
ter 8.3
* for further details of PBX enrollment.
*
* @param yesNo
* If set to true then ZRTP honors the PBX enrollment flag in Co
mmit
* packets and calls the appropriate user callback methods. If
* the parameter is set to false ZRTP ignores the PBX enrollment
flags.
*/
void setPBXEnrollment(bool yesNo);
/**
* Put data into the RTP output queue.
*
* This is used to create a data packet in the send queue.
* Sometimes a "NULL" or empty packet will be used instead, and
* these are known as "silent" packets. "Silent" packets are
* used simply to "push" the scheduler along more accurately
* by giving the appearence that a next packet is waiting to
* be sent and to provide a valid timestamp for that packet.
*
* This method overrides the same method in OutgoingDataQueue class
.
* During ZRTP processing it may be necessary to control the
* flow of outgoing RTP payload packets (GoClear processing).
*
* @param stamp Timestamp for expected send time of packet.
* @param data Value or NULL if special "silent" packet.
* @param len May be 0 to indicate a default by payload type.
**/
void
putData(uint32 stamp, const unsigned char* data = NULL, size_t len
= 0);
/**
* Immediatly send a data packet.
*
* This is used to create a data packet and send it immediately.
* Sometimes a "NULL" or empty packet will be used instead, and
* these are known as "silent" packets. "Silent" packets are
* used simply to "push" the scheduler along more accurately
* by giving the appearence that a next packet is waiting to
* be sent and to provide a valid timestamp for that packet.
*
* This method overrides the same method in OutgoingDataQueue
* class. During ZRTP processing it may be necessary to
* control the flow of outgoing RTP payload packets (GoClear
* processing).
*
* @param stamp Timestamp immediate send time of packet.
* @param data Value or NULL if special "silent" packet.
* @param len May be 0 to indicate a default by payload type.
**/
void
sendImmediate(uint32 stamp, const unsigned char* data = NULL, size_
t len = 0);
/**
* Starts the ZRTP protocol engine.
*
* Applications may call this method to immediatly start the ZRTP p
rotocol
* engine any time after initializing ZRTP and setting optinal para
meters,
* for example client id or multi-stream parameters.
*
* If the application does not call this method but sucessfully ini
tialized
* the ZRTP engine using <code>initialize()</code> then ZRTP also s
tarts
* after the application sent and received RTP packets. An applicat
ion can
* disable this automatic, delayed start of the ZRTP engine using
* <code>setEnableZrtp(false)</code> before sending or receiving RT
P
* packets.
*
*/
void startZrtp();
/**
* Stops the ZRTP protocol engine.
*
* Applications call this method to stop the ZRTP protocol
* engine.
*
*/
void stopZrtp();
/**
* Get other party's ZID (ZRTP Identifier) data
*
* This functions returns the other party's ZID that was receivied
* during ZRTP processing.
*
* The ZID data can be retrieved after ZRTP receive the first Hello
* packet from the other party. The application may call this metho
d
* for example during SAS processing in showSAS(...) user callback
* method.
*
* @param data
* Pointer to a data buffer. This buffer must have a size of
* at least 12 bytes (96 bit) (ZRTP Identifier, see chap. 4.9)
* @return
* Number of bytes copied into the data buffer - must be equival
ent
* to 96 bit, usually 12 bytes.
*/
int32 getZid(uint8* data);
protected: /**
* Stops the ZRTP protocol engine.
*
* Applications call this method to stop the ZRTP protocol
* engine.
*
*/
void stopZrtp();
/**
* Get other party's ZID (ZRTP Identifier) data
*
* This functions returns the other party's ZID that was receivied
* during ZRTP processing.
*
* The ZID data can be retrieved after ZRTP receive the first Hello
* packet from the other party. The application may call this method
* for example during SAS processing in showSAS(...) user callback
* method.
*
* @param data
* Pointer to a data buffer. This buffer must have a size of
* at least 12 bytes (96 bit) (ZRTP Identifier, see chap. 4.9)
* @return
* Number of bytes copied into the data buffer - must be equivalent
* to 96 bit, usually 12 bytes.
*/
int32 getPeerZid(uint8* data);
protected:
friend class TimeoutProvider<std::string, ost::ZrtpQueue*>; friend class TimeoutProvider<std::string, ost::ZrtpQueue*>;
/** /**
* A hook that gets called if the decoding of an incoming SRTP * A hook that gets called if the decoding of an incoming SRTP
* was erroneous * was erroneous
* *
* @param pkt * @param pkt
* The SRTP packet with error. * The SRTP packet with error.
* @param errorCode * @param errorCode
* The error code: -1 - SRTP authentication failure, -2 - repla * The error code: -1 - SRTP authentication failure, -2 - replay
y * check failed
* check failed * @return
* @return * True: put the packet in incoming queue for further processing
* True: put the packet in incoming queue for further processin * by the applications; false: dismiss packet. The default
g * implementation returns false.
* by the applications; false: dismiss packet. The default */
* implementation returns false. virtual bool
*/ onSRTPPacketError(IncomingRTPPkt& pkt, int32 errorCode);
virtual bool
onSRTPPacketError(IncomingRTPPkt& pkt, int32 errorCode);
/** /**
* Handle timeout event forwarded by the TimeoutProvider. * Handle timeout event forwarded by the TimeoutProvider.
* *
* Just call the ZRTP engine for further processing. * Just call the ZRTP engine for further processing.
*/ */
void handleTimeout(const std::string &c); void handleTimeout(const std::string &c);
/** /**
* This function is used by the service thread to process * This function is used by the service thread to process
* the next incoming packet and place it in the receive list. * the next incoming packet and place it in the receive list.
* *
* This class overloads the function of IncomingDataQueue * This class overloads the function of IncomingDataQueue
* implementation. * implementation.
* *
* @return number of payload bytes received, <0 if error. * @return number of payload bytes received, <0 if error.
*/ */
virtual size_t takeInDataPacket(); virtual size_t takeInDataPacket();
/* /*
* The following methods implement the GNU ZRTP callback interface. * The following methods implement the GNU ZRTP callback interface.
* For detailed documentation refer to file ZrtpCallback.h * For detailed documentation refer to file ZrtpCallback.h
*/ */
int32_t sendDataZRTP(const unsigned char* data, int32_t length); int32_t sendDataZRTP(const unsigned char* data, int32_t length);
int32_t activateTimer(int32_t time); int32_t activateTimer(int32_t time);
int32_t cancelTimer(); int32_t cancelTimer();
void sendInfo(GnuZrtpCodes::MessageSeverity severity, int32_t subCo de); void sendInfo(GnuZrtpCodes::MessageSeverity severity, int32_t subCode);
bool srtpSecretsReady(SrtpSecret_t* secrets, EnableSecurity part); bool srtpSecretsReady(SrtpSecret_t* secrets, EnableSecurity part);
void srtpSecretsOff(EnableSecurity part); void srtpSecretsOff(EnableSecurity part);
void srtpSecretsOn(std::string c, std::string s, bool verified); void srtpSecretsOn(std::string c, std::string s, bool verified);
void handleGoClear(); void handleGoClear();
void zrtpNegotiationFailed(GnuZrtpCodes::MessageSeverity severity, int32_t subCode); void zrtpNegotiationFailed(GnuZrtpCodes::MessageSeverity severity, int3 2_t subCode);
void zrtpNotSuppOther(); void zrtpNotSuppOther();
void synchEnter(); void synchEnter();
void synchLeave(); void synchLeave();
void zrtpAskEnrollment(std::string info); void zrtpAskEnrollment(GnuZrtpCodes::InfoEnrollment info);
void zrtpInformEnrollment(std::string info); void zrtpInformEnrollment(GnuZrtpCodes::InfoEnrollment info);
void signSAS(std::string sas); void signSAS(uint8_t* sasHash);
bool checkSASSignature(std::string sas); bool checkSASSignature(uint8_t* sasHash);
/* /*
* End of ZrtpCallback functions. * End of ZrtpCallback functions.
*/ */
ZrtpQueue(uint32 size = RTPDataQueue::defaultMembersHashSize, ZrtpQueue(uint32 size = RTPDataQueue::defaultMembersHashSize,
RTPApplication& app = defaultApplication()); RTPApplication& app = defaultApplication());
/** /**
* Local SSRC is given instead of computed by the queue. * Local SSRC is given instead of computed by the queue.
*/ */
ZrtpQueue(uint32 ssrc, uint32 size = ZrtpQueue(uint32 ssrc, uint32 size =
RTPDataQueue::defaultMembersHashSize, RTPDataQueue::defaultMembersHashSize,
RTPApplication& app = defaultApplication()); RTPApplication& app = defaultApplication());
virtual ~ZrtpQueue();
private:
void init();
size_t rtpDataPacket(unsigned char* packet, int32 rtn,
InetHostAddress network_address,
tpport_t transport_port);
ZRtp *zrtpEngine;
ZrtpUserCallback* zrtpUserCallback;
std::string clientIdString;
bool enableZrtp;
int32 secureParts;
virtual ~ZrtpQueue(); int16 senderZrtpSeqNo;
ost::Mutex synchLock; // Mutex for ZRTP (used by ZrtpStateClass)
uint32 peerSSRC;
bool started;
bool mitmMode;
bool signSas;
bool enableParanoidMode;
};
private: class IncomingZRTPPkt : public IncomingRTPPkt {
void init();
size_t rtpDataPacket(unsigned char* packet, int32 rtn, public:
InetHostAddress network_address, /**
tpport_t transport_port); * Build a ZRTP packet object from a data buffer.
*
ZRtp *zrtpEngine; * @param block pointer to the buffer the whole packet is stored in.
ZrtpUserCallback* zrtpUserCallback; * @param len length of the whole packet, expressed in octets.
*
std::string clientIdString; **/
bool enableZrtp; IncomingZRTPPkt(const unsigned char* block, size_t len);
int32 secureParts; ~IncomingZRTPPkt()
{ }
// CryptoContext* recvCryptoContext;
// CryptoContext* senderCryptoContext; uint32
int16 senderZrtpSeqNo; getZrtpMagic() const;
ost::Mutex synchLock; // Mutex for ZRTP (used by ZrtpStateClass)
uint32 peerSSRC; uint32
bool started; getSSRC() const;
};
};
class OutgoingZRTPPkt : public OutgoingRTPPkt {
class IncomingZRTPPkt : public IncomingRTPPkt {
public:
public: /**
/** * Construct a new ZRTP packet to be sent.
* Build a ZRTP packet object from a data buffer. *
* * A new copy in memory (holding all this components
* @param block pointer to the buffer the whole packet is stored in * along with the fixed header) is created.
. *
* @param len length of the whole packet, expressed in octets. * @param hdrext whole header extension.
* * @param hdrextlen size of whole header extension, in octets.
**/ **/
OutgoingZRTPPkt(const unsigned char* const hdrext, uint32 hdrextlen);
IncomingZRTPPkt(const unsigned char* block, size_t len); ~OutgoingZRTPPkt()
{ }
~IncomingZRTPPkt() };
{ }
uint32
getZrtpMagic() const;
uint32
getSSRC() const;
};
class OutgoingZRTPPkt : public OutgoingRTPPkt {
public:
/**
* Construct a new ZRTP packet to be sent.
*
* A new copy in memory (holding all this components
* along with the fixed header) is created.
*
* @param hdrext whole header extension.
* @param hdrextlen size of whole header extension, in octets.
**/
OutgoingZRTPPkt(const unsigned char* const hdrext, uint32 hdrextlen
);
~OutgoingZRTPPkt()
{ }
};
END_NAMESPACE END_NAMESPACE
#endif #endif
/** EMACS ** /** EMACS **
* Local variables: * Local variables:
* mode: c++ * mode: c++
* c-default-style: ellemtel * c-default-style: ellemtel
* c-basic-offset: 4 * c-basic-offset: 4
 End of changes. 37 change blocks. 
767 lines changed or deleted 881 lines changed or added


 ZrtpUserCallback.h   ZrtpUserCallback.h 
skipping to change at line 172 skipping to change at line 172
* ZRTPQueue calls this method to inform about a PBX enrollment req uest. * ZRTPQueue calls this method to inform about a PBX enrollment req uest.
* *
* Please refer to chapter 8.3 ff to get more details about PBX enr ollment * Please refer to chapter 8.3 ff to get more details about PBX enr ollment
* and SAS relay. * and SAS relay.
* *
* @param info * @param info
* Give some information to the user about the PBX requesting an * Give some information to the user about the PBX requesting an
* enrollment. * enrollment.
* *
*/ */
virtual void zrtpAskEnrollment(std::string info) { virtual void zrtpAskEnrollment(GnuZrtpCodes::InfoEnrollment info) {
return; return;
} }
/** /**
* ZRTPQueue calls this method to inform about PBX enrollment resul t. * ZRTPQueue calls this method to inform about PBX enrollment resul t.
* *
* Informs the use about the acceptance or denial of an PBX enrollm ent * Informs the use about the acceptance or denial of an PBX enrollm ent
* request * request
* *
* @param info * @param info
* Give some information to the user about the result of an * Give some information to the user about the result of an
* enrollment. * enrollment.
* *
*/ */
virtual void zrtpInformEnrollment(std::string info) { virtual void zrtpInformEnrollment(GnuZrtpCodes::InfoEnrollment info ) {
return; return;
} }
/** /**
* ZRTPQueue calls this method to request a SAS signature. * ZRTPQueue calls this method to request a SAS signature.
* *
* After ZRTP core was able to compute the Short Authentication Str ing * After ZRTP core was able to compute the Short Authentication Str ing
* (SAS) it calls this method. The client may now use an approriate * (SAS) it calls this method. The client may now use an approriate
* method to sign the SAS. The client may use * method to sign the SAS. The client may use
* setSignatureData() of ZrtpQueue to store the signature * setSignatureData() of ZrtpQueue to store the signature
* data an enable signature transmission to the other peer. Refer * data an enable signature transmission to the other peer. Refer
* to chapter 8.2 of ZRTP specification. * to chapter 8.2 of ZRTP specification.
* *
* @param sas * @param sasHash
* The SAS string to sign. * Pointer to the 32 byte SAS hash to be signed.
* @see ZrtpQueue#setSignatureData * @see ZrtpQueue#setSignatureData
* *
*/ */
virtual void signSAS(std::string sas) { virtual void signSAS(uint8_t* sasHash) {
return; return;
} }
/** /**
* ZRTPQueue calls this method to request a SAS signature check. * ZRTPQueue calls this method to request a SAS signature check.
* *
* After ZRTP received a SAS signature in one of the Confirm packet s it * After ZRTP received a SAS signature in one of the Confirm packet s it
* call this method. The client may use <code>getSignatureLength()< /code> * call this method. The client may use <code>getSignatureLength()< /code>
* and <code>getSignatureData()</code>of ZrtpQueue to get the signa ture * and <code>getSignatureData()</code>of ZrtpQueue to get the signa ture
* data and perform the signature check. Refer to chapter 8.2 of ZR TP * data and perform the signature check. Refer to chapter 8.2 of ZR TP
* specification. * specification.
* *
* If the signature check fails the client may return false to ZRTP . In * If the signature check fails the client may return false to ZRTP . In
* this case ZRTP signals an error to the other peer and terminates * this case ZRTP signals an error to the other peer and terminates
* the ZRTP handshake. * the ZRTP handshake.
* *
* @param sas * @param sasHash
* The SAS string that was signed by the other peer. * Pointer to the 32 byte SAS hash that was signed by the other
peer.
* @return * @return
* true if the signature was ok, false otherwise. * true if the signature was ok, false otherwise.
* *
*/ */
virtual bool checkSASSignature(std::string sas) { virtual bool checkSASSignature(uint8_t* sasHash) {
return true; return true;
} }
}; };
#endif #endif
 End of changes. 6 change blocks. 
8 lines changed or deleted 9 lines changed or added


 zrtpccrtp.h   zrtpccrtp.h 
skipping to change at line 26 skipping to change at line 26
*/ */
#ifndef _ZRTPCCRTP_H_ #ifndef _ZRTPCCRTP_H_
#define _ZRTPCCRTP_H_ #define _ZRTPCCRTP_H_
#include <ccrtp/rtp.h> #include <ccrtp/rtp.h>
#include <libzrtpcpp/ZrtpQueue.h> #include <libzrtpcpp/ZrtpQueue.h>
NAMESPACE_COMMONCPP NAMESPACE_COMMONCPP
// Define a dummy variable only to overcome a doxygen problem.
static int dummy __attribute__ ((unused)) = 0;
/** /**
* @typedef SymmetricZRTPSession * @typedef SymmetricZRTPSession
* *
* Uses one pair of sockets, (1) for RTP data and (2) for RTCP * Uses one pair of sockets, (1) for RTP data and (2) for RTCP
* transmission/reception. * transmission/reception.
* *
* This session uses the ZrtpQueue instead of the AVPQueue. The ZrtpQueue * This session uses the ZrtpQueue instead of the AVPQueue. The ZrtpQueue
* inherits from AVPQueue and adds support for ZRTP thus enabling * inherits from AVPQueue and adds support for ZRTP thus enabling
* ad-hoc key negotiation to setup SRTP sessions. * ad-hoc key negotiation to setup SRTP sessions.
* *
* @short Symmetric UDP/IPv4 RTP session scheduled by one thread of executi on. * @short Symmetric UDP/IPv4 RTP session scheduled by one thread of executi on.
**/ **/
typedef SingleThreadRTPSession<SymmetricRTPChannel, typedef SingleThreadRTPSession<SymmetricRTPChannel,
SymmetricRTPChannel, SymmetricRTPChannel,
ZrtpQueue> SymmetricZRTPSession; ZrtpQueue> SymmetricZRTPSession;
#ifdef CCXX_IPV6 #ifdef CCXX_IPV6
/** /**
* @typedef SymmetricZRTPSession * @typedef SymmetricZRTPSession
* *
* Uses one pair of sockets, (1) for RTP data and (2) for RTCP * Uses one pair of sockets, (1) for RTP data and (2) for RTCP
* transmission/reception. * transmission/reception.
 End of changes. 2 change blocks. 
1 lines changed or deleted 3 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/