summaryrefslogtreecommitdiff
path: root/src/libzrtpcpp/zrtpPacket.h
diff options
context:
space:
mode:
authorMark Purcell <msp@debian.org>2013-07-09 15:55:55 +0100
committerMark Purcell <msp@debian.org>2013-07-09 15:55:55 +0100
commit669109e369a1be69ff7c4108eb545eff4c5c26d9 (patch)
tree73c117a2e7dd22a7a6ee315101f6357ab43386ec /src/libzrtpcpp/zrtpPacket.h
libzrtpcpp (2.3.4-1) unstable; urgency=medium
* New upstream release - Fixes "CVE-2013-2221 CVE-2013-2222 CVE-2013-2223" (Closes: #714650) # imported from the archive
Diffstat (limited to 'src/libzrtpcpp/zrtpPacket.h')
-rw-r--r--src/libzrtpcpp/zrtpPacket.h342
1 files changed, 342 insertions, 0 deletions
diff --git a/src/libzrtpcpp/zrtpPacket.h b/src/libzrtpcpp/zrtpPacket.h
new file mode 100644
index 0000000..18ba7a1
--- /dev/null
+++ b/src/libzrtpcpp/zrtpPacket.h
@@ -0,0 +1,342 @@
+/*
+ Copyright (C) 2006-2010 Werner Dittmann
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/*
+ * Authors: Werner Dittmann <Werner.Dittmann@t-online.de>
+ */
+
+#ifndef ZRTPPACKET_H
+#define ZRTPPACKET_H
+
+/**
+ *
+ * @file zrtpPacket.h
+ * @brief The data structures and definitions for ZRTP messages
+ *
+ * This include file defines the ZRTP message structures. Refer to
+ * chapter 5 of the ZRTP specification which defines the ZRTP messages and
+ * the transport format.
+ *
+ * @ingroup GNU_ZRTP
+ * @{
+ */
+
+#include <stdio.h>
+
+/**
+ * The following defines match the ZRTP specification, chapter 5
+ */
+#define ZRTP_MAGIC 0x5a525450
+
+#define ZRTP_WORD_SIZE 4
+#define CRC_SIZE 4
+
+#define TYPE_SIZE (2*ZRTP_WORD_SIZE)
+#define CLIENT_ID_SIZE (4*ZRTP_WORD_SIZE)
+#define HASH_IMAGE_SIZE (8*ZRTP_WORD_SIZE)
+#define ZID_SIZE (3*ZRTP_WORD_SIZE)
+#define HVI_SIZE (8*ZRTP_WORD_SIZE)
+#define HMAC_SIZE (2*ZRTP_WORD_SIZE)
+#define ID_SIZE (2*ZRTP_WORD_SIZE)
+#define IV_SIZE (4*ZRTP_WORD_SIZE)
+#define PING_HASH_SIZE (2*ZRTP_WORD_SIZE)
+
+
+/**
+ * The ZRTP message header
+ *
+ * A complete ZRTP message always consists of the ZRTP header
+ * and a message specific part. This specific part may have a variable
+ * length. The length field includes the header.
+ */
+typedef struct zrtpPacketHeader {
+ uint16_t zrtpId; ///< Id to identify the message, always 0x505a
+ uint16_t length; ///< Length of the ZRTP message in words
+ uint8_t messageType[TYPE_SIZE]; ///< 2 word (8 octest) message type in ASCII
+} zrtpPacketHeader_t;
+
+/**
+ * Hello message, fixed part.
+ *
+ * The complete Hello message consists of ZRTP message header, Hello fixed
+ * part and a variable part. The Hello class initializes the variable part.
+ */
+typedef struct Hello {
+ uint8_t version[ZRTP_WORD_SIZE]; ///< Announces the ZRTP protocol version
+ uint8_t clientId[CLIENT_ID_SIZE]; ///< A 4 word ASCII identifier of the ZRTP client
+ uint8_t hashH3[HASH_IMAGE_SIZE]; ///< The last hash of the hash chain (chap. 9)
+ uint8_t zid[ZID_SIZE]; ///< ZID - 3 word identifier for the ZRTP endpoint
+ uint8_t flags; ///< flag bits (chap 7.2)
+ uint8_t lengths[3]; ///< number of algorithms present
+} Hello_t;
+
+/**
+ * The complete ZRTP Hello message.
+ */
+typedef struct HelloPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ Hello_t hello; ///< Fixed part of Hello message
+} HelloPacket_t;
+
+/**
+ * HelloAck message.
+ *
+ * The complete HelloAck message consists of ZRTP message header and
+ * the CRC which is the only HelloAck specific data.
+ */
+typedef struct HelloAckPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
+} HelloAckPacket_t;
+
+/**
+ * Commit message
+ *
+ * There are three subtypes of Commit messages, each of which
+ * has a fixed size. The data structure defines the maximum
+ * Commit message. During the ZRTP protocol the implementation
+ * uses fileds according to the use case (DH handshake,
+ * Multi-stream handshake) and adjusts the length.
+ */
+typedef struct Commit {
+ uint8_t hashH2[HASH_IMAGE_SIZE]; ///< The second hash of the hash chain (chap. 9)
+ uint8_t zid[ZID_SIZE]; ///< ZID - 3 word identifier for the ZRTP endpoint
+ uint8_t hash[ZRTP_WORD_SIZE]; ///< Commited hash algorithm
+ uint8_t cipher[ZRTP_WORD_SIZE]; ///< Commited symmetrical cipher algorithm
+ uint8_t authlengths[ZRTP_WORD_SIZE]; ///< Commited SRTP authentication algorithm
+ uint8_t pubkey[ZRTP_WORD_SIZE]; ///< Commited key agreement algorithm
+ uint8_t sas[ZRTP_WORD_SIZE]; ///< Commited SAS algorithm
+ uint8_t hvi[HVI_SIZE]; ///< Hash value Initiator - chap 4.4.1.1
+ uint8_t hmac[HMAC_SIZE]; ///< MAC of the Commit message
+} Commit_t;
+
+/**
+ * The complete ZRTP Commit message.
+ */
+typedef struct CommitPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ Commit_t commit; ///< Commit message
+ uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
+} CommitPacket_t;
+
+/**
+ * DHPart1 and DHPart2 messages
+ *
+ * The DHPart messages have a variable length. The following struct
+ * defines the fixed part only. The DHPart class initializes the
+ * variable part.
+ */
+typedef struct DHPart {
+ uint8_t hashH1[HASH_IMAGE_SIZE]; ///< The first hash of the hash chain (chap. 9)
+ uint8_t rs1Id[ID_SIZE]; ///< Id of first retained secret
+ uint8_t rs2Id[ID_SIZE]; ///< Id of second retained secret
+ uint8_t auxSecretId[ID_SIZE]; ///< Id of additional (auxilliary) secret
+ uint8_t pbxSecretId[ID_SIZE]; ///< Id of PBX secret (chap 7.3.1)
+} DHPart_t;
+
+/**
+ * The complete ZRTP DHPart message.
+ */
+typedef struct DHPartPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ DHPart_t dhPart; ///< DHPart message fixed part
+} DHPartPacket_t;
+
+/**
+ * Confirm1 and Confirm2 messages
+ *
+ * The Confirm message have a variable length. The following struct
+ * defines the fixed part only. The Confirm class initializes the
+ * variable part.
+ *
+ * ZRTP encrypts a part of the Confirm messages, starting at @c hashH0
+ * and includes the variable part.
+ */
+typedef struct Confirm {
+ uint8_t hmac[HMAC_SIZE]; ///< MAC over the encrypted part of Commit message
+ uint8_t iv[IV_SIZE]; ///< IV for CFB mode to encrypt part of Commit
+ uint8_t hashH0[HASH_IMAGE_SIZE]; ///< starting hash of hash chain (chap. 9)
+ uint8_t filler[2]; ///< Filler bytes
+ uint8_t sigLength; ///< Length of an optional signature length (chap 7.2)
+ uint8_t flags; ///< various flags to control behaviour
+ uint32_t expTime; ///< Expiration time of retained secrets (chap 4.9)
+} Confirm_t;
+
+/**
+ * The complete ZRTP Confirm message.
+ */
+typedef struct ConfirmPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ Confirm_t confirm; ///< Confirm message fixed part
+} ConfirmPacket_t;
+
+/**
+ * Conf2Ack message.
+ *
+ * The complete Conf2Ack message consists of ZRTP message header and
+ * the CRC which is the only Conf2Ack specific data.
+ */
+typedef struct Conf2AckPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
+} Conf2AckPacket_t;
+
+/**
+ * The GoClear message is currently not used in
+ * GNU ZRTP C++ - not support for GoClear.
+ */
+typedef struct GoClear {
+ uint8_t clearHmac[HMAC_SIZE]; ///< no used
+} GoClear_t;
+
+/**
+ * The complete ZRTP GoClear message - no used.
+ */
+typedef struct GoClearPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ GoClear_t goClear; ///< not used
+ uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
+} GoClearPacket_t;
+
+/**
+ * The ClearAck message is currently not used in
+ * GNU ZRTP C++ - not support for GoClear.
+ */
+typedef struct ClearAckPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
+} ClearAckPacket_t;
+
+/**
+ * The Error message
+ */
+typedef struct Error {
+ uint32_t errorCode; ///< Error code, see chap 5.9
+} Error_t;
+
+/**
+ * The complete ZRTP Error message.
+ */
+typedef struct ErrorPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ Error_t error; ///< Error message part
+ uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
+} ErrorPacket_t;
+
+/**
+ * ErrorAck message.
+ *
+ * The complete ErrorAck message consists of ZRTP message header and
+ * the CRC which is the only ErrorAck specific data.
+ */
+typedef struct ErrorAckPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
+} ErrorAckPacket_t;
+
+/**
+ * Ping message.
+ *
+ * The Ping message has a fixed size.
+ */
+typedef struct Ping {
+ uint8_t version[ZRTP_WORD_SIZE]; ///< The ZRTP protocol version
+ uint8_t epHash[PING_HASH_SIZE]; ///< End point hash, see chap 5.16
+} Ping_t;
+
+/**
+ * The complete ZRTP Ping message.
+ */
+typedef struct PingPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ Ping_t ping; ///< Ping message part
+ uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
+} PingPacket_t;
+
+/**
+ * PingAck message.
+ *
+ * The PingAck message has a fixed size.
+ */
+typedef struct PingAck {
+ uint8_t version[ZRTP_WORD_SIZE]; ///< The ZRTP protocol version
+ uint8_t localEpHash[PING_HASH_SIZE]; ///< Local end point hash, see chap 5.16
+ uint8_t remoteEpHash[PING_HASH_SIZE]; ///< Remote end point hash, see chap 5.16
+ uint32_t ssrc; ///< SSRC copied from the Ping message (RTP packet part)
+} PingAck_t;
+
+/**
+ * The complete ZRTP PingAck message.
+ */
+typedef struct PingAckPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ PingAck_t pingAck; ///< PingAck message part
+ uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
+} PingAckPacket_t;
+
+/**
+ * SASrelay message
+ *
+ * The SASrelay message has a variable length. The following struct
+ * defines the fixed part only. The SASrelay class initializes the
+ * variable part.
+ *
+ * ZRTP encrypts a part of the SASrelay message, starting at @c hashH0
+ * and includes the variable part.
+ */
+typedef struct SASrelay {
+ uint8_t hmac[HMAC_SIZE]; ///< MAC over the encrypted part of Commit message
+ uint8_t iv[IV_SIZE]; ///< IV for CFB mode to encrypt part of Commit
+ uint8_t filler[2]; ///< Filler bytes
+ uint8_t sigLength; ///< Length of an optional signature length (chap 7.2)
+ uint8_t flags; ///< various flags to control behaviour
+ uint8_t sas[ZRTP_WORD_SIZE]; ///< SAS algorithm to use
+ uint8_t trustedSasHash[HASH_IMAGE_SIZE]; ///< New trusted SAS hash for enrolled client
+} SASrelay_t;
+
+/**
+ * The complete ZRTP SASrelay message.
+ */
+typedef struct SASrelayPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ SASrelay_t sasrelay; ///< SASrelay message fixed part
+} SASrelayPacket_t;
+
+/**
+ * RelayAck message.
+ *
+ * The complete RelayAck message consists of ZRTP message header and
+ * the CRC which is the only RelayAck specific data.
+ */
+typedef struct RelayAckPacket {
+ zrtpPacketHeader_t hdr; ///< ZRTP Header
+ uint8_t crc[ZRTP_WORD_SIZE]; ///< CRC of ZRTP message
+} RelayAckPacket_t;
+
+#endif // ZRTPPACKET_H
+
+/**
+ * @}
+ */
+
+/** EMACS **
+ * Local variables:
+ * mode: c++
+ * c-default-style: ellemtel
+ * c-basic-offset: 4
+ * End:
+ */