summaryrefslogtreecommitdiff
path: root/src/libzrtpcpp/zrtpPacket.h
blob: 18ba7a12adc72cc44378ab1bd02ffe92f0d65d4b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
/*
  Copyright (C) 2006-2010 Werner Dittmann

  This program is free software: you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation, either version 3 of the License, or
  (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

/*
 * Authors: Werner Dittmann <Werner.Dittmann@t-online.de>
 */

#ifndef ZRTPPACKET_H
#define ZRTPPACKET_H

/**
 *
 * @file zrtpPacket.h
 * @brief The data structures and definitions for ZRTP messages
 * 
 * This include file defines the ZRTP message structures. Refer to
 * chapter 5 of the ZRTP specification which defines the ZRTP messages and
 * the transport format.
 * 
 * @ingroup GNU_ZRTP
 * @{
 */

#include <stdio.h>

/**
 * The following defines match the ZRTP specification, chapter 5
 */
#define ZRTP_MAGIC       0x5a525450

#define ZRTP_WORD_SIZE   4
#define CRC_SIZE         4

#define TYPE_SIZE        (2*ZRTP_WORD_SIZE)
#define CLIENT_ID_SIZE   (4*ZRTP_WORD_SIZE)
#define HASH_IMAGE_SIZE  (8*ZRTP_WORD_SIZE)
#define ZID_SIZE         (3*ZRTP_WORD_SIZE)
#define HVI_SIZE         (8*ZRTP_WORD_SIZE)
#define HMAC_SIZE        (2*ZRTP_WORD_SIZE)
#define ID_SIZE          (2*ZRTP_WORD_SIZE)
#define IV_SIZE          (4*ZRTP_WORD_SIZE)
#define PING_HASH_SIZE   (2*ZRTP_WORD_SIZE)


/**
 * The ZRTP message header
 * 
 * A complete ZRTP message always consists of the ZRTP header
 * and a message specific part. This specific part may have a variable
 * length. The length field includes the header.
 */
typedef struct zrtpPacketHeader {
    uint16_t    zrtpId;         ///< Id to identify the message, always 0x505a
    uint16_t    length;         ///< Length of the ZRTP message in words
    uint8_t     messageType[TYPE_SIZE]; ///< 2 word (8 octest) message type in ASCII
} zrtpPacketHeader_t;

/**
 * Hello message, fixed part.
 * 
 * The complete Hello message consists of ZRTP message header, Hello fixed 
 * part and a variable part. The Hello class initializes the variable part.
 */
typedef struct Hello {
    uint8_t  version[ZRTP_WORD_SIZE];   ///< Announces the ZRTP protocol version 
    uint8_t  clientId[CLIENT_ID_SIZE];  ///< A 4 word ASCII identifier of the ZRTP client
    uint8_t  hashH3[HASH_IMAGE_SIZE];   ///< The last hash of the hash chain (chap. 9)
    uint8_t  zid[ZID_SIZE];             ///< ZID - 3 word identifier for the ZRTP endpoint
    uint8_t  flags;                     ///< flag bits (chap 7.2)
    uint8_t  lengths[3];                ///< number of algorithms present
} Hello_t;

/**
 * The complete ZRTP Hello message.
 */
typedef struct HelloPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    Hello_t hello;                  ///< Fixed part of Hello message
} HelloPacket_t;

/**
 * HelloAck message.
 * 
 * The complete HelloAck message consists of ZRTP message header and
 * the CRC which is the only HelloAck specific data.
 */
typedef struct HelloAckPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    uint8_t crc[ZRTP_WORD_SIZE];    ///< CRC of ZRTP message
} HelloAckPacket_t;

/**
 * Commit message
 * 
 * There are three subtypes of Commit messages, each of which
 * has a fixed size. The data structure defines the maximum
 * Commit message. During the ZRTP protocol the implementation
 * uses fileds according to the use case (DH handshake,
 * Multi-stream handshake) and adjusts the length.
 */
typedef struct Commit {
    uint8_t hashH2[HASH_IMAGE_SIZE];        ///< The second hash of the hash chain (chap. 9)
    uint8_t	zid[ZID_SIZE];                  ///< ZID - 3 word identifier for the ZRTP endpoint
    uint8_t hash[ZRTP_WORD_SIZE];           ///< Commited hash algorithm
    uint8_t cipher[ZRTP_WORD_SIZE];         ///< Commited symmetrical cipher algorithm
    uint8_t authlengths[ZRTP_WORD_SIZE];    ///< Commited SRTP authentication algorithm
    uint8_t	pubkey[ZRTP_WORD_SIZE];         ///< Commited key agreement algorithm
    uint8_t	sas[ZRTP_WORD_SIZE];            ///< Commited SAS algorithm
    uint8_t	hvi[HVI_SIZE];                  ///< Hash value Initiator - chap 4.4.1.1
    uint8_t	hmac[HMAC_SIZE];                ///< MAC of the Commit message
} Commit_t;

/**
 * The complete ZRTP Commit message.
 */
typedef struct CommitPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    Commit_t commit;                ///< Commit message
    uint8_t crc[ZRTP_WORD_SIZE];    ///< CRC of ZRTP message
} CommitPacket_t;

/**
 * DHPart1 and DHPart2 messages
 * 
 * The DHPart messages have a variable length. The following struct
 * defines the fixed part only. The DHPart class initializes the
 * variable part.
 */
typedef struct DHPart {
    uint8_t hashH1[HASH_IMAGE_SIZE];        ///< The first hash of the hash chain (chap. 9)
    uint8_t rs1Id[ID_SIZE];                 ///< Id of first retained secret
    uint8_t rs2Id[ID_SIZE];                 ///< Id of second retained secret
    uint8_t auxSecretId[ID_SIZE];           ///< Id of additional (auxilliary) secret
    uint8_t pbxSecretId[ID_SIZE];           ///< Id of PBX secret (chap 7.3.1)
}  DHPart_t;

/**
 * The complete ZRTP DHPart message.
 */
typedef struct DHPartPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    DHPart_t dhPart;                ///< DHPart message fixed part
} DHPartPacket_t;

/**
 * Confirm1 and Confirm2 messages
 * 
 * The Confirm message have a variable length. The following struct
 * defines the fixed part only. The Confirm class initializes the
 * variable part.
 * 
 * ZRTP encrypts a part of the Confirm messages, starting at @c hashH0 
 * and includes the variable part.
 */
typedef struct Confirm {
    uint8_t	 hmac[HMAC_SIZE];           ///< MAC over the encrypted part of Commit message 
    uint8_t  iv[IV_SIZE];               ///< IV for CFB mode to encrypt part of Commit
    uint8_t  hashH0[HASH_IMAGE_SIZE];   ///< starting hash of hash chain (chap. 9)
    uint8_t  filler[2];                 ///< Filler bytes
    uint8_t  sigLength;                 ///< Length of an optional signature length (chap 7.2)
    uint8_t  flags;                     ///< various flags to control behaviour
    uint32_t expTime;                   ///< Expiration time of retained secrets (chap 4.9)
} Confirm_t;

/**
 * The complete ZRTP Confirm message.
 */
typedef struct ConfirmPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    Confirm_t confirm;              ///< Confirm message fixed part
} ConfirmPacket_t;

/**
 * Conf2Ack message.
 * 
 * The complete Conf2Ack message consists of ZRTP message header and
 * the CRC which is the only Conf2Ack specific data.
 */
typedef struct Conf2AckPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    uint8_t crc[ZRTP_WORD_SIZE];    ///< CRC of ZRTP message
} Conf2AckPacket_t;

/**
 * The GoClear message is currently not used in
 * GNU ZRTP C++ - not support for GoClear.
 */
typedef struct GoClear {
    uint8_t clearHmac[HMAC_SIZE];   ///< no used
} GoClear_t;

/**
 * The complete ZRTP GoClear message - no used.
 */
typedef struct GoClearPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    GoClear_t goClear;              ///< not used
    uint8_t crc[ZRTP_WORD_SIZE];    ///< CRC of ZRTP message
} GoClearPacket_t;

/**
 * The ClearAck message is currently not used in
 * GNU ZRTP C++ - not support for GoClear.
 */
typedef struct ClearAckPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    uint8_t crc[ZRTP_WORD_SIZE];    ///< CRC of ZRTP message
} ClearAckPacket_t;

/**
 * The Error message
 */
typedef struct Error {
    uint32_t errorCode;             ///< Error code, see chap 5.9
} Error_t;

/**
 * The complete ZRTP Error message.
 */
typedef struct ErrorPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    Error_t error;                  ///< Error message part
    uint8_t crc[ZRTP_WORD_SIZE];    ///< CRC of ZRTP message
} ErrorPacket_t;

/**
 * ErrorAck message.
 * 
 * The complete ErrorAck message consists of ZRTP message header and
 * the CRC which is the only ErrorAck specific data.
 */
typedef struct ErrorAckPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    uint8_t crc[ZRTP_WORD_SIZE];    ///< CRC of ZRTP message
} ErrorAckPacket_t;

/**
 * Ping message.
 * 
 * The Ping message has a fixed size.
 */
typedef struct Ping {
    uint8_t version[ZRTP_WORD_SIZE];    ///< The ZRTP protocol version
    uint8_t epHash[PING_HASH_SIZE];     ///< End point hash, see chap 5.16
} Ping_t;

/**
 * The complete ZRTP Ping message.
 */
typedef struct PingPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    Ping_t ping;                    ///< Ping message part
    uint8_t crc[ZRTP_WORD_SIZE];    ///< CRC of ZRTP message
} PingPacket_t;

/**
 * PingAck message.
 * 
 * The PingAck message has a fixed size.
 */
typedef struct PingAck {
    uint8_t version[ZRTP_WORD_SIZE];        ///< The ZRTP protocol version
    uint8_t localEpHash[PING_HASH_SIZE];    ///< Local end point hash, see chap 5.16
    uint8_t remoteEpHash[PING_HASH_SIZE];   ///< Remote end point hash, see chap 5.16
    uint32_t ssrc;                          ///< SSRC copied from the Ping message (RTP packet part)
} PingAck_t;

/**
 * The complete ZRTP PingAck message.
 */
typedef struct PingAckPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    PingAck_t pingAck;              ///< PingAck message part
    uint8_t crc[ZRTP_WORD_SIZE];    ///< CRC of ZRTP message
} PingAckPacket_t;

/**
 * SASrelay message
 * 
 * The SASrelay message has a variable length. The following struct
 * defines the fixed part only. The SASrelay class initializes the
 * variable part.
 * 
 * ZRTP encrypts a part of the SASrelay message, starting at @c hashH0 
 * and includes the variable part.
 */
typedef struct SASrelay {
    uint8_t  hmac[HMAC_SIZE];           ///< MAC over the encrypted part of Commit message 
    uint8_t  iv[IV_SIZE];               ///< IV for CFB mode to encrypt part of Commit
    uint8_t  filler[2];                 ///< Filler bytes
    uint8_t  sigLength;                 ///< Length of an optional signature length (chap 7.2)
    uint8_t  flags;                     ///< various flags to control behaviour
    uint8_t  sas[ZRTP_WORD_SIZE];       ///< SAS algorithm to use
    uint8_t  trustedSasHash[HASH_IMAGE_SIZE];  ///< New trusted SAS hash for enrolled client
} SASrelay_t;

/**
 * The complete ZRTP SASrelay message.
 */
typedef struct SASrelayPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    SASrelay_t sasrelay;            ///< SASrelay message fixed part
} SASrelayPacket_t;

/**
 * RelayAck message.
 * 
 * The complete RelayAck message consists of ZRTP message header and
 * the CRC which is the only RelayAck specific data.
 */
typedef struct RelayAckPacket {
    zrtpPacketHeader_t hdr;         ///< ZRTP Header
    uint8_t crc[ZRTP_WORD_SIZE];    ///< CRC of ZRTP message
} RelayAckPacket_t;

#endif // ZRTPPACKET_H

/**
 * @}
 */

/** EMACS **
 * Local variables:
 * mode: c++
 * c-default-style: ellemtel
 * c-basic-offset: 4
 * End:
 */