jami/jami-daemon
1
0
Fork 0
mirror of https://git.jami.net/savoirfairelinux/jami-daemon.git synced 2025-08-12 22:09:25 +08:00
Code Issues Projects Releases Wiki Activity

security: wipe srtp sensitive data

Browse Source 
Prevent srtp sensitive data like master key to be accessible
after usage.

Change-Id: I3beafe59805aa4daf5c7b1b97cb07a63c524da91
This commit is contained in:
Guillaume Roguez
2017-07-13 01:28:45 -04:00
parent 7dc619d8cd
commit 5209368768
1 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/media/srtp.c
View File

@ -20,6 +20,7 @@
*/
#include <stdlib.h>
#include <assert.h>
#include <libavutil/common.h>
#include <libavutil/base64.h>
#include <libavutil/aes.h>
@ -28,14 +29,24 @@
#include <libavutil/log.h>
#include "srtp.h"
#include "security/memory.h"
void ff_srtp_free(struct SRTPContext *s)
{
uint8_t zero_buffer[32] = {0}; // WARNING: must be long enough to handle any key length
assert(sizeof(zero_buffer) >= sizeof(s->master_key));
assert(sizeof(zero_buffer) >= sizeof(s->rtp_key));
assert(sizeof(zero_buffer) >= sizeof(s->rtp_auth));
if (!s)
return;
// aes and hmac have an opaque pointer type.
// No API to safely erase them, so just re-init with "dummy keys" to sanitize them
av_aes_init(s->aes, zero_buffer, 128, 0);
av_hmac_init(s->hmac, zero_buffer, sizeof(s->rtp_auth));
av_freep(&s->aes);
if (s->hmac)
av_hmac_free(s->hmac);
s->hmac = NULL;
av_hmac_free(s->hmac);
ring_secure_memzero(s, sizeof(*s));
}
static void encrypt_counter(struct AVAES *aes, uint8_t *iv, uint8_t *outbuf,
@ -86,6 +97,7 @@ int ff_srtp_set_crypto(struct SRTPContext *s, const char *suite,
}
if (av_base64_decode(buf, params, sizeof(buf)) != sizeof(buf)) {
av_log(NULL, AV_LOG_WARNING, "Incorrect amount of SRTP params\n");
ring_secure_memzero(buf, sizeof(buf));
return AVERROR(EINVAL);
}
// MKI and lifetime not handled yet
@ -95,6 +107,7 @@ int ff_srtp_set_crypto(struct SRTPContext *s, const char *suite,
return AVERROR(ENOMEM);
memcpy(s->master_key, buf, 16);
memcpy(s->master_salt, buf + 16, 14);
ring_secure_memzero(buf, sizeof(buf));
// RFC 3711
av_aes_init(s->aes, s->master_key, 128, 0);
@ -121,6 +134,7 @@ static void create_iv(uint8_t *iv, const uint8_t *salt, uint64_t index,
iv[6 + i] ^= indexbuf[i];
for (i = 0; i < 14; i++)
iv[i] ^= salt[i];
ring_secure_memzero(indexbuf, sizeof(indexbuf));
}
int ff_srtp_decrypt(struct SRTPContext *s, uint8_t *buf, int *lenptr)