summaryrefslogtreecommitdiffstats
path: root/netwerk/srtp/src/crypto/include
diff options
context:
space:
mode:
Diffstat (limited to 'netwerk/srtp/src/crypto/include')
-rw-r--r--netwerk/srtp/src/crypto/include/aes.h89
-rw-r--r--netwerk/srtp/src/crypto/include/aes_cbc.h85
-rw-r--r--netwerk/srtp/src/crypto/include/aes_icm.h92
-rw-r--r--netwerk/srtp/src/crypto/include/alloc.h57
-rw-r--r--netwerk/srtp/src/crypto/include/auth.h171
-rw-r--r--netwerk/srtp/src/crypto/include/cipher.h230
-rw-r--r--netwerk/srtp/src/crypto/include/crypto.h78
-rw-r--r--netwerk/srtp/src/crypto/include/crypto_kernel.h280
-rw-r--r--netwerk/srtp/src/crypto/include/crypto_math.h239
-rw-r--r--netwerk/srtp/src/crypto/include/crypto_types.h220
-rw-r--r--netwerk/srtp/src/crypto/include/cryptoalg.h133
-rw-r--r--netwerk/srtp/src/crypto/include/datatypes.h508
-rw-r--r--netwerk/srtp/src/crypto/include/err.h174
-rw-r--r--netwerk/srtp/src/crypto/include/hmac.h78
-rw-r--r--netwerk/srtp/src/crypto/include/integers.h155
-rw-r--r--netwerk/srtp/src/crypto/include/kernel_compat.h84
-rw-r--r--netwerk/srtp/src/crypto/include/key.h82
-rw-r--r--netwerk/srtp/src/crypto/include/null_auth.h68
-rw-r--r--netwerk/srtp/src/crypto/include/null_cipher.h80
-rw-r--r--netwerk/srtp/src/crypto/include/prng.h89
-rw-r--r--netwerk/srtp/src/crypto/include/rand_source.h91
-rw-r--r--netwerk/srtp/src/crypto/include/rdb.h129
-rw-r--r--netwerk/srtp/src/crypto/include/rdbx.h221
-rw-r--r--netwerk/srtp/src/crypto/include/sha1.h108
-rw-r--r--netwerk/srtp/src/crypto/include/stat.h69
-rw-r--r--netwerk/srtp/src/crypto/include/xfm.h174
26 files changed, 3784 insertions, 0 deletions
diff --git a/netwerk/srtp/src/crypto/include/aes.h b/netwerk/srtp/src/crypto/include/aes.h
new file mode 100644
index 000000000..9d3149683
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/aes.h
@@ -0,0 +1,89 @@
+/*
+ * aes.h
+ *
+ * header file for the AES block cipher
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef _AES_H
+#define _AES_H
+
+#include "config.h"
+
+#include "datatypes.h"
+#include "err.h"
+
+/* aes internals */
+
+typedef struct {
+ v128_t round[15];
+ int num_rounds;
+} aes_expanded_key_t;
+
+err_status_t
+aes_expand_encryption_key(const uint8_t *key,
+ int key_len,
+ aes_expanded_key_t *expanded_key);
+
+err_status_t
+aes_expand_decryption_key(const uint8_t *key,
+ int key_len,
+ aes_expanded_key_t *expanded_key);
+
+void
+aes_encrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key);
+
+void
+aes_decrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key);
+
+#if 0
+/*
+ * internal functions
+ */
+
+void
+aes_init_sbox(void);
+
+void
+aes_compute_tables(void);
+#endif
+
+#endif /* _AES_H */
diff --git a/netwerk/srtp/src/crypto/include/aes_cbc.h b/netwerk/srtp/src/crypto/include/aes_cbc.h
new file mode 100644
index 000000000..6436b5b17
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/aes_cbc.h
@@ -0,0 +1,85 @@
+/*
+ * aes_cbc.h
+ *
+ * Header for AES Cipher Blobk Chaining Mode.
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef AES_CBC_H
+#define AES_CBC_H
+
+#include "aes.h"
+#include "cipher.h"
+
+typedef struct {
+ v128_t state; /* cipher chaining state */
+ v128_t previous; /* previous ciphertext block */
+ aes_expanded_key_t expanded_key; /* the cipher key */
+} aes_cbc_ctx_t;
+
+err_status_t
+aes_cbc_set_key(aes_cbc_ctx_t *c,
+ const unsigned char *key);
+
+err_status_t
+aes_cbc_encrypt(aes_cbc_ctx_t *c,
+ unsigned char *buf,
+ unsigned int *bytes_in_data);
+
+err_status_t
+aes_cbc_context_init(aes_cbc_ctx_t *c, const uint8_t *key,
+ int key_len, cipher_direction_t dir);
+
+err_status_t
+aes_cbc_set_iv(aes_cbc_ctx_t *c, void *iv);
+
+err_status_t
+aes_cbc_nist_encrypt(aes_cbc_ctx_t *c,
+ unsigned char *data,
+ unsigned int *bytes_in_data);
+
+err_status_t
+aes_cbc_nist_decrypt(aes_cbc_ctx_t *c,
+ unsigned char *data,
+ unsigned int *bytes_in_data);
+
+#endif /* AES_CBC_H */
+
diff --git a/netwerk/srtp/src/crypto/include/aes_icm.h b/netwerk/srtp/src/crypto/include/aes_icm.h
new file mode 100644
index 000000000..6b4aea699
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/aes_icm.h
@@ -0,0 +1,92 @@
+/*
+ * aes_icm.h
+ *
+ * Header for AES Integer Counter Mode.
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef AES_ICM_H
+#define AES_ICM_H
+
+#include "aes.h"
+#include "cipher.h"
+
+typedef struct {
+ v128_t counter; /* holds the counter value */
+ v128_t offset; /* initial offset value */
+ v128_t keystream_buffer; /* buffers bytes of keystream */
+ aes_expanded_key_t expanded_key; /* the cipher key */
+ int bytes_in_buffer; /* number of unused bytes in buffer */
+} aes_icm_ctx_t;
+
+
+err_status_t
+aes_icm_context_init(aes_icm_ctx_t *c,
+ const unsigned char *key,
+ int key_len);
+
+err_status_t
+aes_icm_set_iv(aes_icm_ctx_t *c, void *iv);
+
+err_status_t
+aes_icm_encrypt(aes_icm_ctx_t *c,
+ unsigned char *buf, unsigned int *bytes_to_encr);
+
+err_status_t
+aes_icm_output(aes_icm_ctx_t *c,
+ unsigned char *buf, int bytes_to_output);
+
+err_status_t
+aes_icm_dealloc(cipher_t *c);
+
+err_status_t
+aes_icm_encrypt_ismacryp(aes_icm_ctx_t *c,
+ unsigned char *buf,
+ unsigned int *enc_len,
+ int forIsmacryp);
+
+err_status_t
+aes_icm_alloc_ismacryp(cipher_t **c,
+ int key_len,
+ int forIsmacryp);
+
+#endif /* AES_ICM_H */
+
diff --git a/netwerk/srtp/src/crypto/include/alloc.h b/netwerk/srtp/src/crypto/include/alloc.h
new file mode 100644
index 000000000..5980eed6c
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/alloc.h
@@ -0,0 +1,57 @@
+/*
+ * alloc.h
+ *
+ * interface to memory allocation and deallocation, with optional debugging
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef CRYPTO_ALLOC_H
+#define CRYPTO_ALLOC_H
+
+#include "datatypes.h"
+
+void *
+crypto_alloc(size_t size);
+
+void
+crypto_free(void *ptr);
+
+#endif /* CRYPTO_ALLOC_H */
diff --git a/netwerk/srtp/src/crypto/include/auth.h b/netwerk/srtp/src/crypto/include/auth.h
new file mode 100644
index 000000000..5b5e4b21d
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/auth.h
@@ -0,0 +1,171 @@
+/*
+ * auth.h
+ *
+ * common interface to authentication functions
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef AUTH_H
+#define AUTH_H
+
+#include "datatypes.h"
+#include "err.h" /* error codes */
+#include "crypto.h" /* for auth_type_id_t */
+#include "crypto_types.h" /* for values of auth_type_id_t */
+
+typedef struct auth_type_t *auth_type_pointer;
+typedef struct auth_t *auth_pointer_t;
+
+typedef err_status_t (*auth_alloc_func)
+ (auth_pointer_t *ap, int key_len, int out_len);
+
+typedef err_status_t (*auth_init_func)
+ (void *state, const uint8_t *key, int key_len);
+
+typedef err_status_t (*auth_dealloc_func)(auth_pointer_t ap);
+
+typedef err_status_t (*auth_compute_func)
+ (void *state, uint8_t *buffer, int octets_to_auth,
+ int tag_len, uint8_t *tag);
+
+typedef err_status_t (*auth_update_func)
+ (void *state, uint8_t *buffer, int octets_to_auth);
+
+typedef err_status_t (*auth_start_func)(void *state);
+
+/* some syntactic sugar on these function types */
+
+#define auth_type_alloc(at, a, klen, outlen) \
+ ((at)->alloc((a), (klen), (outlen)))
+
+#define auth_init(a, key) \
+ (((a)->type)->init((a)->state, (key), ((a)->key_len)))
+
+#define auth_compute(a, buf, len, res) \
+ (((a)->type)->compute((a)->state, (buf), (len), (a)->out_len, (res)))
+
+#define auth_update(a, buf, len) \
+ (((a)->type)->update((a)->state, (buf), (len)))
+
+#define auth_start(a)(((a)->type)->start((a)->state))
+
+#define auth_dealloc(c) (((c)->type)->dealloc(c))
+
+/* functions to get information about a particular auth_t */
+
+int
+auth_get_key_length(const struct auth_t *a);
+
+int
+auth_get_tag_length(const struct auth_t *a);
+
+int
+auth_get_prefix_length(const struct auth_t *a);
+
+/*
+ * auth_test_case_t is a (list of) key/message/tag values that are
+ * known to be correct for a particular cipher. this data can be used
+ * to test an implementation in an on-the-fly self test of the
+ * correcness of the implementation. (see the auth_type_self_test()
+ * function below)
+ */
+
+typedef struct auth_test_case_t {
+ int key_length_octets; /* octets in key */
+ uint8_t *key; /* key */
+ int data_length_octets; /* octets in data */
+ uint8_t *data; /* data */
+ int tag_length_octets; /* octets in tag */
+ uint8_t *tag; /* tag */
+ struct auth_test_case_t *next_test_case; /* pointer to next testcase */
+} auth_test_case_t;
+
+/* auth_type_t */
+
+typedef struct auth_type_t {
+ auth_alloc_func alloc;
+ auth_dealloc_func dealloc;
+ auth_init_func init;
+ auth_compute_func compute;
+ auth_update_func update;
+ auth_start_func start;
+ char *description;
+ int ref_count;
+ auth_test_case_t *test_data;
+ debug_module_t *debug;
+ auth_type_id_t id;
+} auth_type_t;
+
+typedef struct auth_t {
+ auth_type_t *type;
+ void *state;
+ int out_len; /* length of output tag in octets */
+ int key_len; /* length of key in octets */
+ int prefix_len; /* length of keystream prefix */
+} auth_t;
+
+/*
+ * auth_type_self_test() tests an auth_type against test cases
+ * provided in an array of values of key/message/tag that is known to
+ * be good
+ */
+
+err_status_t
+auth_type_self_test(const auth_type_t *at);
+
+/*
+ * auth_type_test() tests an auth_type against external test cases
+ * provided in an array of values of key/message/tag that is known to
+ * be good
+ */
+
+err_status_t
+auth_type_test(const auth_type_t *at, const auth_test_case_t *test_data);
+
+/*
+ * auth_type_get_ref_count(at) returns the reference count (the number
+ * of instantiations) of the auth_type_t at
+ */
+
+int
+auth_type_get_ref_count(const auth_type_t *at);
+
+#endif /* AUTH_H */
diff --git a/netwerk/srtp/src/crypto/include/cipher.h b/netwerk/srtp/src/crypto/include/cipher.h
new file mode 100644
index 000000000..eff6dd154
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/cipher.h
@@ -0,0 +1,230 @@
+/*
+ * cipher.h
+ *
+ * common interface to ciphers
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef CIPHER_H
+#define CIPHER_H
+
+#include "datatypes.h"
+#include "rdbx.h" /* for xtd_seq_num_t */
+#include "err.h" /* for error codes */
+#include "crypto.h" /* for cipher_type_id_t */
+#include "crypto_types.h" /* for values of cipher_type_id_t */
+
+
+/**
+ * @brief cipher_direction_t defines a particular cipher operation.
+ *
+ * A cipher_direction_t is an enum that describes a particular cipher
+ * operation, i.e. encryption or decryption. For some ciphers, this
+ * distinction does not matter, but for others, it is essential.
+ */
+
+typedef enum {
+ direction_encrypt, /**< encryption (convert plaintext to ciphertext) */
+ direction_decrypt, /**< decryption (convert ciphertext to plaintext) */
+ direction_any /**< encryption or decryption */
+} cipher_direction_t;
+
+/*
+ * the cipher_pointer and cipher_type_pointer definitions are needed
+ * as cipher_t and cipher_type_t are not yet defined
+ */
+
+typedef struct cipher_type_t *cipher_type_pointer_t;
+typedef struct cipher_t *cipher_pointer_t;
+
+/*
+ * a cipher_alloc_func_t allocates (but does not initialize) a cipher_t
+ */
+
+typedef err_status_t (*cipher_alloc_func_t)
+ (cipher_pointer_t *cp, int key_len);
+
+/*
+ * a cipher_init_func_t [re-]initializes a cipher_t with a given key
+ * and direction (i.e., encrypt or decrypt)
+ */
+
+typedef err_status_t (*cipher_init_func_t)
+(void *state, const uint8_t *key, int key_len, cipher_direction_t dir);
+
+/* a cipher_dealloc_func_t de-allocates a cipher_t */
+
+typedef err_status_t (*cipher_dealloc_func_t)(cipher_pointer_t cp);
+
+/* a cipher_set_segment_func_t sets the segment index of a cipher_t */
+
+typedef err_status_t (*cipher_set_segment_func_t)
+ (void *state, xtd_seq_num_t idx);
+
+/* a cipher_encrypt_func_t encrypts data in-place */
+
+typedef err_status_t (*cipher_encrypt_func_t)
+ (void *state, uint8_t *buffer, unsigned int *octets_to_encrypt);
+
+/* a cipher_decrypt_func_t decrypts data in-place */
+
+typedef err_status_t (*cipher_decrypt_func_t)
+ (void *state, uint8_t *buffer, unsigned int *octets_to_decrypt);
+
+/*
+ * a cipher_set_iv_func_t function sets the current initialization vector
+ */
+
+typedef err_status_t (*cipher_set_iv_func_t)
+ (cipher_pointer_t cp, void *iv);
+
+/*
+ * cipher_test_case_t is a (list of) key, salt, xtd_seq_num_t,
+ * plaintext, and ciphertext values that are known to be correct for a
+ * particular cipher. this data can be used to test an implementation
+ * in an on-the-fly self test of the correcness of the implementation.
+ * (see the cipher_type_self_test() function below)
+ */
+
+typedef struct cipher_test_case_t {
+ int key_length_octets; /* octets in key */
+ uint8_t *key; /* key */
+ uint8_t *idx; /* packet index */
+ int plaintext_length_octets; /* octets in plaintext */
+ uint8_t *plaintext; /* plaintext */
+ int ciphertext_length_octets; /* octets in plaintext */
+ uint8_t *ciphertext; /* ciphertext */
+ struct cipher_test_case_t *next_test_case; /* pointer to next testcase */
+} cipher_test_case_t;
+
+/* cipher_type_t defines the 'metadata' for a particular cipher type */
+
+typedef struct cipher_type_t {
+ cipher_alloc_func_t alloc;
+ cipher_dealloc_func_t dealloc;
+ cipher_init_func_t init;
+ cipher_encrypt_func_t encrypt;
+ cipher_encrypt_func_t decrypt;
+ cipher_set_iv_func_t set_iv;
+ char *description;
+ int ref_count;
+ cipher_test_case_t *test_data;
+ debug_module_t *debug;
+ cipher_type_id_t id;
+} cipher_type_t;
+
+/*
+ * cipher_t defines an instantiation of a particular cipher, with fixed
+ * key length, key and salt values
+ */
+
+typedef struct cipher_t {
+ cipher_type_t *type;
+ void *state;
+ int key_len;
+#ifdef FORCE_64BIT_ALIGN
+ int pad;
+#endif
+} cipher_t;
+
+/* some syntactic sugar on these function types */
+
+#define cipher_type_alloc(ct, c, klen) ((ct)->alloc((c), (klen)))
+
+#define cipher_dealloc(c) (((c)->type)->dealloc(c))
+
+#define cipher_init(c, k, dir) (((c)->type)->init(((c)->state), (k), ((c)->key_len), (dir)))
+
+#define cipher_encrypt(c, buf, len) \
+ (((c)->type)->encrypt(((c)->state), (buf), (len)))
+
+#define cipher_decrypt(c, buf, len) \
+ (((c)->type)->decrypt(((c)->state), (buf), (len)))
+
+#define cipher_set_iv(c, n) \
+ ((c) ? (((c)->type)->set_iv(((cipher_pointer_t)(c)->state), (n))) : \
+ err_status_no_such_op)
+
+err_status_t
+cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output);
+
+
+/* some bookkeeping functions */
+
+int
+cipher_get_key_length(const cipher_t *c);
+
+
+/*
+ * cipher_type_self_test() tests a cipher against test cases provided in
+ * an array of values of key/xtd_seq_num_t/plaintext/ciphertext
+ * that is known to be good
+ */
+
+err_status_t
+cipher_type_self_test(const cipher_type_t *ct);
+
+
+/*
+ * cipher_type_test() tests a cipher against external test cases provided in
+ * an array of values of key/xtd_seq_num_t/plaintext/ciphertext
+ * that is known to be good
+ */
+
+err_status_t
+cipher_type_test(const cipher_type_t *ct, const cipher_test_case_t *test_data);
+
+
+/*
+ * cipher_bits_per_second(c, l, t) computes (and estimate of) the
+ * number of bits that a cipher implementation can encrypt in a second
+ *
+ * c is a cipher (which MUST be allocated and initialized already), l
+ * is the length in octets of the test data to be encrypted, and t is
+ * the number of trials
+ *
+ * if an error is encountered, then the value 0 is returned
+ */
+
+uint64_t
+cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials);
+
+#endif /* CIPHER_H */
diff --git a/netwerk/srtp/src/crypto/include/crypto.h b/netwerk/srtp/src/crypto/include/crypto.h
new file mode 100644
index 000000000..1daf8ead1
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/crypto.h
@@ -0,0 +1,78 @@
+/*
+ * crypto.h
+ *
+ * API for libcrypto
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef CRYPTO_H
+#define CRYPTO_H
+
+/**
+ * @brief A cipher_type_id_t is an identifier for a particular cipher
+ * type.
+ *
+ * A cipher_type_id_t is an integer that represents a particular
+ * cipher type, e.g. the Advanced Encryption Standard (AES). A
+ * NULL_CIPHER is avaliable; this cipher leaves the data unchanged,
+ * and can be selected to indicate that no encryption is to take
+ * place.
+ *
+ * @ingroup Ciphers
+ */
+typedef uint32_t cipher_type_id_t;
+
+/**
+ * @brief An auth_type_id_t is an identifier for a particular authentication
+ * function.
+ *
+ * An auth_type_id_t is an integer that represents a particular
+ * authentication function type, e.g. HMAC-SHA1. A NULL_AUTH is
+ * avaliable; this authentication function performs no computation,
+ * and can be selected to indicate that no authentication is to take
+ * place.
+ *
+ * @ingroup Authentication
+ */
+typedef uint32_t auth_type_id_t;
+
+#endif /* CRYPTO_H */
+
+
diff --git a/netwerk/srtp/src/crypto/include/crypto_kernel.h b/netwerk/srtp/src/crypto/include/crypto_kernel.h
new file mode 100644
index 000000000..1acf4978d
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/crypto_kernel.h
@@ -0,0 +1,280 @@
+/*
+ * crypto_kernel.h
+ *
+ * header for the cryptographic kernel
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef CRYPTO_KERNEL
+#define CRYPTO_KERNEL
+
+#include "rand_source.h"
+#include "prng.h"
+#include "cipher.h"
+#include "auth.h"
+#include "cryptoalg.h"
+#include "stat.h"
+#include "err.h"
+#include "crypto_types.h"
+#include "key.h"
+#include "crypto.h"
+
+/*
+ * crypto_kernel_state_t defines the possible states:
+ *
+ * insecure - not yet initialized
+ * secure - initialized and passed self-tests
+ */
+
+typedef enum {
+ crypto_kernel_state_insecure,
+ crypto_kernel_state_secure
+} crypto_kernel_state_t;
+
+/*
+ * linked list of cipher types
+ */
+
+typedef struct kernel_cipher_type {
+ cipher_type_id_t id;
+ cipher_type_t *cipher_type;
+ struct kernel_cipher_type *next;
+} kernel_cipher_type_t;
+
+/*
+ * linked list of auth types
+ */
+
+typedef struct kernel_auth_type {
+ auth_type_id_t id;
+ auth_type_t *auth_type;
+ struct kernel_auth_type *next;
+} kernel_auth_type_t;
+
+/*
+ * linked list of debug modules
+ */
+
+typedef struct kernel_debug_module {
+ debug_module_t *mod;
+ struct kernel_debug_module *next;
+} kernel_debug_module_t;
+
+
+/*
+ * crypto_kernel_t is the data structure for the crypto kernel
+ *
+ * note that there is *exactly one* instance of this data type,
+ * a global variable defined in crypto_kernel.c
+ */
+
+typedef struct {
+ crypto_kernel_state_t state; /* current state of kernel */
+ kernel_cipher_type_t *cipher_type_list; /* list of all cipher types */
+ kernel_auth_type_t *auth_type_list; /* list of all auth func types */
+ kernel_debug_module_t *debug_module_list; /* list of all debug modules */
+} crypto_kernel_t;
+
+
+/*
+ * crypto_kernel_t external api
+ */
+
+
+/*
+ * The function crypto_kernel_init() initialized the crypto kernel and
+ * runs the self-test operations on the random number generators and
+ * crypto algorithms. Possible return values are:
+ *
+ * err_status_ok initialization successful
+ * <other> init failure
+ *
+ * If any value other than err_status_ok is returned, the
+ * crypto_kernel MUST NOT be used.
+ */
+
+err_status_t
+crypto_kernel_init(void);
+
+
+/*
+ * The function crypto_kernel_shutdown() de-initializes the
+ * crypto_kernel, zeroizes keys and other cryptographic material, and
+ * deallocates any dynamically allocated memory. Possible return
+ * values are:
+ *
+ * err_status_ok shutdown successful
+ * <other> shutdown failure
+ *
+ */
+
+err_status_t
+crypto_kernel_shutdown(void);
+
+/*
+ * The function crypto_kernel_stats() checks the the crypto_kernel,
+ * running tests on the ciphers, auth funcs, and rng, and prints out a
+ * status report. Possible return values are:
+ *
+ * err_status_ok all tests were passed
+ * <other> a test failed
+ *
+ */
+
+err_status_t
+crypto_kernel_status(void);
+
+
+/*
+ * crypto_kernel_list_debug_modules() outputs a list of debugging modules
+ *
+ */
+
+err_status_t
+crypto_kernel_list_debug_modules(void);
+
+/*
+ * crypto_kernel_load_cipher_type()
+ *
+ */
+
+err_status_t
+crypto_kernel_load_cipher_type(cipher_type_t *ct, cipher_type_id_t id);
+
+err_status_t
+crypto_kernel_load_auth_type(auth_type_t *ct, auth_type_id_t id);
+
+/*
+ * crypto_kernel_replace_cipher_type(ct, id)
+ *
+ * replaces the crypto kernel's existing cipher for the cipher_type id
+ * with a new one passed in externally. The new cipher must pass all the
+ * existing cipher_type's self tests as well as its own.
+ */
+err_status_t
+crypto_kernel_replace_cipher_type(cipher_type_t *ct, cipher_type_id_t id);
+
+
+/*
+ * crypto_kernel_replace_auth_type(ct, id)
+ *
+ * replaces the crypto kernel's existing cipher for the auth_type id
+ * with a new one passed in externally. The new auth type must pass all the
+ * existing auth_type's self tests as well as its own.
+ */
+err_status_t
+crypto_kernel_replace_auth_type(auth_type_t *ct, auth_type_id_t id);
+
+
+err_status_t
+crypto_kernel_load_debug_module(debug_module_t *new_dm);
+
+/*
+ * crypto_kernel_alloc_cipher(id, cp, key_len);
+ *
+ * allocates a cipher of type id at location *cp, with key length
+ * key_len octets. Return values are:
+ *
+ * err_status_ok no problems
+ * err_status_alloc_fail an allocation failure occured
+ * err_status_fail couldn't find cipher with identifier 'id'
+ */
+
+err_status_t
+crypto_kernel_alloc_cipher(cipher_type_id_t id,
+ cipher_pointer_t *cp,
+ int key_len);
+
+/*
+ * crypto_kernel_alloc_auth(id, ap, key_len, tag_len);
+ *
+ * allocates an auth function of type id at location *ap, with key
+ * length key_len octets and output tag length of tag_len. Return
+ * values are:
+ *
+ * err_status_ok no problems
+ * err_status_alloc_fail an allocation failure occured
+ * err_status_fail couldn't find auth with identifier 'id'
+ */
+
+err_status_t
+crypto_kernel_alloc_auth(auth_type_id_t id,
+ auth_pointer_t *ap,
+ int key_len,
+ int tag_len);
+
+
+/*
+ * crypto_kernel_set_debug_module(mod_name, v)
+ *
+ * sets dynamic debugging to the value v (0 for off, 1 for on) for the
+ * debug module with the name mod_name
+ *
+ * returns err_status_ok on success, err_status_fail otherwise
+ */
+
+err_status_t
+crypto_kernel_set_debug_module(char *mod_name, int v);
+
+/**
+ * @brief writes a random octet string.
+ *
+ * The function call crypto_get_random(dest, len) writes len octets of
+ * random data to the location to which dest points, and returns an
+ * error code. This error code @b must be checked, and if a failure is
+ * reported, the data in the buffer @b must @b not be used.
+ *
+ * @warning If the return code is not checked, then non-random
+ * data may be in the buffer. This function will fail
+ * unless it is called after crypto_kernel_init().
+ *
+ * @return
+ * - err_status_ok if no problems occured.
+ * - [other] a problem occured, and no assumptions should
+ * be made about the contents of the destination
+ * buffer.
+ *
+ * @ingroup SRTP
+ */
+err_status_t
+crypto_get_random(unsigned char *buffer, unsigned int length);
+
+#endif /* CRYPTO_KERNEL */
diff --git a/netwerk/srtp/src/crypto/include/crypto_math.h b/netwerk/srtp/src/crypto/include/crypto_math.h
new file mode 100644
index 000000000..52f083721
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/crypto_math.h
@@ -0,0 +1,239 @@
+/*
+ * math.h
+ *
+ * crypto math operations and data types
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef MATH_H
+#define MATH_H
+
+#include "datatypes.h"
+
+unsigned char
+v32_weight(v32_t a);
+
+unsigned char
+v32_distance(v32_t x, v32_t y);
+
+unsigned int
+v32_dot_product(v32_t a, v32_t b);
+
+char *
+v16_bit_string(v16_t x);
+
+char *
+v32_bit_string(v32_t x);
+
+char *
+v64_bit_string(const v64_t *x);
+
+char *
+octet_hex_string(uint8_t x);
+
+char *
+v16_hex_string(v16_t x);
+
+char *
+v32_hex_string(v32_t x);
+
+char *
+v64_hex_string(const v64_t *x);
+
+int
+hex_char_to_nibble(uint8_t c);
+
+int
+is_hex_string(char *s);
+
+v16_t
+hex_string_to_v16(char *s);
+
+v32_t
+hex_string_to_v32(char *s);
+
+v64_t
+hex_string_to_v64(char *s);
+
+/* the matrix A[] is stored in column format, i.e., A[i] is
+ the ith column of the matrix */
+
+uint8_t
+A_times_x_plus_b(uint8_t A[8], uint8_t x, uint8_t b);
+
+void
+v16_copy_octet_string(v16_t *x, const uint8_t s[2]);
+
+void
+v32_copy_octet_string(v32_t *x, const uint8_t s[4]);
+
+void
+v64_copy_octet_string(v64_t *x, const uint8_t s[8]);
+
+void
+v128_add(v128_t *z, v128_t *x, v128_t *y);
+
+int
+octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
+
+void
+octet_string_set_to_zero(uint8_t *s, int len);
+
+
+
+/*
+ * the matrix A[] is stored in column format, i.e., A[i] is the ith
+ * column of the matrix
+*/
+uint8_t
+A_times_x_plus_b(uint8_t A[8], uint8_t x, uint8_t b);
+
+
+#if 0
+#if WORDS_BIGENDIAN
+
+#define _v128_add(z, x, y) { \
+ uint64_t tmp; \
+ \
+ tmp = x->v32[3] + y->v32[3]; \
+ z->v32[3] = (uint32_t) tmp; \
+ \
+ tmp = x->v32[2] + y->v32[2] + (tmp >> 32); \
+ z->v32[2] = (uint32_t) tmp; \
+ \
+ tmp = x->v32[1] + y->v32[1] + (tmp >> 32); \
+ z->v32[1] = (uint32_t) tmp; \
+ \
+ tmp = x->v32[0] + y->v32[0] + (tmp >> 32); \
+ z->v32[0] = (uint32_t) tmp; \
+}
+
+#else /* assume little endian architecture */
+
+#define _v128_add(z, x, y) { \
+ uint64_t tmp; \
+ \
+ tmp = htonl(x->v32[3]) + htonl(y->v32[3]); \
+ z->v32[3] = ntohl((uint32_t) tmp); \
+ \
+ tmp = htonl(x->v32[2]) + htonl(y->v32[2]) \
+ + htonl(tmp >> 32); \
+ z->v32[2] = ntohl((uint32_t) tmp); \
+ \
+ tmp = htonl(x->v32[1]) + htonl(y->v32[1]) \
+ + htonl(tmp >> 32); \
+ z->v32[1] = ntohl((uint32_t) tmp); \
+ \
+ tmp = htonl(x->v32[0]) + htonl(y->v32[0]) \
+ + htonl(tmp >> 32); \
+ z->v32[0] = ntohl((uint32_t) tmp); \
+}
+
+#endif /* WORDS_BIGENDIAN */
+#endif
+
+#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
+
+#define v128_set_to_zero(z) _v128_set_to_zero(z)
+#define v128_copy(z, x) _v128_copy(z, x)
+#define v128_xor(z, x, y) _v128_xor(z, x, y)
+#define v128_and(z, x, y) _v128_and(z, x, y)
+#define v128_or(z, x, y) _v128_or(z, x, y)
+#define v128_complement(x) _v128_complement(x)
+#define v128_is_eq(x, y) _v128_is_eq(x, y)
+#define v128_xor_eq(x, y) _v128_xor_eq(x, y)
+#define v128_get_bit(x, i) _v128_get_bit(x, i)
+#define v128_set_bit(x, i) _v128_set_bit(x, i)
+#define v128_clear_bit(x, i) _v128_clear_bit(x, i)
+#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y)
+
+#else
+
+void
+v128_set_to_zero(v128_t *x);
+
+int
+v128_is_eq(const v128_t *x, const v128_t *y);
+
+void
+v128_copy(v128_t *x, const v128_t *y);
+
+void
+v128_xor(v128_t *z, v128_t *x, v128_t *y);
+
+void
+v128_and(v128_t *z, v128_t *x, v128_t *y);
+
+void
+v128_or(v128_t *z, v128_t *x, v128_t *y);
+
+void
+v128_complement(v128_t *x);
+
+int
+v128_get_bit(const v128_t *x, int i);
+
+void
+v128_set_bit(v128_t *x, int i) ;
+
+void
+v128_clear_bit(v128_t *x, int i);
+
+void
+v128_set_bit_to(v128_t *x, int i, int y);
+
+#endif /* DATATYPES_USE_MACROS */
+
+/*
+ * octet_string_is_eq(a,b, len) returns 1 if the length len strings a
+ * and b are not equal, returns 0 otherwise
+ */
+
+int
+octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
+
+void
+octet_string_set_to_zero(uint8_t *s, int len);
+
+
+#endif /* MATH_H */
+
+
+
diff --git a/netwerk/srtp/src/crypto/include/crypto_types.h b/netwerk/srtp/src/crypto/include/crypto_types.h
new file mode 100644
index 000000000..35317108c
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/crypto_types.h
@@ -0,0 +1,220 @@
+/*
+ * crypto_types.h
+ *
+ * constants for cipher types and auth func types
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef CRYPTO_TYPES_H
+#define CRYPTO_TYPES_H
+
+/**
+ * @defgroup Algos Cryptographic Algorithms
+ *
+ *
+ * This library provides several different cryptographic algorithms,
+ * each of which can be selected by using the cipher_type_id_t and
+ * auth_type_id_t. These algorithms are documented below.
+ *
+ * Authentication functions that use the Universal Security Transform
+ * (UST) must be used in conjunction with a cipher other than the null
+ * cipher. These functions require a per-message pseudorandom input
+ * that is generated by the cipher.
+ *
+ * The identifiers STRONGHOLD_AUTH and STRONGHOLD_CIPHER identify the
+ * strongest available authentication function and cipher,
+ * respectively. They are resolved at compile time to the strongest
+ * available algorithm. The stronghold algorithms can serve as did
+ * the keep of a medieval fortification; they provide the strongest
+ * defense (or the last refuge).
+ *
+ * @{
+ */
+
+/**
+ * @defgroup Ciphers Cipher Types
+ *
+ * @brief Each cipher type is identified by an unsigned integer. The
+ * cipher types available in this edition of libSRTP are given
+ * by the #defines below.
+ *
+ * A cipher_type_id_t is an identifier for a cipher_type; only values
+ * given by the #defines above (or those present in the file
+ * crypto_types.h) should be used.
+ *
+ * The identifier STRONGHOLD_CIPHER indicates the strongest available
+ * cipher, allowing an application to choose the strongest available
+ * algorithm without any advance knowledge about the avaliable
+ * algorithms.
+ *
+ * @{
+ */
+
+/**
+ * @brief The null cipher performs no encryption.
+ *
+ * The NULL_CIPHER leaves its inputs unaltered, during both the
+ * encryption and decryption operations. This cipher can be chosen
+ * to indicate that no encryption is to be performed.
+ */
+#define NULL_CIPHER 0
+
+/**
+ * @brief AES Integer Counter Mode (AES ICM)
+ *
+ * AES ICM is the variant of counter mode that is used by Secure RTP.
+ * This cipher uses a 16-, 24-, or 32-octet key concatenated with a
+ * 14-octet offset (or salt) value.
+ */
+#define AES_ICM 1
+
+/**
+ * @brief AES-128 Integer Counter Mode (AES ICM)
+ * AES-128 ICM is a deprecated alternate name for AES ICM.
+ */
+#define AES_128_ICM AES_ICM
+
+/**
+ * @brief SEAL 3.0
+ *
+ * SEAL is the Software-Optimized Encryption Algorithm of Coppersmith
+ * and Rogaway. Nota bene: this cipher is IBM proprietary.
+ */
+#define SEAL 2
+
+/**
+ * @brief AES Cipher Block Chaining mode (AES CBC)
+ *
+ * AES CBC is the AES Cipher Block Chaining mode.
+ * This cipher uses a 16-, 24-, or 32-octet key.
+ */
+#define AES_CBC 3
+
+/**
+ * @brief AES-128 Cipher Block Chaining mode (AES CBC)
+ *
+ * AES-128 CBC is a deprecated alternate name for AES CBC.
+ */
+#define AES_128_CBC AES_CBC
+
+/**
+ * @brief Strongest available cipher.
+ *
+ * This identifier resolves to the strongest cipher type available.
+ */
+#define STRONGHOLD_CIPHER AES_ICM
+
+/**
+ * @}
+ */
+
+
+
+/**
+ * @defgroup Authentication Authentication Function Types
+ *
+ * @brief Each authentication function type is identified by an
+ * unsigned integer. The authentication function types available in
+ * this edition of libSRTP are given by the #defines below.
+ *
+ * An auth_type_id_t is an identifier for an authentication function type;
+ * only values given by the #defines above (or those present in the
+ * file crypto_types.h) should be used.
+ *
+ * The identifier STRONGHOLD_AUTH indicates the strongest available
+ * authentication function, allowing an application to choose the
+ * strongest available algorithm without any advance knowledge about
+ * the avaliable algorithms. The stronghold algorithms can serve as
+ * did the keep of a medieval fortification; they provide the
+ * strongest defense (or the last refuge).
+ *
+ * @{
+ */
+
+/**
+ * @brief The null authentication function performs no authentication.
+ *
+ * The NULL_AUTH function does nothing, and can be selected to indicate
+ * that authentication should not be performed.
+ */
+#define NULL_AUTH 0
+
+/**
+ * @brief UST with TMMH Version 2
+ *
+ * UST_TMMHv2 implements the Truncated Multi-Modular Hash using
+ * UST. This function must be used in conjunction with a cipher other
+ * than the null cipher.
+ * with a cipher.
+ */
+#define UST_TMMHv2 1
+
+/**
+ * @brief (UST) AES-128 XORMAC
+ *
+ * UST_AES_128_XMAC implements AES-128 XORMAC, using UST. Nota bene:
+ * the XORMAC algorithm is IBM proprietary.
+ */
+#define UST_AES_128_XMAC 2
+
+/**
+ * @brief HMAC-SHA1
+ *
+ * HMAC_SHA1 implements the Hash-based MAC using the NIST Secure
+ * Hash Algorithm version 1 (SHA1).
+ */
+#define HMAC_SHA1 3
+
+/**
+ * @brief Strongest available authentication function.
+ *
+ * This identifier resolves to the strongest available authentication
+ * function.
+ */
+#define STRONGHOLD_AUTH HMAC_SHA1
+
+/**
+ * @}
+ */
+/**
+ * @}
+ */
+
+#endif /* CRYPTO_TYPES_H */
diff --git a/netwerk/srtp/src/crypto/include/cryptoalg.h b/netwerk/srtp/src/crypto/include/cryptoalg.h
new file mode 100644
index 000000000..d9f0441e0
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/cryptoalg.h
@@ -0,0 +1,133 @@
+/*
+ * cryptoalg.h
+ *
+ * API for authenticated encryption crypto algorithms
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef CRYPTOALG_H
+#define CRYPTOALG_H
+
+#include "err.h"
+
+/**
+ * @defgroup Crypto Cryptography
+ *
+ * Zed uses a simple interface to a cryptographic transform.
+ *
+ * @{
+ */
+
+/**
+ * @brief applies a crypto algorithm
+ *
+ * The function pointer cryptoalg_func_t points to a function that
+ * implements a crypto transform, and provides a uniform API for
+ * accessing crypto mechanisms.
+ *
+ * @param key location of secret key
+ *
+ * @param clear data to be authenticated but not encrypted
+ *
+ * @param clear_len length of data to be authenticated but not encrypted
+ *
+ * @param iv location to write the Initialization Vector (IV)
+ *
+ * @param protect location of the data to be encrypted and
+ * authenticated (before the function call), and the ciphertext
+ * and authentication tag (after the call)
+ *
+ * @param protected_len location of the length of the data to be
+ * encrypted and authenticated (before the function call), and the
+ * length of the ciphertext (after the call)
+ *
+ */
+
+typedef err_status_t (*cryptoalg_func_t)
+ (void *key,
+ const void *clear,
+ unsigned clear_len,
+ void *iv,
+ void *protect,
+ unsigned *protected_len);
+
+typedef
+err_status_t (*cryptoalg_inv_t)
+ (void *key, /* location of secret key */
+ const void *clear, /* data to be authenticated only */
+ unsigned clear_len, /* length of data to be authenticated only */
+ void *iv, /* location of iv */
+ void *opaque, /* data to be decrypted and authenticated */
+ unsigned *opaque_len /* location of the length of data to be
+ * decrypted and authd (before and after)
+ */
+ );
+
+typedef struct cryptoalg_ctx_t {
+ cryptoalg_func_t enc;
+ cryptoalg_inv_t dec;
+ unsigned key_len;
+ unsigned iv_len;
+ unsigned auth_tag_len;
+ unsigned max_expansion;
+} cryptoalg_ctx_t;
+
+typedef cryptoalg_ctx_t *cryptoalg_t;
+
+#define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len)
+
+#define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len)
+
+#define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len)
+
+int
+cryptoalg_get_id(cryptoalg_t c);
+
+cryptoalg_t
+cryptoalg_find_by_id(int id);
+
+
+/**
+ * @}
+ */
+
+#endif /* CRYPTOALG_H */
+
+
diff --git a/netwerk/srtp/src/crypto/include/datatypes.h b/netwerk/srtp/src/crypto/include/datatypes.h
new file mode 100644
index 000000000..803d75a3d
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/datatypes.h
@@ -0,0 +1,508 @@
+/*
+ * datatypes.h
+ *
+ * data types for bit vectors and finite fields
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef _DATATYPES_H
+#define _DATATYPES_H
+
+#include "integers.h" /* definitions of uint32_t, et cetera */
+#include "alloc.h"
+
+#include <stdarg.h>
+
+#ifndef SRTP_KERNEL
+# include <stdio.h>
+# include <string.h>
+# include <time.h>
+# ifdef HAVE_NETINET_IN_H
+# include <netinet/in.h>
+# elif defined HAVE_WINSOCK2_H
+# include <winsock2.h>
+# endif
+#endif
+
+
+/* if DATATYPES_USE_MACROS is defined, then little functions are macros */
+#define DATATYPES_USE_MACROS
+
+typedef union {
+ uint8_t v8[2];
+ uint16_t value;
+} v16_t;
+
+typedef union {
+ uint8_t v8[4];
+ uint16_t v16[2];
+ uint32_t value;
+} v32_t;
+
+typedef union {
+ uint8_t v8[8];
+ uint16_t v16[4];
+ uint32_t v32[2];
+ uint64_t value;
+} v64_t;
+
+typedef union {
+ uint8_t v8[16];
+ uint16_t v16[8];
+ uint32_t v32[4];
+ uint64_t v64[2];
+} v128_t;
+
+
+
+/* some useful and simple math functions */
+
+#define pow_2(X) ( (unsigned int)1 << (X) ) /* 2^X */
+
+#define pow_minus_one(X) ( (X) ? -1 : 1 ) /* (-1)^X */
+
+
+/*
+ * octet_get_weight(x) returns the hamming weight (number of bits equal to
+ * one) in the octet x
+ */
+
+int
+octet_get_weight(uint8_t octet);
+
+char *
+octet_bit_string(uint8_t x);
+
+#define MAX_PRINT_STRING_LEN 1024
+
+char *
+octet_string_hex_string(const void *str, int length);
+
+char *
+v128_bit_string(v128_t *x);
+
+char *
+v128_hex_string(v128_t *x);
+
+uint8_t
+nibble_to_hex_char(uint8_t nibble);
+
+char *
+char_to_hex_string(char *x, int num_char);
+
+uint8_t
+hex_string_to_octet(char *s);
+
+/*
+ * hex_string_to_octet_string(raw, hex, len) converts the hexadecimal
+ * string at *hex (of length len octets) to the equivalent raw data
+ * and writes it to *raw.
+ *
+ * if a character in the hex string that is not a hexadeciaml digit
+ * (0123456789abcdefABCDEF) is encountered, the function stops writing
+ * data to *raw
+ *
+ * the number of hex digits copied (which is two times the number of
+ * octets in *raw) is returned
+ */
+
+int
+hex_string_to_octet_string(char *raw, char *hex, int len);
+
+v128_t
+hex_string_to_v128(char *s);
+
+void
+v128_copy_octet_string(v128_t *x, const uint8_t s[16]);
+
+void
+v128_left_shift(v128_t *x, int shift_index);
+
+void
+v128_right_shift(v128_t *x, int shift_index);
+
+/*
+ * the following macros define the data manipulation functions
+ *
+ * If DATATYPES_USE_MACROS is defined, then these macros are used
+ * directly (and function call overhead is avoided). Otherwise,
+ * the macros are used through the functions defined in datatypes.c
+ * (and the compiler provides better warnings).
+ */
+
+#define _v128_set_to_zero(x) \
+( \
+ (x)->v32[0] = 0, \
+ (x)->v32[1] = 0, \
+ (x)->v32[2] = 0, \
+ (x)->v32[3] = 0 \
+)
+
+#define _v128_copy(x, y) \
+( \
+ (x)->v32[0] = (y)->v32[0], \
+ (x)->v32[1] = (y)->v32[1], \
+ (x)->v32[2] = (y)->v32[2], \
+ (x)->v32[3] = (y)->v32[3] \
+)
+
+#define _v128_xor(z, x, y) \
+( \
+ (z)->v32[0] = (x)->v32[0] ^ (y)->v32[0], \
+ (z)->v32[1] = (x)->v32[1] ^ (y)->v32[1], \
+ (z)->v32[2] = (x)->v32[2] ^ (y)->v32[2], \
+ (z)->v32[3] = (x)->v32[3] ^ (y)->v32[3] \
+)
+
+#define _v128_and(z, x, y) \
+( \
+ (z)->v32[0] = (x)->v32[0] & (y)->v32[0], \
+ (z)->v32[1] = (x)->v32[1] & (y)->v32[1], \
+ (z)->v32[2] = (x)->v32[2] & (y)->v32[2], \
+ (z)->v32[3] = (x)->v32[3] & (y)->v32[3] \
+)
+
+#define _v128_or(z, x, y) \
+( \
+ (z)->v32[0] = (x)->v32[0] | (y)->v32[0], \
+ (z)->v32[1] = (x)->v32[1] | (y)->v32[1], \
+ (z)->v32[2] = (x)->v32[2] | (y)->v32[2], \
+ (z)->v32[3] = (x)->v32[3] | (y)->v32[3] \
+)
+
+#define _v128_complement(x) \
+( \
+ (x)->v32[0] = ~(x)->v32[0], \
+ (x)->v32[1] = ~(x)->v32[1], \
+ (x)->v32[2] = ~(x)->v32[2], \
+ (x)->v32[3] = ~(x)->v32[3] \
+)
+
+/* ok for NO_64BIT_MATH if it can compare uint64_t's (even as structures) */
+#define _v128_is_eq(x, y) \
+ (((x)->v64[0] == (y)->v64[0]) && ((x)->v64[1] == (y)->v64[1]))
+
+
+#ifdef NO_64BIT_MATH
+#define _v128_xor_eq(z, x) \
+( \
+ (z)->v32[0] ^= (x)->v32[0], \
+ (z)->v32[1] ^= (x)->v32[1], \
+ (z)->v32[2] ^= (x)->v32[2], \
+ (z)->v32[3] ^= (x)->v32[3] \
+)
+#else
+#define _v128_xor_eq(z, x) \
+( \
+ (z)->v64[0] ^= (x)->v64[0], \
+ (z)->v64[1] ^= (x)->v64[1] \
+)
+#endif
+
+/* NOTE! This assumes an odd ordering! */
+/* This will not be compatible directly with math on some processors */
+/* bit 0 is first 32-bit word, low order bit. in little-endian, that's
+ the first byte of the first 32-bit word. In big-endian, that's
+ the 3rd byte of the first 32-bit word */
+/* The get/set bit code is used by the replay code ONLY, and it doesn't
+ really care which bit is which. AES does care which bit is which, but
+ doesn't use the 128-bit get/set or 128-bit shifts */
+
+#define _v128_get_bit(x, bit) \
+( \
+ ((((x)->v32[(bit) >> 5]) >> ((bit) & 31)) & 1) \
+)
+
+#define _v128_set_bit(x, bit) \
+( \
+ (((x)->v32[(bit) >> 5]) |= ((uint32_t)1 << ((bit) & 31))) \
+)
+
+#define _v128_clear_bit(x, bit) \
+( \
+ (((x)->v32[(bit) >> 5]) &= ~((uint32_t)1 << ((bit) & 31))) \
+)
+
+#define _v128_set_bit_to(x, bit, value) \
+( \
+ (value) ? _v128_set_bit(x, bit) : \
+ _v128_clear_bit(x, bit) \
+)
+
+
+#if 0
+/* nothing uses this */
+#ifdef WORDS_BIGENDIAN
+
+#define _v128_add(z, x, y) { \
+ uint64_t tmp; \
+ \
+ tmp = x->v32[3] + y->v32[3]; \
+ z->v32[3] = (uint32_t) tmp; \
+ \
+ tmp = x->v32[2] + y->v32[2] + (tmp >> 32); \
+ z->v32[2] = (uint32_t) tmp; \
+ \
+ tmp = x->v32[1] + y->v32[1] + (tmp >> 32); \
+ z->v32[1] = (uint32_t) tmp; \
+ \
+ tmp = x->v32[0] + y->v32[0] + (tmp >> 32); \
+ z->v32[0] = (uint32_t) tmp; \
+}
+
+#else /* assume little endian architecture */
+
+#define _v128_add(z, x, y) { \
+ uint64_t tmp; \
+ \
+ tmp = htonl(x->v32[3]) + htonl(y->v32[3]); \
+ z->v32[3] = ntohl((uint32_t) tmp); \
+ \
+ tmp = htonl(x->v32[2]) + htonl(y->v32[2]) \
+ + htonl(tmp >> 32); \
+ z->v32[2] = ntohl((uint32_t) tmp); \
+ \
+ tmp = htonl(x->v32[1]) + htonl(y->v32[1]) \
+ + htonl(tmp >> 32); \
+ z->v32[1] = ntohl((uint32_t) tmp); \
+ \
+ tmp = htonl(x->v32[0]) + htonl(y->v32[0]) \
+ + htonl(tmp >> 32); \
+ z->v32[0] = ntohl((uint32_t) tmp); \
+}
+#endif /* WORDS_BIGENDIAN */
+#endif /* 0 */
+
+
+#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
+
+#define v128_set_to_zero(z) _v128_set_to_zero(z)
+#define v128_copy(z, x) _v128_copy(z, x)
+#define v128_xor(z, x, y) _v128_xor(z, x, y)
+#define v128_and(z, x, y) _v128_and(z, x, y)
+#define v128_or(z, x, y) _v128_or(z, x, y)
+#define v128_complement(x) _v128_complement(x)
+#define v128_is_eq(x, y) _v128_is_eq(x, y)
+#define v128_xor_eq(x, y) _v128_xor_eq(x, y)
+#define v128_get_bit(x, i) _v128_get_bit(x, i)
+#define v128_set_bit(x, i) _v128_set_bit(x, i)
+#define v128_clear_bit(x, i) _v128_clear_bit(x, i)
+#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y)
+
+#else
+
+void
+v128_set_to_zero(v128_t *x);
+
+int
+v128_is_eq(const v128_t *x, const v128_t *y);
+
+void
+v128_copy(v128_t *x, const v128_t *y);
+
+void
+v128_xor(v128_t *z, v128_t *x, v128_t *y);
+
+void
+v128_and(v128_t *z, v128_t *x, v128_t *y);
+
+void
+v128_or(v128_t *z, v128_t *x, v128_t *y);
+
+void
+v128_complement(v128_t *x);
+
+int
+v128_get_bit(const v128_t *x, int i);
+
+void
+v128_set_bit(v128_t *x, int i) ;
+
+void
+v128_clear_bit(v128_t *x, int i);
+
+void
+v128_set_bit_to(v128_t *x, int i, int y);
+
+#endif /* DATATYPES_USE_MACROS */
+
+/*
+ * octet_string_is_eq(a,b, len) returns 1 if the length len strings a
+ * and b are not equal, returns 0 otherwise
+ */
+
+int
+octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
+
+void
+octet_string_set_to_zero(uint8_t *s, int len);
+
+
+#ifndef SRTP_KERNEL_LINUX
+
+/*
+ * Convert big endian integers to CPU byte order.
+ */
+#ifdef WORDS_BIGENDIAN
+/* Nothing to do. */
+# define be32_to_cpu(x) (x)
+# define be64_to_cpu(x) (x)
+#elif defined(HAVE_BYTESWAP_H)
+/* We have (hopefully) optimized versions in byteswap.h */
+# include <byteswap.h>
+# define be32_to_cpu(x) bswap_32((x))
+# define be64_to_cpu(x) bswap_64((x))
+#else
+
+#if defined(__GNUC__) && defined(HAVE_X86)
+/* Fall back. */
+static inline uint32_t be32_to_cpu(uint32_t v) {
+ /* optimized for x86. */
+ asm("bswap %0" : "=r" (v) : "0" (v));
+ return v;
+}
+# else /* HAVE_X86 */
+# ifdef HAVE_NETINET_IN_H
+# include <netinet/in.h>
+# elif defined HAVE_WINSOCK2_H
+# include <winsock2.h>
+# else
+# error "Platform not recognized"
+# endif
+# define be32_to_cpu(x) ntohl((x))
+# endif /* HAVE_X86 */
+
+static inline uint64_t be64_to_cpu(uint64_t v) {
+# ifdef NO_64BIT_MATH
+ /* use the make64 functions to do 64-bit math */
+ v = make64(htonl(low32(v)),htonl(high32(v)));
+# else
+ /* use the native 64-bit math */
+ v= (uint64_t)((be32_to_cpu((uint32_t)(v >> 32))) | (((uint64_t)be32_to_cpu((uint32_t)v)) << 32));
+# endif
+ return v;
+}
+
+#endif /* ! SRTP_KERNEL_LINUX */
+
+#endif /* WORDS_BIGENDIAN */
+
+/*
+ * functions manipulating bitvector_t
+ *
+ * A bitvector_t consists of an array of words and an integer
+ * representing the number of significant bits stored in the array.
+ * The bits are packed as follows: the least significant bit is that
+ * of word[0], while the most significant bit is the nth most
+ * significant bit of word[m], where length = bits_per_word * m + n.
+ *
+ */
+
+#define bits_per_word 32
+#define bytes_per_word 4
+
+typedef struct {
+ uint32_t length;
+ uint32_t *word;
+} bitvector_t;
+
+
+#define _bitvector_get_bit(v, bit_index) \
+( \
+ ((((v)->word[((bit_index) >> 5)]) >> ((bit_index) & 31)) & 1) \
+)
+
+
+#define _bitvector_set_bit(v, bit_index) \
+( \
+ (((v)->word[((bit_index) >> 5)] |= ((uint32_t)1 << ((bit_index) & 31)))) \
+)
+
+#define _bitvector_clear_bit(v, bit_index) \
+( \
+ (((v)->word[((bit_index) >> 5)] &= ~((uint32_t)1 << ((bit_index) & 31)))) \
+)
+
+#define _bitvector_get_length(v) \
+( \
+ ((v)->length) \
+)
+
+#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
+
+#define bitvector_get_bit(v, bit_index) _bitvector_get_bit(v, bit_index)
+#define bitvector_set_bit(v, bit_index) _bitvector_set_bit(v, bit_index)
+#define bitvector_clear_bit(v, bit_index) _bitvector_clear_bit(v, bit_index)
+#define bitvector_get_length(v) _bitvector_get_length(v)
+
+#else
+
+int
+bitvector_get_bit(const bitvector_t *v, int bit_index);
+
+void
+bitvector_set_bit(bitvector_t *v, int bit_index);
+
+void
+bitvector_clear_bit(bitvector_t *v, int bit_index);
+
+unsigned long
+bitvector_get_length(const bitvector_t *v);
+
+#endif
+
+int
+bitvector_alloc(bitvector_t *v, unsigned long length);
+
+void
+bitvector_dealloc(bitvector_t *v);
+
+void
+bitvector_set_to_zero(bitvector_t *x);
+
+void
+bitvector_left_shift(bitvector_t *x, int index);
+
+char *
+bitvector_bit_string(bitvector_t *x, char* buf, int len);
+
+#endif /* _DATATYPES_H */
diff --git a/netwerk/srtp/src/crypto/include/err.h b/netwerk/srtp/src/crypto/include/err.h
new file mode 100644
index 000000000..1a6e17018
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/err.h
@@ -0,0 +1,174 @@
+/*
+ * err.h
+ *
+ * error status codes
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef ERR_H
+#define ERR_H
+
+#include "datatypes.h"
+
+/**
+ * @defgroup Error Error Codes
+ *
+ * Error status codes are represented by the enumeration err_status_t.
+ *
+ * @{
+ */
+
+
+/*
+ * @brief err_status_t defines error codes.
+ *
+ * The enumeration err_status_t defines error codes. Note that the
+ * value of err_status_ok is equal to zero, which can simplify error
+ * checking somewhat.
+ *
+ */
+typedef enum {
+ err_status_ok = 0, /**< nothing to report */
+ err_status_fail = 1, /**< unspecified failure */
+ err_status_bad_param = 2, /**< unsupported parameter */
+ err_status_alloc_fail = 3, /**< couldn't allocate memory */
+ err_status_dealloc_fail = 4, /**< couldn't deallocate properly */
+ err_status_init_fail = 5, /**< couldn't initialize */
+ err_status_terminus = 6, /**< can't process as much data as requested */
+ err_status_auth_fail = 7, /**< authentication failure */
+ err_status_cipher_fail = 8, /**< cipher failure */
+ err_status_replay_fail = 9, /**< replay check failed (bad index) */
+ err_status_replay_old = 10, /**< replay check failed (index too old) */
+ err_status_algo_fail = 11, /**< algorithm failed test routine */
+ err_status_no_such_op = 12, /**< unsupported operation */
+ err_status_no_ctx = 13, /**< no appropriate context found */
+ err_status_cant_check = 14, /**< unable to perform desired validation */
+ err_status_key_expired = 15, /**< can't use key any more */
+ err_status_socket_err = 16, /**< error in use of socket */
+ err_status_signal_err = 17, /**< error in use POSIX signals */
+ err_status_nonce_bad = 18, /**< nonce check failed */
+ err_status_read_fail = 19, /**< couldn't read data */
+ err_status_write_fail = 20, /**< couldn't write data */
+ err_status_parse_err = 21, /**< error pasring data */
+ err_status_encode_err = 22, /**< error encoding data */
+ err_status_semaphore_err = 23,/**< error while using semaphores */
+ err_status_pfkey_err = 24 /**< error while using pfkey */
+} err_status_t;
+
+/**
+ * @}
+ */
+
+typedef enum {
+ err_level_emergency = 0,
+ err_level_alert,
+ err_level_critical,
+ err_level_error,
+ err_level_warning,
+ err_level_notice,
+ err_level_info,
+ err_level_debug,
+ err_level_none
+} err_reporting_level_t;
+
+/*
+ * err_reporting_init prepares the error system. If
+ * ERR_REPORTING_SYSLOG is defined, it will open syslog.
+ *
+ * The ident argument is a string that will be prepended to
+ * all syslog messages. It is conventionally argv[0].
+ */
+
+err_status_t
+err_reporting_init(char *ident);
+
+#ifdef SRTP_KERNEL_LINUX
+extern err_reporting_level_t err_level;
+#else
+
+/*
+ * keydaemon_report_error reports a 'printf' formatted error
+ * string, followed by a an arg list. The priority argument
+ * is equivalent to that defined for syslog.
+ *
+ * Errors will be reported to ERR_REPORTING_FILE, if defined, and to
+ * syslog, if ERR_REPORTING_SYSLOG is defined.
+ *
+ */
+
+void
+err_report(int priority, char *format, ...);
+#endif /* ! SRTP_KERNEL_LINUX */
+
+
+/*
+ * debug_module_t defines a debug module
+ */
+
+typedef struct {
+ int on; /* 1 if debugging is on, 0 if it is off */
+ char *name; /* printable name for debug module */
+} debug_module_t;
+
+#ifdef ENABLE_DEBUGGING
+
+#define debug_on(mod) (mod).on = 1
+
+#define debug_off(mod) (mod).on = 0
+
+/* use err_report() to report debug message */
+#define debug_print(mod, format, arg) \
+ if (mod.on) err_report(err_level_debug, ("%s: " format "\n"), mod.name, arg)
+#define debug_print2(mod, format, arg1,arg2) \
+ if (mod.on) err_report(err_level_debug, ("%s: " format "\n"), mod.name, arg1,arg2)
+
+#else
+
+/* define macros to do nothing */
+#define debug_print(mod, format, arg)
+
+#define debug_on(mod)
+
+#define debug_off(mod)
+
+#endif
+
+#endif /* ERR_H */
diff --git a/netwerk/srtp/src/crypto/include/hmac.h b/netwerk/srtp/src/crypto/include/hmac.h
new file mode 100644
index 000000000..262c0e2d6
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/hmac.h
@@ -0,0 +1,78 @@
+/*
+ * hmac.h
+ *
+ * interface to hmac auth_type_t
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef HMAC_H
+#define HMAC_H
+
+#include "auth.h"
+#include "sha1.h"
+
+typedef struct {
+ uint8_t opad[64];
+ sha1_ctx_t ctx;
+ sha1_ctx_t init_ctx;
+} hmac_ctx_t;
+
+err_status_t
+hmac_alloc(auth_t **a, int key_len, int out_len);
+
+err_status_t
+hmac_dealloc(auth_t *a);
+
+err_status_t
+hmac_init(hmac_ctx_t *state, const uint8_t *key, int key_len);
+
+err_status_t
+hmac_start(hmac_ctx_t *state);
+
+err_status_t
+hmac_update(hmac_ctx_t *state, const uint8_t *message, int msg_octets);
+
+err_status_t
+hmac_compute(hmac_ctx_t *state, const void *message,
+ int msg_octets, int tag_len, uint8_t *result);
+
+
+#endif /* HMAC_H */
diff --git a/netwerk/srtp/src/crypto/include/integers.h b/netwerk/srtp/src/crypto/include/integers.h
new file mode 100644
index 000000000..3d7589ebc
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/integers.h
@@ -0,0 +1,155 @@
+/*
+ * integers.h
+ *
+ * defines integer types (or refers to their definitions)
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef INTEGERS_H
+#define INTEGERS_H
+
+#include "config.h" /* configuration file, using autoconf */
+
+#ifdef SRTP_KERNEL
+
+#include "kernel_compat.h"
+
+#else /* SRTP_KERNEL */
+
+/* use standard integer definitions, if they're available */
+#ifdef HAVE_STDLIB_H
+# include <stdlib.h>
+#endif
+#ifdef INTEGER_TYPES_H
+/* Let configure tell us where to get the equivalent to <stdint.h> */
+#include INTEGER_TYPES_H
+
+#if !defined(HAVE_UINT64_T)
+#define NO_64BIT_MATH 1
+#endif
+#else
+#ifdef HAVE_STDINT_H
+# include <stdint.h>
+#endif
+#endif /* INTEGER_TYPES_H */
+#ifdef HAVE_INTTYPES_H
+# include <inttypes.h>
+#endif
+#ifdef HAVE_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_INT_TYPES_H
+# include <sys/int_types.h> /* this exists on Sun OS */
+#endif
+#ifdef HAVE_MACHINE_TYPES_H
+# include <machine/types.h>
+#endif
+
+/* Can we do 64 bit integers? */
+#if !defined(HAVE_UINT64_T)
+# if SIZEOF_UNSIGNED_LONG == 8
+typedef unsigned long uint64_t;
+# elif SIZEOF_UNSIGNED_LONG_LONG == 8
+typedef unsigned long long uint64_t;
+# else
+# define NO_64BIT_MATH 1
+# endif
+#endif
+
+/* Reasonable defaults for 32 bit machines - you may need to
+ * edit these definitions for your own machine. */
+#ifndef HAVE_UINT8_T
+typedef unsigned char uint8_t;
+#endif
+#ifndef HAVE_UINT16_T
+typedef unsigned short int uint16_t;
+#endif
+#ifndef HAVE_UINT32_T
+typedef unsigned int uint32_t;
+#endif
+
+#ifdef NO_64BIT_MATH
+typedef double uint64_t;
+/* assert that sizeof(double) == 8 */
+extern uint64_t make64(uint32_t high, uint32_t low);
+extern uint32_t high32(uint64_t value);
+extern uint32_t low32(uint64_t value);
+#endif
+
+#endif /* SRTP_KERNEL */
+
+/* These macros are to load and store 32-bit values from un-aligned
+ addresses. This is required for processors that do not allow unaligned
+ loads. */
+#ifdef ALIGNMENT_32BIT_REQUIRED
+/* Note that if it's in a variable, you can memcpy it */
+#ifdef WORDS_BIGENDIAN
+#define PUT_32(addr,value) \
+ { \
+ ((unsigned char *) (addr))[0] = (value >> 24); \
+ ((unsigned char *) (addr))[1] = (value >> 16) & 0xff; \
+ ((unsigned char *) (addr))[2] = (value >> 8) & 0xff; \
+ ((unsigned char *) (addr))[3] = (value) & 0xff; \
+ }
+#define GET_32(addr) ((((unsigned char *) (addr))[0] << 24) | \
+ (((unsigned char *) (addr))[1] << 16) | \
+ (((unsigned char *) (addr))[2] << 8) | \
+ (((unsigned char *) (addr))[3]))
+#else
+#define PUT_32(addr,value) \
+ { \
+ ((unsigned char *) (addr))[3] = (value >> 24); \
+ ((unsigned char *) (addr))[2] = (value >> 16) & 0xff; \
+ ((unsigned char *) (addr))[1] = (value >> 8) & 0xff; \
+ ((unsigned char *) (addr))[0] = (value) & 0xff; \
+ }
+#define GET_32(addr) ((((unsigned char *) (addr))[3] << 24) | \
+ (((unsigned char *) (addr))[2] << 16) | \
+ (((unsigned char *) (addr))[1] << 8) | \
+ (((unsigned char *) (addr))[0]))
+#endif // WORDS_BIGENDIAN
+#else
+#define PUT_32(addr,value) *(((uint32_t *) (addr)) = (value)
+#define GET_32(addr) (*(((uint32_t *) (addr)))
+#endif
+
+#endif /* INTEGERS_H */
diff --git a/netwerk/srtp/src/crypto/include/kernel_compat.h b/netwerk/srtp/src/crypto/include/kernel_compat.h
new file mode 100644
index 000000000..59d1898e1
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/kernel_compat.h
@@ -0,0 +1,84 @@
+/*
+ * kernel_compat.h
+ *
+ * Compatibility stuff for building in kernel context where standard
+ * C headers and library are not available.
+ *
+ * Marcus Sundberg
+ * Ingate Systems AB
+ */
+/*
+ *
+ * Copyright(c) 2005 Ingate Systems AB
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the author(s) nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef KERNEL_COMPAT_H
+#define KERNEL_COMPAT_H
+
+#ifdef SRTP_KERNEL_LINUX
+
+#include <linux/kernel.h>
+#include <linux/slab.h>
+#include <linux/sched.h>
+#include <linux/random.h>
+#include <linux/byteorder/generic.h>
+
+
+#define err_report(priority, ...) \
+ do {\
+ if (priority <= err_level) {\
+ printk(__VA_ARGS__);\
+ }\
+ }while(0)
+
+#define clock() (jiffies)
+#define time(x) (jiffies)
+
+/* rand() implementation. */
+#define RAND_MAX 32767
+
+static inline int rand(void)
+{
+ uint32_t temp;
+ get_random_bytes(&temp, sizeof(temp));
+ return temp % (RAND_MAX+1);
+}
+
+/* stdio/stdlib implementation. */
+#define printf(...) printk(__VA_ARGS__)
+#define exit(n) panic("%s:%d: exit(%d)\n", __FILE__, __LINE__, (n))
+
+#endif /* SRTP_KERNEL_LINUX */
+
+#endif /* KERNEL_COMPAT_H */
diff --git a/netwerk/srtp/src/crypto/include/key.h b/netwerk/srtp/src/crypto/include/key.h
new file mode 100644
index 000000000..e7e07448e
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/key.h
@@ -0,0 +1,82 @@
+/*
+ * key.h
+ *
+ * key usage limits enforcement
+ *
+ * David A. Mcgrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef KEY_H
+#define KEY_H
+
+#include "rdbx.h" /* for xtd_seq_num_t */
+#include "err.h"
+
+typedef struct key_limit_ctx_t *key_limit_t;
+
+typedef enum {
+ key_event_normal,
+ key_event_soft_limit,
+ key_event_hard_limit
+} key_event_t;
+
+err_status_t
+key_limit_set(key_limit_t key, const xtd_seq_num_t s);
+
+err_status_t
+key_limit_clone(key_limit_t original, key_limit_t *new_key);
+
+err_status_t
+key_limit_check(const key_limit_t key);
+
+key_event_t
+key_limit_update(key_limit_t key);
+
+typedef enum {
+ key_state_normal,
+ key_state_past_soft_limit,
+ key_state_expired
+} key_state_t;
+
+typedef struct key_limit_ctx_t {
+ xtd_seq_num_t num_left;
+ key_state_t state;
+} key_limit_ctx_t;
+
+#endif /* KEY_H */
diff --git a/netwerk/srtp/src/crypto/include/null_auth.h b/netwerk/srtp/src/crypto/include/null_auth.h
new file mode 100644
index 000000000..44f9a4a2b
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/null_auth.h
@@ -0,0 +1,68 @@
+/*
+ * null-auth.h
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef NULL_AUTH_H
+#define NULL_AUTH_H
+
+#include "auth.h"
+
+typedef struct {
+ char foo;
+} null_auth_ctx_t;
+
+err_status_t
+null_auth_alloc(auth_t **a, int key_len, int out_len);
+
+err_status_t
+null_auth_dealloc(auth_t *a);
+
+err_status_t
+null_auth_init(null_auth_ctx_t *state, const uint8_t *key, int key_len);
+
+err_status_t
+null_auth_compute (null_auth_ctx_t *state, uint8_t *message,
+ int msg_octets, int tag_len, uint8_t *result);
+
+
+#endif /* NULL_AUTH_H */
diff --git a/netwerk/srtp/src/crypto/include/null_cipher.h b/netwerk/srtp/src/crypto/include/null_cipher.h
new file mode 100644
index 000000000..39da59a81
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/null_cipher.h
@@ -0,0 +1,80 @@
+/*
+ * null-cipher.h
+ *
+ * header file for the null cipher
+ *
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef NULL_CIPHER_H
+#define NULL_CIPHER_H
+
+#include "datatypes.h"
+#include "cipher.h"
+
+typedef struct {
+ char foo ;/* empty, for now */
+} null_cipher_ctx_t;
+
+
+/*
+ * none of these functions do anything (though future versions may keep
+ * track of bytes encrypted, number of instances, and/or other info).
+ */
+
+err_status_t
+null_cipher_init(null_cipher_ctx_t *c, const uint8_t *key, int key_len);
+
+err_status_t
+null_cipher_set_segment(null_cipher_ctx_t *c,
+ unsigned long segment_index);
+
+err_status_t
+null_cipher_encrypt(null_cipher_ctx_t *c,
+ unsigned char *buf, unsigned int *bytes_to_encr);
+
+
+err_status_t
+null_cipher_encrypt_aligned(null_cipher_ctx_t *c,
+ unsigned char *buf, int bytes_to_encr);
+
+#endif /* NULL_CIPHER_H */
diff --git a/netwerk/srtp/src/crypto/include/prng.h b/netwerk/srtp/src/crypto/include/prng.h
new file mode 100644
index 000000000..ad0a49c22
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/prng.h
@@ -0,0 +1,89 @@
+/*
+ * prng.h
+ *
+ * pseudorandom source
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef PRNG_H
+#define PRNG_H
+
+#include "rand_source.h" /* for rand_source_func_t definition */
+#include "aes.h" /* for aes */
+#include "aes_icm.h" /* for aes ctr */
+
+#define MAX_PRNG_OUT_LEN 0xffffffffU
+
+/*
+ * x917_prng is an ANSI X9.17-like AES-based PRNG
+ */
+
+typedef struct {
+ v128_t state; /* state data */
+ aes_expanded_key_t key; /* secret key */
+ uint32_t octet_count; /* number of octets output since last init */
+ rand_source_func_t rand; /* random source for re-initialization */
+} x917_prng_t;
+
+err_status_t
+x917_prng_init(rand_source_func_t random_source);
+
+err_status_t
+x917_prng_get_octet_string(uint8_t *dest, uint32_t len);
+
+
+/*
+ * ctr_prng is an AES-CTR based PRNG
+ */
+
+typedef struct {
+ uint32_t octet_count; /* number of octets output since last init */
+ aes_icm_ctx_t state; /* state data */
+ rand_source_func_t rand; /* random source for re-initialization */
+} ctr_prng_t;
+
+err_status_t
+ctr_prng_init(rand_source_func_t random_source);
+
+err_status_t
+ctr_prng_get_octet_string(void *dest, uint32_t len);
+
+
+#endif
diff --git a/netwerk/srtp/src/crypto/include/rand_source.h b/netwerk/srtp/src/crypto/include/rand_source.h
new file mode 100644
index 000000000..b4c21103a
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/rand_source.h
@@ -0,0 +1,91 @@
+/*
+ * rand_source.h
+ *
+ * implements a random source based on /dev/random
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef RAND_SOURCE
+#define RAND_SOURCE
+
+#include "err.h"
+#include "datatypes.h"
+
+err_status_t
+rand_source_init(void);
+
+/*
+ * rand_source_get_octet_string() writes a random octet string.
+ *
+ * The function call rand_source_get_octet_string(dest, len) writes
+ * len octets of random data to the location to which dest points,
+ * and returns an error code. This error code should be checked,
+ * and if a failure is reported, the data in the buffer MUST NOT
+ * be used.
+ *
+ * warning: If the return code is not checked, then non-random
+ * data may inadvertently be used.
+ *
+ * returns:
+ * - err_status_ok if no problems occured.
+ * - [other] a problem occured, and no assumptions should
+ * be made about the contents of the destination
+ * buffer.
+ */
+
+err_status_t
+rand_source_get_octet_string(void *dest, uint32_t length);
+
+err_status_t
+rand_source_deinit(void);
+
+/*
+ * function prototype for a random source function
+ *
+ * A rand_source_func_t writes num_octets at the location indicated by
+ * dest and returns err_status_ok. Any other return value indicates
+ * failure.
+ */
+
+typedef err_status_t (*rand_source_func_t)
+ (void *dest, uint32_t num_octets);
+
+#endif /* RAND_SOURCE */
diff --git a/netwerk/srtp/src/crypto/include/rdb.h b/netwerk/srtp/src/crypto/include/rdb.h
new file mode 100644
index 000000000..07daec3d6
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/rdb.h
@@ -0,0 +1,129 @@
+/*
+ * replay-database.h
+ *
+ * interface for a replay database for packet security
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef REPLAY_DB_H
+#define REPLAY_DB_H
+
+#include "integers.h" /* for uint32_t */
+#include "datatypes.h" /* for v128_t */
+#include "err.h" /* for err_status_t */
+
+/*
+ * if the ith least significant bit is one, then the packet index
+ * window_end-i is in the database
+ */
+
+typedef struct {
+ uint32_t window_start; /* packet index of the first bit in bitmask */
+ v128_t bitmask;
+} rdb_t;
+
+#define rdb_bits_in_bitmask (8*sizeof(v128_t))
+
+/*
+ * rdb init
+ *
+ * initalizes rdb
+ *
+ * returns err_status_ok on success, err_status_t_fail otherwise
+ */
+
+err_status_t
+rdb_init(rdb_t *rdb);
+
+
+/*
+ * rdb_check
+ *
+ * checks to see if index appears in rdb
+ *
+ * returns err_status_fail if the index already appears in rdb,
+ * returns err_status_ok otherwise
+ */
+
+err_status_t
+rdb_check(const rdb_t *rdb, uint32_t rdb_index);
+
+/*
+ * rdb_add_index
+ *
+ * adds index to rdb_t (and does *not* check if index appears in db)
+ *
+ * returns err_status_ok on success, err_status_fail otherwise
+ *
+ */
+
+err_status_t
+rdb_add_index(rdb_t *rdb, uint32_t rdb_index);
+
+/*
+ * the functions rdb_increment() and rdb_get_value() are for use by
+ * senders, not receivers - DO NOT use these functions on the same
+ * rdb_t upon which rdb_add_index is used!
+ */
+
+
+/*
+ * rdb_increment(db) increments the sequence number in db, if it is
+ * not too high
+ *
+ * return values:
+ *
+ * err_status_ok no problem
+ * err_status_key_expired sequence number too high
+ *
+ */
+err_status_t
+rdb_increment(rdb_t *rdb);
+
+/*
+ * rdb_get_value(db) returns the current sequence number of db
+ */
+
+uint32_t
+rdb_get_value(const rdb_t *rdb);
+
+
+#endif /* REPLAY_DB_H */
diff --git a/netwerk/srtp/src/crypto/include/rdbx.h b/netwerk/srtp/src/crypto/include/rdbx.h
new file mode 100644
index 000000000..7b201e29b
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/rdbx.h
@@ -0,0 +1,221 @@
+/*
+ * rdbx.h
+ *
+ * replay database with extended packet indices, using a rollover counter
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ *
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef RDBX_H
+#define RDBX_H
+
+#include "datatypes.h"
+#include "err.h"
+
+/* #define ROC_TEST */
+
+#ifndef ROC_TEST
+
+typedef uint16_t sequence_number_t; /* 16 bit sequence number */
+typedef uint32_t rollover_counter_t; /* 32 bit rollover counter */
+
+#else /* use small seq_num and roc datatypes for testing purposes */
+
+typedef unsigned char sequence_number_t; /* 8 bit sequence number */
+typedef uint16_t rollover_counter_t; /* 16 bit rollover counter */
+
+#endif
+
+#define seq_num_median (1 << (8*sizeof(sequence_number_t) - 1))
+#define seq_num_max (1 << (8*sizeof(sequence_number_t)))
+
+/*
+ * An xtd_seq_num_t is a 64-bit unsigned integer used as an 'extended'
+ * sequence number.
+ */
+
+typedef uint64_t xtd_seq_num_t;
+
+
+/*
+ * An rdbx_t is a replay database with extended range; it uses an
+ * xtd_seq_num_t and a bitmask of recently received indices.
+ */
+
+typedef struct {
+ xtd_seq_num_t index;
+ bitvector_t bitmask;
+} rdbx_t;
+
+
+/*
+ * rdbx_init(rdbx_ptr, ws)
+ *
+ * initializes the rdbx pointed to by its argument with the window size ws,
+ * setting the rollover counter and sequence number to zero
+ */
+
+err_status_t
+rdbx_init(rdbx_t *rdbx, unsigned long ws);
+
+
+/*
+ * rdbx_dealloc(rdbx_ptr)
+ *
+ * frees memory associated with the rdbx
+ */
+
+err_status_t
+rdbx_dealloc(rdbx_t *rdbx);
+
+
+/*
+ * rdbx_estimate_index(rdbx, guess, s)
+ *
+ * given an rdbx and a sequence number s (from a newly arrived packet),
+ * sets the contents of *guess to contain the best guess of the packet
+ * index to which s corresponds, and returns the difference between
+ * *guess and the locally stored synch info
+ */
+
+int
+rdbx_estimate_index(const rdbx_t *rdbx,
+ xtd_seq_num_t *guess,
+ sequence_number_t s);
+
+/*
+ * rdbx_check(rdbx, delta);
+ *
+ * rdbx_check(&r, delta) checks to see if the xtd_seq_num_t
+ * which is at rdbx->window_start + delta is in the rdb
+ *
+ */
+
+err_status_t
+rdbx_check(const rdbx_t *rdbx, int difference);
+
+/*
+ * replay_add_index(rdbx, delta)
+ *
+ * adds the xtd_seq_num_t at rdbx->window_start + delta to replay_db
+ * (and does *not* check if that xtd_seq_num_t appears in db)
+ *
+ * this function should be called *only* after replay_check has
+ * indicated that the index does not appear in the rdbx, and a mutex
+ * should protect the rdbx between these calls if necessary.
+ */
+
+err_status_t
+rdbx_add_index(rdbx_t *rdbx, int delta);
+
+
+/*
+ * rdbx_set_roc(rdbx, roc) initalizes the rdbx_t at the location rdbx
+ * to have the rollover counter value roc. If that value is less than
+ * the current rollover counter value, then the function returns
+ * err_status_replay_old; otherwise, err_status_ok is returned.
+ *
+ */
+
+err_status_t
+rdbx_set_roc(rdbx_t *rdbx, uint32_t roc);
+
+/*
+ * rdbx_get_roc(rdbx) returns the value of the rollover counter for
+ * the rdbx_t pointed to by rdbx
+ *
+ */
+
+xtd_seq_num_t
+rdbx_get_packet_index(const rdbx_t *rdbx);
+
+/*
+ * xtd_seq_num_t functions - these are *internal* functions of rdbx, and
+ * shouldn't be used to manipulate rdbx internal values. use the rdbx
+ * api instead!
+ */
+
+/*
+ * rdbx_get_ws(rdbx_ptr)
+ *
+ * gets the window size which was used to initialize the rdbx
+ */
+
+unsigned long
+rdbx_get_window_size(const rdbx_t *rdbx);
+
+
+/* index_init(&pi) initializes a packet index pi (sets it to zero) */
+
+void
+index_init(xtd_seq_num_t *pi);
+
+/* index_advance(&pi, s) advances a xtd_seq_num_t forward by s */
+
+void
+index_advance(xtd_seq_num_t *pi, sequence_number_t s);
+
+
+/*
+ * index_guess(local, guess, s)
+ *
+ * given a xtd_seq_num_t local (which represents the highest
+ * known-to-be-good index) and a sequence number s (from a newly
+ * arrived packet), sets the contents of *guess to contain the best
+ * guess of the packet index to which s corresponds, and returns the
+ * difference between *guess and *local
+ */
+
+int
+index_guess(const xtd_seq_num_t *local,
+ xtd_seq_num_t *guess,
+ sequence_number_t s);
+
+
+#endif /* RDBX_H */
+
+
+
+
+
+
+
+
+
diff --git a/netwerk/srtp/src/crypto/include/sha1.h b/netwerk/srtp/src/crypto/include/sha1.h
new file mode 100644
index 000000000..e3af4d4b4
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/sha1.h
@@ -0,0 +1,108 @@
+/*
+ * sha1.h
+ *
+ * interface to the Secure Hash Algorithm v.1 (SHA-1), specified in
+ * FIPS 180-1
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef SHA1_H
+#define SHA1_H
+
+#include "err.h"
+#include "datatypes.h"
+
+typedef struct {
+ uint32_t H[5]; /* state vector */
+ uint32_t M[16]; /* message buffer */
+ int octets_in_buffer; /* octets of message in buffer */
+ uint32_t num_bits_in_msg; /* total number of bits in message */
+} sha1_ctx_t;
+
+/*
+ * sha1(&ctx, msg, len, output) hashes the len octets starting at msg
+ * into the SHA1 context, then writes the result to the 20 octets at
+ * output
+ *
+ */
+
+void
+sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]);
+
+/*
+ * sha1_init(&ctx) initializes the SHA1 context ctx
+ *
+ * sha1_update(&ctx, msg, len) hashes the len octets starting at msg
+ * into the SHA1 context
+ *
+ * sha1_final(&ctx, output) performs the final processing of the SHA1
+ * context and writes the result to the 20 octets at output
+ *
+ */
+
+void
+sha1_init(sha1_ctx_t *ctx);
+
+void
+sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg);
+
+void
+sha1_final(sha1_ctx_t *ctx, uint32_t output[5]);
+
+/*
+ * The sha1_core function is INTERNAL to SHA-1, but it is declared
+ * here because it is also used by the cipher SEAL 3.0 in its key
+ * setup algorithm.
+ */
+
+/*
+ * sha1_core(M, H) computes the core sha1 compression function, where M is
+ * the next part of the message and H is the intermediate state {H0,
+ * H1, ...}
+ *
+ * this function does not do any of the padding required in the
+ * complete sha1 function
+ */
+
+void
+sha1_core(const uint32_t M[16], uint32_t hash_value[5]);
+
+#endif /* SHA1_H */
diff --git a/netwerk/srtp/src/crypto/include/stat.h b/netwerk/srtp/src/crypto/include/stat.h
new file mode 100644
index 000000000..e28b1314a
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/stat.h
@@ -0,0 +1,69 @@
+/*
+ * stats.h
+ *
+ * interface to statistical test functions
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright(c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#ifndef STAT_H
+#define STAT_H
+
+#include "datatypes.h" /* for uint8_t */
+#include "err.h" /* for err_status_t */
+#include "rand_source.h" /* for rand_source_func_t definition */
+
+err_status_t
+stat_test_monobit(uint8_t *data);
+
+err_status_t
+stat_test_poker(uint8_t *data);
+
+err_status_t
+stat_test_runs(uint8_t *data);
+
+err_status_t
+stat_test_rand_source(rand_source_func_t rs);
+
+err_status_t
+stat_test_rand_source_with_repetition(rand_source_func_t source, unsigned num_trials);
+
+#endif /* STAT_H */
diff --git a/netwerk/srtp/src/crypto/include/xfm.h b/netwerk/srtp/src/crypto/include/xfm.h
new file mode 100644
index 000000000..b43b33bc3
--- /dev/null
+++ b/netwerk/srtp/src/crypto/include/xfm.h
@@ -0,0 +1,174 @@
+/*
+ * xfm.h
+ *
+ * interface for abstract crypto transform
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef XFM_H
+#define XFM_H
+
+#include "crypto_kernel.h"
+#include "err.h"
+
+/**
+ * @defgroup Crypto Cryptography
+ *
+ * A simple interface to an abstract cryptographic transform that
+ * provides both confidentiality and message authentication.
+ *
+ * @{
+ */
+
+/**
+ * @brief applies a crypto transform
+ *
+ * The function pointer xfm_func_t points to a function that
+ * implements a crypto transform, and provides a uniform API for
+ * accessing crypto mechanisms.
+ *
+ * @param key location of secret key
+ *
+ * @param clear data to be authenticated only
+ *
+ * @param clear_len length of data to be authenticated only
+ *
+ * @param iv location to write the Initialization Vector (IV)
+ *
+ * @param protect location of the data to be encrypted and
+ * authenticated (before the function call), and the ciphertext
+ * and authentication tag (after the call)
+ *
+ * @param protected_len location of the length of the data to be
+ * encrypted and authenticated (before the function call), and the
+ * length of the ciphertext (after the call)
+ *
+ * @param auth_tag location to write auth tag
+ */
+
+typedef err_status_t (*xfm_func_t)
+ (void *key,
+ void *clear,
+ unsigned clear_len,
+ void *iv,
+ void *protect,
+ unsigned *protected_len,
+ void *auth_tag
+ );
+
+typedef
+err_status_t (*xfm_inv_t)
+ (void *key, /* location of secret key */
+ void *clear, /* data to be authenticated only */
+ unsigned clear_len, /* length of data to be authenticated only */
+ void *iv, /* location of iv */
+ void *opaque, /* data to be decrypted and authenticated */
+ unsigned *opaque_len, /* location of the length of data to be
+ * decrypted and authd (before and after)
+ */
+ void *auth_tag /* location of auth tag */
+ );
+
+typedef struct xfm_ctx_t {
+ xfm_func_t func;
+ xfm_inv_t inv;
+ unsigned key_len;
+ unsigned iv_len;
+ unsigned auth_tag_len;
+} xfm_ctx_t;
+
+typedef xfm_ctx_t *xfm_t;
+
+#define xfm_get_key_len(xfm) ((xfm)->key_len)
+
+#define xfm_get_iv_len(xfm) ((xfm)->iv_len)
+
+#define xfm_get_auth_tag_len(xfm) ((xfm)->auth_tag_len)
+
+
+/* cryptoalgo - 5/28 */
+
+typedef err_status_t (*cryptoalg_func_t)
+ (void *key,
+ void *clear,
+ unsigned clear_len,
+ void *iv,
+ void *opaque,
+ unsigned *opaque_len
+ );
+
+typedef
+err_status_t (*cryptoalg_inv_t)
+ (void *key, /* location of secret key */
+ void *clear, /* data to be authenticated only */
+ unsigned clear_len, /* length of data to be authenticated only */
+ void *iv, /* location of iv */
+ void *opaque, /* data to be decrypted and authenticated */
+ unsigned *opaque_len /* location of the length of data to be
+ * decrypted and authd (before and after)
+ */
+ );
+
+typedef struct cryptoalg_ctx_t {
+ cryptoalg_func_t enc;
+ cryptoalg_inv_t dec;
+ unsigned key_len;
+ unsigned iv_len;
+ unsigned auth_tag_len;
+ unsigned max_expansion;
+} cryptoalg_ctx_t;
+
+typedef cryptoalg_ctx_t *cryptoalg_t;
+
+#define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len)
+
+#define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len)
+
+#define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len)
+
+
+
+/**
+ * @}
+ */
+
+#endif /* XFM_H */
+
+