Fix RTP/RTCP authentication tag length

The tag is truncated from 20 bytes to 4 bytes
2020-09-03 10:53:57 +03:00 · 2020-09-03 10:53:57 +03:00 · ffa7ed5770
parent c10169873b
commit ffa7ed5770
6 changed files with 20 additions and 9 deletions
--- a/include/crypto.hh
+++ b/include/crypto.hh
@ -25,6 +25,9 @@ namespace uvg_rtp {
                    void update(uint8_t *data, size_t len);
                    void final(uint8_t *digest);

+                    /* truncate digest to "size" bytes */
+                    void final(uint8_t *digest, size_t size);
+
                private:
                    CryptoPP::HMAC<CryptoPP::SHA1> hmac_;
            };
--- a/include/queue.hh
+++ b/include/queue.hh
@ -67,7 +67,7 @@ namespace uvg_rtp {
        void *media_headers;

        /* Pointer to RTP authentication (if enabled) */
-        uint64_t *rtp_auth_tags;
+        uint32_t *rtp_auth_tags;

        size_t chunk_ptr;
        size_t hdr_ptr;
--- a/include/srtp/base.hh
+++ b/include/srtp/base.hh
@ -24,8 +24,8 @@
 #define AES_KEY_LENGTH     16 /* 128 bits */
 #define HMAC_KEY_LENGTH    32 /* 256 bits */
 #define SALT_LENGTH        14 /* 112 bits */
-#define AUTH_TAG_LENGTH     8
-#define SRTCP_INDEX_LENGTH  8
+#define AUTH_TAG_LENGTH     4
+#define SRTCP_INDEX_LENGTH  4

 namespace uvg_rtp {

--- a/src/crypto.cc
+++ b/src/crypto.cc
@ -24,6 +24,14 @@ void uvg_rtp::crypto::hmac::sha1::final(uint8_t *digest)
    hmac_.Final(digest);
 }

+void uvg_rtp::crypto::hmac::sha1::final(uint8_t *digest, size_t size)
+{
+    uint8_t d[20] = { 0 };
+
+    hmac_.Final(d);
+    memcpy(digest, d, size);
+}
+
 /* ***************** hmac-sha256 ***************** */

 uvg_rtp::crypto::hmac::sha256::sha256(uint8_t *key, size_t key_size):
--- a/src/queue.cc
+++ b/src/queue.cc
@ -80,7 +80,7 @@ rtp_error_t uvg_rtp::frame_queue::init_transaction()
    active_->dealloc_hook = dealloc_hook_;

    if (flags_ & RCE_SRTP_AUTHENTICATE_RTP)
-        active_->rtp_auth_tags = new uint64_t[max_mcount_];
+        active_->rtp_auth_tags = new uint32_t[max_mcount_];
    else
        active_->rtp_auth_tags = nullptr;

@ -251,7 +251,7 @@ rtp_error_t uvg_rtp::frame_queue::enqueue_message(uint8_t *message, size_t messa

    if (flags_ & RCE_SRTP_AUTHENTICATE_RTP) {
        tmp.push_back({
-            sizeof(uint64_t),
+            sizeof(uint32_t),
            (uint8_t *)&active_->rtp_auth_tags[active_->rtpauth_ptr++]
        });
    }
@ -292,7 +292,7 @@ rtp_error_t uvg_rtp::frame_queue::enqueue_message(std::vector<std::pair<size_t,

    if (flags_ & RCE_SRTP_AUTHENTICATE_RTP) {
        tmp.push_back({
-            sizeof(uint64_t),
+            sizeof(uint32_t),
            (uint8_t *)&active_->rtp_auth_tags[active_->rtpauth_ptr++]
        });
    }
--- a/src/srtp/srtp.cc
+++ b/src/srtp/srtp.cc
@ -51,12 +51,12 @@ rtp_error_t uvg_rtp::srtp::recv_packet_handler(void *arg, int flags, frame::rtp_

    /* Calculate authentication tag for the packet and compare it against the one we received */
    if (srtp->authenticate_rtp()) {
-        uint64_t digest = 0;
+        uint32_t digest = 0;
        auto hmac_sha1  = uvg_rtp::crypto::hmac::sha1(ctx->key_ctx.remote.auth_key, AES_KEY_LENGTH);

        hmac_sha1.update(frame->dgram, frame->dgram_size - AUTH_TAG_LENGTH);
        hmac_sha1.update((uint8_t *)&ctx->roc, sizeof(ctx->roc));
-        hmac_sha1.final((uint8_t *)&digest);
+        hmac_sha1.final((uint8_t *)&digest, sizeof(uint32_t));

        if (memcmp(&digest, &frame->dgram[frame->dgram_size - AUTH_TAG_LENGTH], AUTH_TAG_LENGTH)) {
            LOG_ERROR("Authentication tag mismatch!");
@ -122,7 +122,7 @@ authenticate:
        hmac_sha1.update((uint8_t *)buffers[i].second, buffers[i].first);

    hmac_sha1.update((uint8_t *)&ctx->roc, sizeof(ctx->roc));
-    hmac_sha1.final((uint8_t *)buffers[buffers.size() - 1].second);
+    hmac_sha1.final((uint8_t *)buffers[buffers.size() - 1].second, sizeof(uint32_t));

    return ret;
 }