diff --git a/README.md b/README.md index 66a001307..d666415c3 100644 --- a/README.md +++ b/README.md @@ -502,7 +502,7 @@ srtp_create(&session, &policy); // main loop: get rtp packets, send srtp packets while (1) { char rtp_buffer[2048]; - unsigned len; + size_t len; len = get_rtp_packet(rtp_buffer); srtp_protect(session, rtp_buffer, &len); diff --git a/crypto/cipher/aes.c b/crypto/cipher/aes.c index 52fe9a705..eb92358b2 100644 --- a/crypto/cipher/aes.c +++ b/crypto/cipher/aes.c @@ -1404,18 +1404,15 @@ static const uint32_t U4[256] = { static void aes_128_expand_encryption_key(const uint8_t *key, srtp_aes_expanded_key_t *expanded_key) { - int i; - uint8_t rc; - /* initialize round constant */ - rc = 1; + uint8_t rc = 1; expanded_key->num_rounds = 10; v128_copy_octet_string(&expanded_key->round[0], key); /* loop over round keys */ - for (i = 1; i < 11; i++) { + for (size_t i = 1; i < 11; i++) { /* munge first word of round key */ expanded_key->round[i].v8[0] = aes_sbox[expanded_key->round[i - 1].v8[13]] ^ rc; @@ -1445,14 +1442,11 @@ static void aes_128_expand_encryption_key(const uint8_t *key, } } -static void aes_256_expand_encryption_key(const unsigned char *key, +static void aes_256_expand_encryption_key(const uint8_t *key, srtp_aes_expanded_key_t *expanded_key) { - int i; - uint8_t rc; - /* initialize round constant */ - rc = 1; + uint8_t rc = 1; expanded_key->num_rounds = 14; @@ -1460,7 +1454,7 @@ static void aes_256_expand_encryption_key(const unsigned char *key, v128_copy_octet_string(&expanded_key->round[1], key + 16); /* loop over rest of round keys */ - for (i = 2; i < 15; i++) { + for (size_t i = 2; i < 15; i++) { /* munge first word of round key */ if ((i & 1) == 0) { expanded_key->round[i].v8[0] = @@ -1525,9 +1519,8 @@ srtp_err_status_t srtp_aes_expand_decryption_key( size_t key_len, srtp_aes_expanded_key_t *expanded_key) { - int i; srtp_err_status_t status; - int num_rounds = expanded_key->num_rounds; + size_t num_rounds = expanded_key->num_rounds; status = srtp_aes_expand_encryption_key(key, key_len, expanded_key); if (status) { @@ -1535,7 +1528,7 @@ srtp_err_status_t srtp_aes_expand_decryption_key( } /* invert the order of the round keys */ - for (i = 0; i < num_rounds / 2; i++) { + for (size_t i = 0; i < num_rounds / 2; i++) { v128_t tmp; v128_copy(&tmp, &expanded_key->round[num_rounds - i]); v128_copy(&expanded_key->round[num_rounds - i], @@ -1551,7 +1544,7 @@ srtp_err_status_t srtp_aes_expand_decryption_key( * followed by the T4 table (which cancels out the use of the sbox * in the U-tables) */ - for (i = 1; i < num_rounds; i++) { + for (size_t i = 1; i < num_rounds; i++) { #ifdef CPU_RISC uint32_t tmp; diff --git a/crypto/cipher/aes_gcm_mbedtls.c b/crypto/cipher/aes_gcm_mbedtls.c index 730b3f66c..2965d202e 100644 --- a/crypto/cipher/aes_gcm_mbedtls.c +++ b/crypto/cipher/aes_gcm_mbedtls.c @@ -55,7 +55,7 @@ #include "cipher_test_cases.h" srtp_debug_module_t srtp_mod_aes_gcm = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "aes gcm mbedtls" /* printable module name */ }; diff --git a/crypto/cipher/aes_gcm_nss.c b/crypto/cipher/aes_gcm_nss.c index 5c447d70a..7f514f54d 100644 --- a/crypto/cipher/aes_gcm_nss.c +++ b/crypto/cipher/aes_gcm_nss.c @@ -58,7 +58,7 @@ #include srtp_debug_module_t srtp_mod_aes_gcm = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "aes gcm nss" /* printable module name */ }; @@ -280,7 +280,7 @@ static srtp_err_status_t srtp_aes_gcm_nss_set_aad(void *cv, } static srtp_err_status_t srtp_aes_gcm_nss_do_crypto(void *cv, - int encrypt, + bool encrypt, uint8_t *buf, size_t *enc_len) { @@ -347,7 +347,7 @@ static srtp_err_status_t srtp_aes_gcm_nss_encrypt(void *cv, } srtp_err_status_t status = - srtp_aes_gcm_nss_do_crypto(cv, 1, non_null_buf, enc_len); + srtp_aes_gcm_nss_do_crypto(cv, true, non_null_buf, enc_len); if (status != srtp_err_status_ok) { return status; } @@ -390,7 +390,8 @@ static srtp_err_status_t srtp_aes_gcm_nss_decrypt(void *cv, uint8_t *buf, size_t *enc_len) { - srtp_err_status_t status = srtp_aes_gcm_nss_do_crypto(cv, 0, buf, enc_len); + srtp_err_status_t status = + srtp_aes_gcm_nss_do_crypto(cv, false, buf, enc_len); if (status != srtp_err_status_ok) { int err = PR_GetError(); if (err == SEC_ERROR_BAD_DATA) { diff --git a/crypto/cipher/aes_gcm_ossl.c b/crypto/cipher/aes_gcm_ossl.c index 27445c178..6a56450db 100644 --- a/crypto/cipher/aes_gcm_ossl.c +++ b/crypto/cipher/aes_gcm_ossl.c @@ -57,7 +57,7 @@ #include "cipher_test_cases.h" srtp_debug_module_t srtp_mod_aes_gcm = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "aes gcm" /* printable module name */ }; @@ -268,7 +268,7 @@ static srtp_err_status_t srtp_aes_gcm_openssl_set_aad(void *cv, * OpenSSL copy its content to the context), so we can make * aad read-only in this function and all its wrappers. */ - unsigned char dummy_tag[GCM_AUTH_TAG_LEN]; + uint8_t dummy_tag[GCM_AUTH_TAG_LEN]; memset(dummy_tag, 0x0, GCM_AUTH_TAG_LEN); if (!EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len, &dummy_tag)) { diff --git a/crypto/cipher/aes_icm.c b/crypto/cipher/aes_icm.c index 5c3810b3d..744df6aae 100644 --- a/crypto/cipher/aes_icm.c +++ b/crypto/cipher/aes_icm.c @@ -55,7 +55,7 @@ #include "cipher_test_cases.h" srtp_debug_module_t srtp_mod_aes_icm = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "aes icm" /* printable module name */ }; @@ -299,18 +299,18 @@ static srtp_err_status_t srtp_aes_icm_encrypt(void *cv, size_t *enc_len) { srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv; - unsigned int bytes_to_encr = (unsigned int)*enc_len; + size_t bytes_to_encr = *enc_len; uint32_t *b; /* check that there's enough segment left*/ - unsigned int bytes_of_new_keystream = bytes_to_encr - c->bytes_in_buffer; - unsigned int blocks_of_new_keystream = (bytes_of_new_keystream + 15) >> 4; + size_t bytes_of_new_keystream = bytes_to_encr - c->bytes_in_buffer; + size_t blocks_of_new_keystream = (bytes_of_new_keystream + 15) >> 4; if ((blocks_of_new_keystream + htons(c->counter.v16[7])) > 0xffff) { return srtp_err_status_terminus; } debug_print(srtp_mod_aes_icm, "block index: %d", htons(c->counter.v16[7])); - if (bytes_to_encr <= (unsigned int)c->bytes_in_buffer) { + if (bytes_to_encr <= c->bytes_in_buffer) { /* deal with odd case of small bytes_to_encr */ for (size_t i = (sizeof(v128_t) - c->bytes_in_buffer); i < (sizeof(v128_t) - c->bytes_in_buffer + bytes_to_encr); i++) { diff --git a/crypto/cipher/aes_icm_mbedtls.c b/crypto/cipher/aes_icm_mbedtls.c index f1546a322..7cbde4d03 100644 --- a/crypto/cipher/aes_icm_mbedtls.c +++ b/crypto/cipher/aes_icm_mbedtls.c @@ -54,7 +54,7 @@ #include "cipher_test_cases.h" srtp_debug_module_t srtp_mod_aes_icm = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "aes icm mbedtls" /* printable module name */ }; diff --git a/crypto/cipher/aes_icm_nss.c b/crypto/cipher/aes_icm_nss.c index d0e640e11..0f9c883fd 100644 --- a/crypto/cipher/aes_icm_nss.c +++ b/crypto/cipher/aes_icm_nss.c @@ -55,7 +55,7 @@ #include "cipher_test_cases.h" srtp_debug_module_t srtp_mod_aes_icm = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "aes icm nss" /* printable module name */ }; diff --git a/crypto/cipher/aes_icm_ossl.c b/crypto/cipher/aes_icm_ossl.c index 6caa4b00b..4319de5c6 100644 --- a/crypto/cipher/aes_icm_ossl.c +++ b/crypto/cipher/aes_icm_ossl.c @@ -61,7 +61,7 @@ #include "cipher_test_cases.h" srtp_debug_module_t srtp_mod_aes_icm = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "aes icm ossl" /* printable module name */ }; diff --git a/crypto/cipher/cipher.c b/crypto/cipher/cipher.c index fe4b16c4f..35a2321b6 100644 --- a/crypto/cipher/cipher.c +++ b/crypto/cipher/cipher.c @@ -55,7 +55,7 @@ #include "alloc.h" /* for crypto_alloc(), crypto_free() */ srtp_debug_module_t srtp_mod_cipher = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "cipher" /* printable module name */ }; @@ -88,7 +88,7 @@ srtp_err_status_t srtp_cipher_init(srtp_cipher_t *c, const uint8_t *key) srtp_err_status_t srtp_cipher_set_iv(srtp_cipher_t *c, uint8_t *iv, - int direction) + srtp_cipher_direction_t direction) { if (!c || !c->type || !c->state) { return (srtp_err_status_bad_param); @@ -213,8 +213,7 @@ srtp_err_status_t srtp_cipher_type_test( uint8_t buffer2[SELF_TEST_BUF_OCTETS]; size_t tag_len; size_t len; - int i, j, case_num = 0; - unsigned k = 0; + size_t case_num = 0; debug_print(srtp_mod_cipher, "running self-test for cipher %s", ct->description); @@ -256,7 +255,7 @@ srtp_err_status_t srtp_cipher_type_test( srtp_cipher_dealloc(c); return srtp_err_status_bad_param; } - for (k = 0; k < test_case->plaintext_length_octets; k++) { + for (size_t k = 0; k < test_case->plaintext_length_octets; k++) { buffer[k] = test_case->plaintext[k]; } @@ -321,11 +320,11 @@ srtp_err_status_t srtp_cipher_type_test( return srtp_err_status_algo_fail; } status = srtp_err_status_ok; - for (k = 0; k < test_case->ciphertext_length_octets; k++) { + for (size_t k = 0; k < test_case->ciphertext_length_octets; k++) { if (buffer[k] != test_case->ciphertext[k]) { status = srtp_err_status_algo_fail; - debug_print(srtp_mod_cipher, "test case %d failed", case_num); - debug_print(srtp_mod_cipher, "(failure at byte %u)", k); + debug_print(srtp_mod_cipher, "test case %zu failed", case_num); + debug_print(srtp_mod_cipher, "(failure at byte %zu)", k); break; } } @@ -359,7 +358,7 @@ srtp_err_status_t srtp_cipher_type_test( srtp_cipher_dealloc(c); return srtp_err_status_bad_param; } - for (k = 0; k < test_case->ciphertext_length_octets; k++) { + for (size_t k = 0; k < test_case->ciphertext_length_octets; k++) { buffer[k] = test_case->ciphertext[k]; } @@ -408,11 +407,11 @@ srtp_err_status_t srtp_cipher_type_test( return srtp_err_status_algo_fail; } status = srtp_err_status_ok; - for (k = 0; k < test_case->plaintext_length_octets; k++) { + for (size_t k = 0; k < test_case->plaintext_length_octets; k++) { if (buffer[k] != test_case->plaintext[k]) { status = srtp_err_status_algo_fail; - debug_print(srtp_mod_cipher, "test case %d failed", case_num); - debug_print(srtp_mod_cipher, "(failure at byte %u)", k); + debug_print(srtp_mod_cipher, "test case %zu failed", case_num); + debug_print(srtp_mod_cipher, "(failure at byte %zu)", k); } } if (status) { @@ -452,7 +451,7 @@ srtp_err_status_t srtp_cipher_type_test( return status; } - for (j = 0; j < NUM_RAND_TESTS; j++) { + for (size_t j = 0; j < NUM_RAND_TESTS; j++) { size_t length; size_t plaintext_len; uint8_t key[MAX_KEY_LEN]; @@ -467,7 +466,7 @@ srtp_err_status_t srtp_cipher_type_test( srtp_octet_string_hex_string(buffer, length)); /* copy plaintext into second buffer */ - for (i = 0; (unsigned int)i < length; i++) { + for (size_t i = 0; i < length; i++) { buffer2[i] = buffer[i]; } @@ -578,12 +577,12 @@ srtp_err_status_t srtp_cipher_type_test( return srtp_err_status_algo_fail; } status = srtp_err_status_ok; - for (k = 0; k < plaintext_len; k++) { + for (size_t k = 0; k < plaintext_len; k++) { if (buffer[k] != buffer2[k]) { status = srtp_err_status_algo_fail; - debug_print(srtp_mod_cipher, "random test case %d failed", + debug_print(srtp_mod_cipher, "random test case %zu failed", case_num); - debug_print(srtp_mod_cipher, "(failure at byte %u)", k); + debug_print(srtp_mod_cipher, "(failure at byte %zu)", k); } } if (status) { @@ -621,15 +620,14 @@ srtp_err_status_t srtp_cipher_type_self_test(const srtp_cipher_type_t *ct) */ uint64_t srtp_cipher_bits_per_second(srtp_cipher_t *c, size_t octets_in_buffer, - int num_trials) + size_t num_trials) { - int i; v128_t nonce; clock_t timer; uint8_t *enc_buf; size_t len = octets_in_buffer; size_t tag_len = SRTP_MAX_TAG_LEN; - unsigned char aad[4] = { 0, 0, 0, 0 }; + uint8_t aad[4] = { 0, 0, 0, 0 }; size_t aad_len = 4; enc_buf = (uint8_t *)srtp_crypto_alloc(octets_in_buffer + tag_len); @@ -639,7 +637,7 @@ uint64_t srtp_cipher_bits_per_second(srtp_cipher_t *c, /* time repeated trials */ v128_set_to_zero(&nonce); timer = clock(); - for (i = 0; i < num_trials; i++, nonce.v32[3] = i) { + for (size_t i = 0; i < num_trials; i++, nonce.v32[3] = (uint32_t)i) { // Set IV if (srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt) != srtp_err_status_ok) { diff --git a/crypto/hash/auth.c b/crypto/hash/auth.c index 4f2e8d5af..735d1248a 100644 --- a/crypto/hash/auth.c +++ b/crypto/hash/auth.c @@ -54,7 +54,7 @@ /* the debug module for authentiation */ srtp_debug_module_t srtp_mod_auth = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "auth func" /* printable name for module */ }; @@ -90,7 +90,7 @@ srtp_err_status_t srtp_auth_type_test(const srtp_auth_type_t *at, srtp_err_status_t status; uint8_t tag[SELF_TEST_TAG_BUF_OCTETS]; size_t i = 0; - unsigned int case_num = 0; + size_t case_num = 0; debug_print(srtp_mod_auth, "running self-test for auth function %s", at->description); @@ -157,7 +157,7 @@ srtp_err_status_t srtp_auth_type_test(const srtp_auth_type_t *at, for (i = 0; i < test_case->tag_length_octets; i++) { if (tag[i] != test_case->tag[i]) { status = srtp_err_status_algo_fail; - debug_print(srtp_mod_auth, "test case %d failed", case_num); + debug_print(srtp_mod_auth, "test case %zu failed", case_num); debug_print(srtp_mod_auth, " (mismatch at octet %zu)", i); } } diff --git a/crypto/hash/hmac.c b/crypto/hash/hmac.c index 402427b4f..e10ed5e31 100644 --- a/crypto/hash/hmac.c +++ b/crypto/hash/hmac.c @@ -54,7 +54,7 @@ /* the debug module for authentiation */ srtp_debug_module_t srtp_mod_hmac = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "hmac sha-1" /* printable name for module */ }; diff --git a/crypto/hash/hmac_mbedtls.c b/crypto/hash/hmac_mbedtls.c index ba7ed2328..57d0ff1c1 100644 --- a/crypto/hash/hmac_mbedtls.c +++ b/crypto/hash/hmac_mbedtls.c @@ -56,7 +56,7 @@ /* the debug module for authentiation */ srtp_debug_module_t srtp_mod_hmac = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "hmac sha-1 mbedtls" /* printable name for module */ }; @@ -116,8 +116,9 @@ static srtp_err_status_t srtp_hmac_mbedtls_dealloc(srtp_auth_t *a) static srtp_err_status_t srtp_hmac_mbedtls_start(void *statev) { mbedtls_md_context_t *state = (mbedtls_md_context_t *)statev; - if (mbedtls_md_hmac_reset(state) != 0) + if (mbedtls_md_hmac_reset(state) != 0) { return srtp_err_status_auth_fail; + } return srtp_err_status_ok; } @@ -130,19 +131,22 @@ static srtp_err_status_t srtp_hmac_mbedtls_init(void *statev, const mbedtls_md_info_t *info = NULL; info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); - if (info == NULL) + if (info == NULL) { return srtp_err_status_auth_fail; + } - if (mbedtls_md_setup(state, info, 1) != 0) + if (mbedtls_md_setup(state, info, 1) != 0) { return srtp_err_status_auth_fail; + } debug_print(srtp_mod_hmac, "mbedtls setup, name: %s", mbedtls_md_get_name(info)); debug_print(srtp_mod_hmac, "mbedtls setup, size: %d", mbedtls_md_get_size(info)); - if (mbedtls_md_hmac_starts(state, key, key_len) != 0) + if (mbedtls_md_hmac_starts(state, key, key_len) != 0) { return srtp_err_status_auth_fail; + } return srtp_err_status_ok; } @@ -156,8 +160,9 @@ static srtp_err_status_t srtp_hmac_mbedtls_update(void *statev, debug_print(srtp_mod_hmac, "input: %s", srtp_octet_string_hex_string(message, msg_octets)); - if (mbedtls_md_hmac_update(state, message, msg_octets) != 0) + if (mbedtls_md_hmac_update(state, message, msg_octets) != 0) { return srtp_err_status_auth_fail; + } return srtp_err_status_ok; } @@ -178,11 +183,13 @@ static srtp_err_status_t srtp_hmac_mbedtls_compute(void *statev, } /* hash message, copy output into H */ - if (mbedtls_md_hmac_update(statev, message, msg_octets) != 0) + if (mbedtls_md_hmac_update(statev, message, msg_octets) != 0) { return srtp_err_status_auth_fail; + } - if (mbedtls_md_hmac_finish(state, hash_value) != 0) + if (mbedtls_md_hmac_finish(state, hash_value) != 0) { return srtp_err_status_auth_fail; + } /* copy hash_value to *result */ for (i = 0; i < tag_len; i++) { diff --git a/crypto/hash/hmac_nss.c b/crypto/hash/hmac_nss.c index ae7b8d750..a2a76adb3 100644 --- a/crypto/hash/hmac_nss.c +++ b/crypto/hash/hmac_nss.c @@ -53,7 +53,7 @@ /* the debug module for authentiation */ srtp_debug_module_t srtp_mod_hmac = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "hmac sha-1 nss" /* printable name for module */ }; @@ -237,7 +237,6 @@ static srtp_err_status_t srtp_hmac_compute(void *statev, srtp_hmac_nss_ctx_t *hmac; hmac = (srtp_hmac_nss_ctx_t *)statev; uint8_t hash_value[SHA1_DIGEST_SIZE]; - size_t i; unsigned int len; debug_print(srtp_mod_hmac, "input: %s", @@ -257,11 +256,12 @@ static srtp_err_status_t srtp_hmac_compute(void *statev, return srtp_err_status_auth_fail; } - if (len < (unsigned int)tag_len) + if (len < tag_len) { return srtp_err_status_auth_fail; + } /* copy hash_value to *result */ - for (i = 0; i < tag_len; i++) { + for (size_t i = 0; i < tag_len; i++) { result[i] = hash_value[i]; } diff --git a/crypto/hash/hmac_ossl.c b/crypto/hash/hmac_ossl.c index a5da4c309..b0ed3418f 100644 --- a/crypto/hash/hmac_ossl.c +++ b/crypto/hash/hmac_ossl.c @@ -68,7 +68,7 @@ /* the debug module for authentication */ srtp_debug_module_t srtp_mod_hmac = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "hmac sha-1 openssl" /* printable name for module */ }; @@ -80,7 +80,7 @@ srtp_debug_module_t srtp_mod_hmac = { * so we have to use EVP_MAC_CTX_dup * 3. 3.0.3 and later - EVP API is required and supports reinitialization * - * The distingtion between cases 2 & 3 needs to be made at runtime, because in a + * The distinction between cases 2 & 3 needs to be made at runtime, because in a * shared library context you might end up building against 3.0.3 and running * against 3.0.2. */ @@ -216,8 +216,9 @@ static srtp_err_status_t srtp_hmac_start(void *statev) } } #else - if (HMAC_Init_ex(hmac->ctx, NULL, 0, NULL, NULL) == 0) + if (HMAC_Init_ex(hmac->ctx, NULL, 0, NULL, NULL) == 0) { return srtp_err_status_auth_fail; + } #endif return srtp_err_status_ok; } @@ -239,8 +240,9 @@ static srtp_err_status_t srtp_hmac_init(void *statev, return srtp_err_status_auth_fail; } #else - if (HMAC_Init_ex(hmac->ctx, key, key_len, EVP_sha1(), NULL) == 0) + if (HMAC_Init_ex(hmac->ctx, key, key_len, EVP_sha1(), NULL) == 0) { return srtp_err_status_auth_fail; + } #endif return srtp_err_status_ok; } @@ -259,8 +261,9 @@ static srtp_err_status_t srtp_hmac_update(void *statev, return srtp_err_status_auth_fail; } #else - if (HMAC_Update(hmac->ctx, message, msg_octets) == 0) + if (HMAC_Update(hmac->ctx, message, msg_octets) == 0) { return srtp_err_status_auth_fail; + } #endif return srtp_err_status_ok; } @@ -273,7 +276,6 @@ static srtp_err_status_t srtp_hmac_compute(void *statev, { srtp_hmac_ossl_ctx_t *hmac = (srtp_hmac_ossl_ctx_t *)statev; uint8_t hash_value[SHA1_DIGEST_SIZE]; - size_t i; #ifdef SRTP_OSSL_USE_EVP_MAC size_t len; #else @@ -298,17 +300,20 @@ static srtp_err_status_t srtp_hmac_compute(void *statev, return srtp_err_status_auth_fail; } #else - if (HMAC_Update(hmac->ctx, message, msg_octets) == 0) + if (HMAC_Update(hmac->ctx, message, msg_octets) == 0) { return srtp_err_status_auth_fail; + } - if (HMAC_Final(hmac->ctx, hash_value, &len) == 0) + if (HMAC_Final(hmac->ctx, hash_value, &len) == 0) { return srtp_err_status_auth_fail; + } #endif - if (len < tag_len) + if (len < tag_len) { return srtp_err_status_auth_fail; + } /* copy hash_value to *result */ - for (i = 0; i < tag_len; i++) { + for (size_t i = 0; i < tag_len; i++) { result[i] = hash_value[i]; } diff --git a/crypto/hash/sha1.c b/crypto/hash/sha1.c index 6d616e3b6..4f6d851da 100644 --- a/crypto/hash/sha1.c +++ b/crypto/hash/sha1.c @@ -51,7 +51,7 @@ #include "sha1.h" srtp_debug_module_t srtp_mod_sha1 = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "sha-1" /* printable module name */ }; @@ -97,7 +97,7 @@ void srtp_sha1_core(const uint32_t M[16], uint32_t hash_value[5]) uint32_t H4; uint32_t W[80]; uint32_t A, B, C, D, E, TEMP; - int t; + size_t t; /* copy hash_value into H0, H1, H2, H3, H4 */ H0 = hash_value[0]; @@ -286,7 +286,7 @@ void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t output[5]) * necessary */ { - int tail = ctx->octets_in_buffer % 4; + size_t tail = ctx->octets_in_buffer % 4; /* copy/xor message into array */ for (i = 0; i < (ctx->octets_in_buffer + 3) / 4; i++) { diff --git a/crypto/include/aes.h b/crypto/include/aes.h index 620d655e7..1e8edc1b2 100644 --- a/crypto/include/aes.h +++ b/crypto/include/aes.h @@ -57,7 +57,7 @@ extern "C" { typedef struct { v128_t round[15]; - int num_rounds; + size_t num_rounds; } srtp_aes_expanded_key_t; srtp_err_status_t srtp_aes_expand_encryption_key( diff --git a/crypto/include/aes_icm.h b/crypto/include/aes_icm.h index 011a9f3e7..8262e9ba1 100644 --- a/crypto/include/aes_icm.h +++ b/crypto/include/aes_icm.h @@ -55,7 +55,7 @@ typedef struct { v128_t offset; /* initial offset value */ v128_t keystream_buffer; /* buffers bytes of keystream */ srtp_aes_expanded_key_t expanded_key; /* the cipher key */ - int bytes_in_buffer; /* number of unused bytes in buffer */ + size_t bytes_in_buffer; /* number of unused bytes in buffer */ size_t key_size; /* AES key size + 14 byte SALT */ } srtp_aes_icm_ctx_t; diff --git a/crypto/include/cipher.h b/crypto/include/cipher.h index 0d31ac00b..4c5b7b716 100644 --- a/crypto/include/cipher.h +++ b/crypto/include/cipher.h @@ -169,7 +169,7 @@ typedef struct srtp_cipher_t { const srtp_cipher_type_t *type; void *state; size_t key_len; - int algorithm; + srtp_cipher_type_id_t algorithm; } srtp_cipher_t; /* some bookkeeping functions */ @@ -204,7 +204,7 @@ srtp_err_status_t srtp_cipher_type_test( */ uint64_t srtp_cipher_bits_per_second(srtp_cipher_t *c, size_t octets_in_buffer, - int num_trials); + size_t num_trials); srtp_err_status_t srtp_cipher_type_alloc(const srtp_cipher_type_t *ct, srtp_cipher_t **c, @@ -214,7 +214,7 @@ srtp_err_status_t srtp_cipher_dealloc(srtp_cipher_t *c); srtp_err_status_t srtp_cipher_init(srtp_cipher_t *c, const uint8_t *key); srtp_err_status_t srtp_cipher_set_iv(srtp_cipher_t *c, uint8_t *iv, - int direction); + srtp_cipher_direction_t direction); srtp_err_status_t srtp_cipher_output(srtp_cipher_t *c, uint8_t *buffer, size_t *num_octets_to_output); diff --git a/crypto/include/crypto_kernel.h b/crypto/include/crypto_kernel.h index 191c64711..262a8069c 100644 --- a/crypto/include/crypto_kernel.h +++ b/crypto/include/crypto_kernel.h @@ -200,13 +200,13 @@ srtp_err_status_t srtp_crypto_kernel_alloc_auth(srtp_auth_type_id_t id, /* * srtp_crypto_kernel_set_debug_module(mod_name, v) * - * sets dynamic debugging to the value v (0 for off, 1 for on) for the + * sets dynamic debugging to the value v (false for off, true for on) for the * debug module with the name mod_name * * returns srtp_err_status_ok on success, srtp_err_status_fail otherwise */ srtp_err_status_t srtp_crypto_kernel_set_debug_module(const char *mod_name, - int v); + bool v); #ifdef __cplusplus } diff --git a/crypto/include/datatypes.h b/crypto/include/datatypes.h index 869094ddf..386385b18 100644 --- a/crypto/include/datatypes.h +++ b/crypto/include/datatypes.h @@ -50,6 +50,7 @@ #include "alloc.h" #include +#include #include #include @@ -87,7 +88,7 @@ char *v128_hex_string(v128_t *x); void v128_copy_octet_string(v128_t *x, const uint8_t s[16]); -void v128_left_shift(v128_t *x, int shift_index); +void v128_left_shift(v128_t *x, size_t shift_index); /* * the following macros define the data manipulation functions @@ -157,13 +158,13 @@ void v128_left_shift(v128_t *x, int shift_index); ((((x)->v32[(bit) >> 5]) &= ~((uint32_t)1 << ((bit)&31)))) /* - * srtp_octet_string_is_eq(a, b, len) returns 1 if the length len strings - * a and b are not equal. It returns 0 otherwise. The running time of the + * srtp_octet_string_is_eq(a, b, len) returns true if the length len strings + * a and b are NOT equal. It returns false otherwise. The running time of the * comparison depends only on len, making this safe to use for (e.g.) * verifying authentication tags. */ -int srtp_octet_string_is_eq(const uint8_t *a, const uint8_t *b, size_t len); +bool srtp_octet_string_is_eq(const uint8_t *a, const uint8_t *b, size_t len); /* * A portable way to zero out memory as recommended by @@ -248,7 +249,7 @@ static inline uint64_t be64_to_cpu(uint64_t v) #define bytes_per_word 4 typedef struct { - uint32_t length; + size_t length; uint32_t *word; } bitvector_t; @@ -260,13 +261,13 @@ typedef struct { #define bitvector_get_length(v) (((v)->length)) -int bitvector_alloc(bitvector_t *v, unsigned long length); +bool bitvector_alloc(bitvector_t *v, size_t length); void bitvector_dealloc(bitvector_t *v); void bitvector_set_to_zero(bitvector_t *x); -void bitvector_left_shift(bitvector_t *x, int index); +void bitvector_left_shift(bitvector_t *x, size_t index); #ifdef __cplusplus } diff --git a/crypto/include/err.h b/crypto/include/err.h index 6624d018f..c9b7649df 100644 --- a/crypto/include/err.h +++ b/crypto/include/err.h @@ -115,7 +115,7 @@ void srtp_err_report(srtp_err_reporting_level_t level, const char *format, ...) */ typedef struct { - int on; /* 1 if debugging is on, 0 if it is off */ + bool on; /* true if debugging is on, false if it is off */ const char *name; /* printable name for debug module */ } srtp_debug_module_t; diff --git a/crypto/include/rdbx.h b/crypto/include/rdbx.h index 2194178ee..2c0c370b1 100644 --- a/crypto/include/rdbx.h +++ b/crypto/include/rdbx.h @@ -63,8 +63,8 @@ typedef uint32_t srtp_rollover_counter_t; /* 32 bit rollover counter */ #else /* use small seq_num and roc datatypes for testing purposes */ -typedef unsigned char srtp_sequence_number_t; /* 8 bit sequence number */ -typedef uint16_t srtp_rollover_counter_t; /* 16 bit rollover counter */ +typedef uint8_t srtp_sequence_number_t; /* 8 bit sequence number */ +typedef uint16_t srtp_rollover_counter_t; /* 16 bit rollover counter */ #endif @@ -92,7 +92,7 @@ typedef struct { * initializes the rdbx pointed to by its argument with the window size ws, * setting the rollover counter and sequence number to zero */ -srtp_err_status_t srtp_rdbx_init(srtp_rdbx_t *rdbx, unsigned long ws); +srtp_err_status_t srtp_rdbx_init(srtp_rdbx_t *rdbx, size_t ws); /* * srtp_rdbx_dealloc(rdbx_ptr) @@ -109,7 +109,7 @@ srtp_err_status_t srtp_rdbx_dealloc(srtp_rdbx_t *rdbx); * index to which s corresponds, and returns the difference between * *guess and the locally stored synch info */ -int32_t srtp_rdbx_estimate_index(const srtp_rdbx_t *rdbx, +ssize_t srtp_rdbx_estimate_index(const srtp_rdbx_t *rdbx, srtp_xtd_seq_num_t *guess, srtp_sequence_number_t s); @@ -120,7 +120,7 @@ int32_t srtp_rdbx_estimate_index(const srtp_rdbx_t *rdbx, * which is at rdbx->window_start + delta is in the rdb * */ -srtp_err_status_t srtp_rdbx_check(const srtp_rdbx_t *rdbx, int difference); +srtp_err_status_t srtp_rdbx_check(const srtp_rdbx_t *rdbx, ssize_t difference); /* * srtp_replay_add_index(rdbx, delta) @@ -132,7 +132,7 @@ srtp_err_status_t srtp_rdbx_check(const srtp_rdbx_t *rdbx, int difference); * indicated that the index does not appear in the rdbx, and a mutex * should protect the rdbx between these calls if necessary. */ -srtp_err_status_t srtp_rdbx_add_index(srtp_rdbx_t *rdbx, int delta); +srtp_err_status_t srtp_rdbx_add_index(srtp_rdbx_t *rdbx, ssize_t delta); /* * srtp_rdbx_set_roc(rdbx, roc) initalizes the srtp_rdbx_t at the location rdbx @@ -162,7 +162,7 @@ srtp_xtd_seq_num_t srtp_rdbx_get_packet_index(const srtp_rdbx_t *rdbx); * * gets the window size which was used to initialize the rdbx */ -unsigned long srtp_rdbx_get_window_size(const srtp_rdbx_t *rdbx); +size_t srtp_rdbx_get_window_size(const srtp_rdbx_t *rdbx); /* index_init(&pi) initializes a packet index pi (sets it to zero) */ void srtp_index_init(srtp_xtd_seq_num_t *pi); @@ -179,7 +179,7 @@ void srtp_index_advance(srtp_xtd_seq_num_t *pi, srtp_sequence_number_t s); * guess of the packet index to which s corresponds, and returns the * difference between *guess and *local */ -int32_t srtp_index_guess(const srtp_xtd_seq_num_t *local, +ssize_t srtp_index_guess(const srtp_xtd_seq_num_t *local, srtp_xtd_seq_num_t *guess, srtp_sequence_number_t s); @@ -192,7 +192,7 @@ int32_t srtp_index_guess(const srtp_xtd_seq_num_t *local, uint32_t srtp_rdbx_get_roc(const srtp_rdbx_t *rdbx); /* - * srtp_rdbx_set_roc_seq(rdbx, roc, seq) initalizes the srtp_rdbx_t at the + * srtp_rdbx_set_roc_seq(rdbx, roc, seq) initializes the srtp_rdbx_t at the * location rdbx to have the rollover counter value roc and packet sequence * number seq. If the new rollover counter value is less than the current * rollover counter value, then the function returns diff --git a/crypto/kernel/alloc.c b/crypto/kernel/alloc.c index 3ebc31525..f36152d58 100644 --- a/crypto/kernel/alloc.c +++ b/crypto/kernel/alloc.c @@ -52,7 +52,7 @@ /* the debug module for memory allocation */ srtp_debug_module_t srtp_mod_alloc = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "alloc" /* printable name for module */ }; diff --git a/crypto/kernel/crypto_kernel.c b/crypto/kernel/crypto_kernel.c index bd653a640..b83d3a164 100644 --- a/crypto/kernel/crypto_kernel.c +++ b/crypto/kernel/crypto_kernel.c @@ -54,7 +54,7 @@ /* the debug module for the crypto_kernel */ srtp_debug_module_t srtp_mod_crypto_kernel = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "crypto kernel" /* printable name for module */ }; @@ -271,7 +271,7 @@ srtp_err_status_t srtp_crypto_kernel_shutdown(void) static inline srtp_err_status_t srtp_crypto_kernel_do_load_cipher_type( const srtp_cipher_type_t *new_ct, srtp_cipher_type_id_t id, - int replace) + bool replace) { srtp_kernel_cipher_type_t *ctype; srtp_kernel_cipher_type_t *new_ctype = NULL; @@ -337,19 +337,19 @@ srtp_err_status_t srtp_crypto_kernel_load_cipher_type( const srtp_cipher_type_t *new_ct, srtp_cipher_type_id_t id) { - return srtp_crypto_kernel_do_load_cipher_type(new_ct, id, 0); + return srtp_crypto_kernel_do_load_cipher_type(new_ct, id, false); } srtp_err_status_t srtp_replace_cipher_type(const srtp_cipher_type_t *new_ct, srtp_cipher_type_id_t id) { - return srtp_crypto_kernel_do_load_cipher_type(new_ct, id, 1); + return srtp_crypto_kernel_do_load_cipher_type(new_ct, id, true); } srtp_err_status_t srtp_crypto_kernel_do_load_auth_type( const srtp_auth_type_t *new_at, srtp_auth_type_id_t id, - int replace) + bool replace) { srtp_kernel_auth_type_t *atype; srtp_kernel_auth_type_t *new_atype = NULL; @@ -414,13 +414,13 @@ srtp_err_status_t srtp_crypto_kernel_load_auth_type( const srtp_auth_type_t *new_at, srtp_auth_type_id_t id) { - return srtp_crypto_kernel_do_load_auth_type(new_at, id, 0); + return srtp_crypto_kernel_do_load_auth_type(new_at, id, false); } srtp_err_status_t srtp_replace_auth_type(const srtp_auth_type_t *new_at, srtp_auth_type_id_t id) { - return srtp_crypto_kernel_do_load_auth_type(new_at, id, 1); + return srtp_crypto_kernel_do_load_auth_type(new_at, id, true); } const srtp_cipher_type_t *srtp_crypto_kernel_get_cipher_type( @@ -541,7 +541,7 @@ srtp_err_status_t srtp_crypto_kernel_load_debug_module( return srtp_err_status_ok; } -srtp_err_status_t srtp_crypto_kernel_set_debug_module(const char *name, int on) +srtp_err_status_t srtp_crypto_kernel_set_debug_module(const char *name, bool on) { srtp_kernel_debug_module_t *kdm; diff --git a/crypto/math/datatypes.c b/crypto/math/datatypes.c index 8fc6cb4f9..9cd2dfb5c 100644 --- a/crypto/math/datatypes.c +++ b/crypto/math/datatypes.c @@ -88,8 +88,9 @@ char *srtp_octet_string_hex_string(const void *s, size_t length) length *= 2; /* truncate string if it would be too long */ - if (length > MAX_PRINT_STRING_LEN) + if (length > MAX_PRINT_STRING_LEN) { length = MAX_PRINT_STRING_LEN - 2; + } for (i = 0; i < length; i += 2) { bit_string[i] = srtp_nibble_to_hex_char(*str >> 4); @@ -101,7 +102,7 @@ char *srtp_octet_string_hex_string(const void *s, size_t length) char *v128_hex_string(v128_t *x) { - int i, j; + size_t i, j; for (i = j = 0; i < 16; i++) { bit_string[j++] = srtp_nibble_to_hex_char(x->v8[i] >> 4); @@ -114,15 +115,16 @@ char *v128_hex_string(v128_t *x) char *v128_bit_string(v128_t *x) { - int j, i; + size_t j, i; uint32_t mask; for (j = i = 0; j < 4; j++) { for (mask = 0x80000000; mask > 0; mask >>= 1) { - if (x->v32[j] & mask) + if (x->v32[j] & mask) { bit_string[i] = '1'; - else + } else { bit_string[i] = '0'; + } ++i; } } @@ -200,7 +202,7 @@ static const uint8_t left_shift_masks[4][16] = { /* clang-format on */ -void v128_left_shift(v128_t *x, int shift) +void v128_left_shift(v128_t *x, size_t shift) { if (shift > 127) { v128_set_to_zero(x); @@ -225,11 +227,10 @@ void v128_left_shift(v128_t *x, int shift) #else /* defined(__SSSE3__) */ -void v128_left_shift(v128_t *x, int shift) +void v128_left_shift(v128_t *x, size_t shift) { - int i; - const int base_index = shift >> 5; - const int bit_index = shift & 31; + const size_t base_index = shift >> 5; + const size_t bit_index = shift & 31; if (shift > 127) { v128_set_to_zero(x); @@ -237,31 +238,33 @@ void v128_left_shift(v128_t *x, int shift) } if (bit_index == 0) { - for (i = 0; i < 4 - base_index; i++) + for (size_t i = 0; i < 4 - base_index; i++) { x->v32[i] = x->v32[i + base_index]; + } } else { - for (i = 0; i < 4 - base_index - 1; i++) + for (size_t i = 0; i < 4 - base_index - 1; i++) { x->v32[i] = (x->v32[i + base_index] >> bit_index) ^ (x->v32[i + base_index + 1] << (32 - bit_index)); + } x->v32[4 - base_index - 1] = x->v32[4 - 1] >> bit_index; } /* now wrap up the final portion */ - for (i = 4 - base_index; i < 4; i++) + for (size_t i = 4 - base_index; i < 4; i++) { x->v32[i] = 0; + } } #endif /* defined(__SSSE3__) */ /* functions manipulating bitvector_t */ -int bitvector_alloc(bitvector_t *v, unsigned long length) +bool bitvector_alloc(bitvector_t *v, size_t length) { - unsigned long l; + size_t l; /* Round length up to a multiple of bits_per_word */ - length = - (length + bits_per_word - 1) & ~(unsigned long)((bits_per_word - 1)); + length = (length + bits_per_word - 1) & ~(size_t)((bits_per_word - 1)); l = length / bits_per_word * bytes_per_word; l = (l + 15ul) & ~15ul; @@ -270,12 +273,12 @@ int bitvector_alloc(bitvector_t *v, unsigned long length) if (l == 0) { v->word = NULL; v->length = 0; - return -1; + return false; } else { v->word = (uint32_t *)srtp_crypto_alloc(l); if (v->word == NULL) { v->length = 0; - return -1; + return false; } } v->length = length; @@ -283,13 +286,14 @@ int bitvector_alloc(bitvector_t *v, unsigned long length) /* initialize bitvector to zero */ bitvector_set_to_zero(v); - return 0; + return true; } void bitvector_dealloc(bitvector_t *v) { - if (v->word != NULL) + if (v->word != NULL) { srtp_crypto_free(v->word); + } v->word = NULL; v->length = 0; } @@ -302,16 +306,16 @@ void bitvector_set_to_zero(bitvector_t *x) #if defined(__SSSE3__) -void bitvector_left_shift(bitvector_t *x, int shift) +void bitvector_left_shift(bitvector_t *x, size_t shift) { if ((uint32_t)shift >= x->length) { bitvector_set_to_zero(x); return; } - const int base_index = shift >> 5; - const int bit_index = shift & 31; - const int vec_length = (x->length + 127u) >> 7; + const size_t base_index = shift >> 5; + const size_t bit_index = shift & 31; + const size_t vec_length = (x->length + 127u) >> 7; const __m128i *from = ((const __m128i *)x->word) + (base_index >> 2); __m128i *to = (__m128i *)x->word; __m128i *const end = to + vec_length; @@ -367,37 +371,39 @@ void bitvector_left_shift(bitvector_t *x, int shift) #else /* defined(__SSSE3__) */ -void bitvector_left_shift(bitvector_t *x, int shift) +void bitvector_left_shift(bitvector_t *x, size_t shift) { - int i; - const int base_index = shift >> 5; - const int bit_index = shift & 31; - const int word_length = x->length >> 5; + const size_t base_index = shift >> 5; + const size_t bit_index = shift & 31; + const size_t word_length = x->length >> 5; - if (shift >= (int)x->length) { + if (shift >= x->length) { bitvector_set_to_zero(x); return; } if (bit_index == 0) { - for (i = 0; i < word_length - base_index; i++) + for (size_t i = 0; i < word_length - base_index; i++) { x->word[i] = x->word[i + base_index]; + } } else { - for (i = 0; i < word_length - base_index - 1; i++) + for (size_t i = 0; i < word_length - base_index - 1; i++) { x->word[i] = (x->word[i + base_index] >> bit_index) ^ (x->word[i + base_index + 1] << (32 - bit_index)); + } x->word[word_length - base_index - 1] = x->word[word_length - 1] >> bit_index; } /* now wrap up the final portion */ - for (i = word_length - base_index; i < word_length; i++) + for (size_t i = word_length - base_index; i < word_length; i++) { x->word[i] = 0; + } } #endif /* defined(__SSSE3__) */ -int srtp_octet_string_is_eq(const uint8_t *a, const uint8_t *b, size_t len) +bool srtp_octet_string_is_eq(const uint8_t *a, const uint8_t *b, size_t len) { /* * We use this somewhat obscure implementation to try to ensure the running @@ -448,7 +454,7 @@ int srtp_octet_string_is_eq(const uint8_t *a, const uint8_t *b, size_t len) accumulator = _mm_cvtsi128_si32(mm_accumulator1); #else uint32_t accumulator2 = 0; - for (int i = 0, n = len >> 3; i < n; ++i, a += 8, b += 8) { + for (size_t i = 0, n = len >> 3; i < n; ++i, a += 8, b += 8) { uint32_t a_val1, b_val1; uint32_t a_val2, b_val2; memcpy(&a_val1, a, sizeof(a_val1)); @@ -471,8 +477,9 @@ int srtp_octet_string_is_eq(const uint8_t *a, const uint8_t *b, size_t len) } #endif - while (b < end) + while (b < end) { accumulator |= (*a++ ^ *b++); + } /* Return 1 if *not* equal. */ return accumulator != 0; @@ -484,9 +491,10 @@ void srtp_cleanse(void *s, size_t len) memset(s, 0, len); __asm__ __volatile__("" : : "r"(s) : "memory"); #else - volatile unsigned char *p = (volatile unsigned char *)s; - while (len--) + volatile uint8_t *p = (volatile uint8_t *)s; + while (len--) { *p++ = 0; + } #endif } diff --git a/crypto/replay/rdb.c b/crypto/replay/rdb.c index d8c2b3838..b23f7be10 100644 --- a/crypto/replay/rdb.c +++ b/crypto/replay/rdb.c @@ -102,10 +102,11 @@ srtp_err_status_t srtp_rdb_check(const srtp_rdb_t *rdb, uint32_t p_index) */ srtp_err_status_t srtp_rdb_add_index(srtp_rdb_t *rdb, uint32_t p_index) { - unsigned int delta; + size_t delta; - if (p_index < rdb->window_start) + if (p_index < rdb->window_start) { return srtp_err_status_replay_fail; + } delta = (p_index - rdb->window_start); if (delta < rdb_bits_in_bitmask) { diff --git a/crypto/replay/rdbx.c b/crypto/replay/rdbx.c index e12005cd4..1d2d8285a 100644 --- a/crypto/replay/rdbx.c +++ b/crypto/replay/rdbx.c @@ -119,7 +119,7 @@ void srtp_index_advance(srtp_xtd_seq_num_t *pi, srtp_sequence_number_t s) * unsigned integer! */ -int32_t srtp_index_guess(const srtp_xtd_seq_num_t *local, +ssize_t srtp_index_guess(const srtp_xtd_seq_num_t *local, srtp_xtd_seq_num_t *guess, srtp_sequence_number_t s) { @@ -132,7 +132,7 @@ int32_t srtp_index_guess(const srtp_xtd_seq_num_t *local, #endif uint32_t guess_roc; uint16_t guess_seq; - int32_t difference; + ssize_t difference; if (local_seq < seq_num_median) { if (s - local_seq > seq_num_median) { @@ -172,13 +172,13 @@ int32_t srtp_index_guess(const srtp_xtd_seq_num_t *local, * srtp_rdbx_init(&r, ws) initializes the srtp_rdbx_t pointed to by r with * window size ws */ -srtp_err_status_t srtp_rdbx_init(srtp_rdbx_t *rdbx, unsigned long ws) +srtp_err_status_t srtp_rdbx_init(srtp_rdbx_t *rdbx, size_t ws) { if (ws == 0) { return srtp_err_status_bad_param; } - if (bitvector_alloc(&rdbx->bitmask, ws) != 0) { + if (!bitvector_alloc(&rdbx->bitmask, ws)) { return srtp_err_status_alloc_fail; } @@ -198,7 +198,7 @@ srtp_err_status_t srtp_rdbx_dealloc(srtp_rdbx_t *rdbx) } /* - * srtp_rdbx_set_roc(rdbx, roc) initalizes the srtp_rdbx_t at the location rdbx + * srtp_rdbx_set_roc(rdbx, roc) initializes the srtp_rdbx_t at the location rdbx * to have the rollover counter value roc. If that value is less than * the current rollover counter value, then the function returns * srtp_err_status_replay_old; otherwise, srtp_err_status_ok is returned. @@ -239,7 +239,7 @@ srtp_xtd_seq_num_t srtp_rdbx_get_packet_index(const srtp_rdbx_t *rdbx) * for the srtp_rdbx_t pointed to by rdbx * */ -unsigned long srtp_rdbx_get_window_size(const srtp_rdbx_t *rdbx) +size_t srtp_rdbx_get_window_size(const srtp_rdbx_t *rdbx) { return bitvector_get_length(&rdbx->bitmask); } @@ -248,17 +248,16 @@ unsigned long srtp_rdbx_get_window_size(const srtp_rdbx_t *rdbx) * srtp_rdbx_check(&r, delta) checks to see if the srtp_xtd_seq_num_t * which is at rdbx->index + delta is in the rdb */ -srtp_err_status_t srtp_rdbx_check(const srtp_rdbx_t *rdbx, int delta) +srtp_err_status_t srtp_rdbx_check(const srtp_rdbx_t *rdbx, ssize_t delta) { if (delta > 0) { /* if delta is positive, it's good */ return srtp_err_status_ok; } else if ((int)(bitvector_get_length(&rdbx->bitmask) - 1) + delta < 0) { /* if delta is lower than the bitmask, it's bad */ return srtp_err_status_replay_old; - } else if (bitvector_get_bit( - &rdbx->bitmask, - (int)(bitvector_get_length(&rdbx->bitmask) - 1) + delta) == - 1) { + } else if (bitvector_get_bit(&rdbx->bitmask, + (bitvector_get_length(&rdbx->bitmask) - 1) + + delta) == 1) { /* delta is within the window, so check the bitmask */ return srtp_err_status_replay_fail; } @@ -275,7 +274,7 @@ srtp_err_status_t srtp_rdbx_check(const srtp_rdbx_t *rdbx, int delta) * indicated that the index does not appear in the rdbx, e.g., a mutex * should protect the rdbx between these calls if need be */ -srtp_err_status_t srtp_rdbx_add_index(srtp_rdbx_t *rdbx, int delta) +srtp_err_status_t srtp_rdbx_add_index(srtp_rdbx_t *rdbx, ssize_t delta) { if (delta > 0) { /* shift forward by delta */ @@ -302,7 +301,7 @@ srtp_err_status_t srtp_rdbx_add_index(srtp_rdbx_t *rdbx, int delta) * index to which s corresponds, and returns the difference between * *guess and the locally stored synch info */ -int32_t srtp_rdbx_estimate_index(const srtp_rdbx_t *rdbx, +ssize_t srtp_rdbx_estimate_index(const srtp_rdbx_t *rdbx, srtp_xtd_seq_num_t *guess, srtp_sequence_number_t s) { @@ -331,9 +330,9 @@ int32_t srtp_rdbx_estimate_index(const srtp_rdbx_t *rdbx, #endif #ifdef NO_64BIT_MATH - return s - (uint16_t)low32(rdbx->index); + return s - low32(rdbx->index); #else - return s - (uint16_t)rdbx->index; + return s - rdbx->index; #endif } @@ -357,7 +356,7 @@ uint32_t srtp_rdbx_get_roc(const srtp_rdbx_t *rdbx) } /* - * srtp_rdbx_set_roc_seq(rdbx, roc, seq) initalizes the srtp_rdbx_t at the + * srtp_rdbx_set_roc_seq(rdbx, roc, seq) initializes the srtp_rdbx_t at the * location rdbx to have the rollover counter value roc and packet sequence * number seq. If the new rollover counter value is less than the current * rollover counter value, then the function returns diff --git a/crypto/test/aes_calc.c b/crypto/test/aes_calc.c index 1bde92f70..0a2a22751 100644 --- a/crypto/test/aes_calc.c +++ b/crypto/test/aes_calc.c @@ -81,13 +81,13 @@ int main(int argc, char *argv[]) uint8_t key[AES_MAX_KEY_LEN]; srtp_aes_expanded_key_t exp_key; size_t key_len, len; - int verbose = 0; + bool verbose = false; srtp_err_status_t status; /* -v must be last if it's passed */ if (argc > 0 && strncmp(argv[argc - 1], "-v", 2) == 0) { /* we're in verbose mode */ - verbose = 1; + verbose = true; --argc; } @@ -108,8 +108,8 @@ int main(int argc, char *argv[]) if (strlen(argv[1]) > AES_MAX_KEY_LEN * 2) { fprintf(stderr, "error: too many digits in key " - "(should be at most %d hexadecimal digits, found %u)\n", - AES_MAX_KEY_LEN * 2, (unsigned)strlen(argv[1])); + "(should be at most %d hexadecimal digits, found %zu)\n", + AES_MAX_KEY_LEN * 2, strlen(argv[1])); exit(1); } len = hex_string_to_octet_string(key, argv[1], AES_MAX_KEY_LEN * 2); @@ -127,8 +127,8 @@ int main(int argc, char *argv[]) if (strlen(argv[2]) > 16 * 2) { fprintf(stderr, "error: too many digits in plaintext " - "(should be %d hexadecimal digits, found %u)\n", - 16 * 2, (unsigned)strlen(argv[2])); + "(should be %d hexadecimal digits, found %zu)\n", + 16 * 2, strlen(argv[2])); exit(1); } len = hex_string_to_octet_string((uint8_t *)&data, argv[2], 16 * 2); diff --git a/crypto/test/cipher_driver.c b/crypto/test/cipher_driver.c index d3efb3c53..6ddb0e46f 100644 --- a/crypto/test/cipher_driver.c +++ b/crypto/test/cipher_driver.c @@ -61,7 +61,7 @@ srtp_err_status_t cipher_driver_self_test(srtp_cipher_type_t *ct); /* * cipher_driver_test_buffering(ct) tests the cipher's output - * buffering for correctness by checking the consistency of succesive + * buffering for correctness by checking the consistency of successive * calls */ @@ -71,23 +71,23 @@ srtp_err_status_t cipher_driver_test_buffering(srtp_cipher_t *c); * functions for testing cipher cache thrash */ srtp_err_status_t cipher_driver_test_array_throughput(srtp_cipher_type_t *ct, - int klen, - int num_cipher); + size_t klen, + size_t num_cipher); void cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher); uint64_t cipher_array_bits_per_second(srtp_cipher_t *cipher_array[], - int num_cipher, - unsigned octets_in_buffer, - int num_trials); + size_t num_cipher, + size_t octets_in_buffer, + size_t num_trials); srtp_err_status_t cipher_array_delete(srtp_cipher_t *cipher_array[], - int num_cipher); + size_t num_cipher); srtp_err_status_t cipher_array_alloc_init(srtp_cipher_t ***cipher_array, - int num_ciphers, + size_t num_ciphers, srtp_cipher_type_t *ctype, - int klen); + size_t klen); void usage(char *prog_name) { @@ -124,7 +124,7 @@ int main(int argc, char *argv[]) srtp_cipher_t *c = NULL; srtp_err_status_t status; /* clang-format off */ - unsigned char test_key[48] = { + uint8_t test_key[48] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, @@ -141,8 +141,9 @@ int main(int argc, char *argv[]) /* process input arguments */ while (1) { q = getopt_s(argc, argv, "tva"); - if (q == -1) + if (q == -1) { break; + } switch (q) { case 't': do_timing_test = true; @@ -162,30 +163,35 @@ int main(int argc, char *argv[]) "David A. McGrew\n" "Cisco Systems, Inc.\n"); - if (!do_validation && !do_timing_test && !do_array_timing_test) + if (!do_validation && !do_timing_test && !do_array_timing_test) { usage(argv[0]); + } /* arry timing (cache thrash) test */ if (do_array_timing_test) { - int max_num_cipher = 1 << 16; /* number of ciphers in cipher_array */ - int num_cipher; + size_t max_num_cipher = 1 << 16; /* number of ciphers in cipher_array */ + size_t num_cipher; - for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) + for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) { cipher_driver_test_array_throughput(&srtp_null_cipher, 0, num_cipher); + } - for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) + for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) { cipher_driver_test_array_throughput( &srtp_aes_icm_128, SRTP_AES_ICM_128_KEY_LEN_WSALT, num_cipher); + } - for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) + for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) { cipher_driver_test_array_throughput( &srtp_aes_icm_256, SRTP_AES_ICM_256_KEY_LEN_WSALT, num_cipher); + } #ifdef GCM - for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) + for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) { cipher_driver_test_array_throughput( &srtp_aes_icm_192, SRTP_AES_ICM_192_KEY_LEN_WSALT, num_cipher); + } for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) { cipher_driver_test_array_throughput( @@ -217,8 +223,9 @@ int main(int argc, char *argv[]) status = srtp_cipher_init(c, NULL); check_status(status); - if (do_timing_test) + if (do_timing_test) { cipher_driver_test_throughput(c); + } if (do_validation) { status = cipher_driver_test_buffering(c); check_status(status); @@ -237,8 +244,9 @@ int main(int argc, char *argv[]) status = srtp_cipher_init(c, test_key); check_status(status); - if (do_timing_test) + if (do_timing_test) { cipher_driver_test_throughput(c); + } if (do_validation) { status = cipher_driver_test_buffering(c); @@ -259,8 +267,9 @@ int main(int argc, char *argv[]) status = srtp_cipher_init(c, test_key); check_status(status); - if (do_timing_test) + if (do_timing_test) { cipher_driver_test_throughput(c); + } if (do_validation) { status = cipher_driver_test_buffering(c); @@ -313,17 +322,17 @@ int main(int argc, char *argv[]) void cipher_driver_test_throughput(srtp_cipher_t *c) { - int i; - int min_enc_len = 32; - int max_enc_len = 2048; /* should be a power of two */ - int num_trials = 1000000; + size_t min_enc_len = 32; + size_t max_enc_len = 2048; /* should be a power of two */ + size_t num_trials = 1000000; printf("timing %s throughput, key length %zu:\n", c->type->description, c->key_len); fflush(stdout); - for (i = min_enc_len; i <= max_enc_len; i = i * 2) - printf("msg len: %d\tgigabits per second: %f\n", i, + for (size_t i = min_enc_len; i <= max_enc_len; i = i * 2) { + printf("msg len: %zu\tgigabits per second: %f\n", i, srtp_cipher_bits_per_second(c, i, num_trials) / 1e9); + } } srtp_err_status_t cipher_driver_self_test(srtp_cipher_type_t *ct) @@ -350,8 +359,7 @@ srtp_err_status_t cipher_driver_self_test(srtp_cipher_type_t *ct) #define INITIAL_BUFLEN 1024 srtp_err_status_t cipher_driver_test_buffering(srtp_cipher_t *c) { - int i, num_trials = 1000; - size_t j; + size_t num_trials = 1000; size_t len, buflen = INITIAL_BUFLEN; uint8_t buffer0[INITIAL_BUFLEN], buffer1[INITIAL_BUFLEN], *current, *end; uint8_t idx[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -360,26 +368,29 @@ srtp_err_status_t cipher_driver_test_buffering(srtp_cipher_t *c) printf("testing output buffering for cipher %s...", c->type->description); - for (i = 0; i < num_trials; i++) { + for (size_t i = 0; i < num_trials; i++) { /* set buffers to zero */ - for (j = 0; j < buflen; j++) { + for (size_t j = 0; j < buflen; j++) { buffer0[j] = buffer1[j] = 0; } /* initialize cipher */ status = srtp_cipher_set_iv(c, idx, srtp_direction_encrypt); - if (status) + if (status) { return status; + } /* generate 'reference' value by encrypting all at once */ status = srtp_cipher_encrypt(c, buffer0, &buflen); - if (status) + if (status) { return status; + } /* re-initialize cipher */ status = srtp_cipher_set_iv(c, idx, srtp_direction_encrypt); - if (status) + if (status) { return status; + } /* now loop over short lengths until buffer1 is encrypted */ current = buffer1; @@ -389,26 +400,29 @@ srtp_err_status_t cipher_driver_test_buffering(srtp_cipher_t *c) len = srtp_cipher_rand_u32_for_tests() & 0x01f; /* make sure that len doesn't cause us to overreach the buffer */ - if (current + len > end) + if (current + len > end) { len = end - current; + } status = srtp_cipher_encrypt(c, current, &len); - if (status) + if (status) { return status; + } /* advance pointer into buffer1 to reflect encryption */ current += len; /* if buffer1 is all encrypted, break out of loop */ - if (current == end) + if (current == end) { break; + } } /* compare buffers */ - for (j = 0; j < buflen; j++) { + for (size_t j = 0; j < buflen; j++) { if (buffer0[j] != buffer1[j]) { #if PRINT_DEBUG - printf("test case %d failed at byte %zu\n", i, j); + printf("test case %zd failed at byte %zu\n", i, j); printf("computed: %s\n", octet_string_hex_string(buffer1, buflen)); printf("expected: %s\n", @@ -433,23 +447,23 @@ srtp_err_status_t cipher_driver_test_buffering(srtp_cipher_t *c) */ srtp_err_status_t cipher_array_alloc_init(srtp_cipher_t ***ca, - int num_ciphers, + size_t num_ciphers, srtp_cipher_type_t *ctype, - int klen) + size_t klen) { - int i, j; srtp_err_status_t status; uint8_t *key = NULL; srtp_cipher_t **cipher_array; /* pad klen allocation, to handle aes_icm reading 16 bytes for the 14-byte salt */ - int klen_pad = ((klen + 15) >> 4) << 4; + size_t klen_pad = ((klen + 15) >> 4) << 4; /* allocate array of pointers to ciphers */ cipher_array = (srtp_cipher_t **)srtp_crypto_alloc(sizeof(srtp_cipher_t *) * num_ciphers); - if (cipher_array == NULL) + if (cipher_array == NULL) { return srtp_err_status_alloc_fail; + } /* set ca to location of cipher_array */ *ca = cipher_array; @@ -464,19 +478,22 @@ srtp_err_status_t cipher_array_alloc_init(srtp_cipher_t ***ca, } /* allocate and initialize an array of ciphers */ - for (i = 0; i < num_ciphers; i++) { + for (size_t i = 0; i < num_ciphers; i++) { /* allocate cipher */ status = srtp_cipher_type_alloc(ctype, cipher_array, klen, 16); - if (status) + if (status) { return status; + } /* generate random key and initialize cipher */ srtp_cipher_rand_for_tests(key, klen); - for (j = klen; j < klen_pad; j++) + for (size_t j = klen; j < klen_pad; j++) { key[j] = 0; + } status = srtp_cipher_init(*cipher_array, key); - if (status) + if (status) { return status; + } /* printf("%dth cipher is at %p\n", i, *cipher_array); */ /* printf("%dth cipher description: %s\n", i, */ @@ -492,11 +509,9 @@ srtp_err_status_t cipher_array_alloc_init(srtp_cipher_t ***ca, } srtp_err_status_t cipher_array_delete(srtp_cipher_t *cipher_array[], - int num_cipher) + size_t num_cipher) { - int i; - - for (i = 0; i < num_cipher; i++) { + for (size_t i = 0; i < num_cipher; i++) { srtp_cipher_dealloc(cipher_array[i]); } @@ -518,25 +533,30 @@ srtp_err_status_t cipher_array_delete(srtp_cipher_t *cipher_array[], */ uint64_t cipher_array_bits_per_second(srtp_cipher_t *cipher_array[], - int num_cipher, - unsigned octets_in_buffer, - int num_trials) + size_t num_cipher, + size_t octets_in_buffer, + size_t num_trials) { - int i; v128_t nonce; clock_t timer; uint8_t *enc_buf; - int cipher_index = srtp_cipher_rand_u32_for_tests() % num_cipher; + + /* Constrain the number of ciphers */ + if (num_cipher > UINT32_MAX) { + num_cipher = UINT32_MAX; + } + size_t cipher_index = srtp_cipher_rand_u32_for_tests() % num_cipher; /* Over-alloc, for NIST CBC padding */ enc_buf = srtp_crypto_alloc(octets_in_buffer + 17); - if (enc_buf == NULL) + if (enc_buf == NULL) { return 0; /* indicate bad parameters by returning null */ + } /* time repeated trials */ v128_set_to_zero(&nonce); timer = clock(); - for (i = 0; i < num_trials; i++, nonce.v32[3] = i) { + for (size_t i = 0; i < num_trials; i++, nonce.v32[3] = (uint32_t)i) { /* length parameter to srtp_cipher_encrypt is in/out -- out is total, * padded * length -- so reset it each time. */ @@ -549,7 +569,7 @@ uint64_t cipher_array_bits_per_second(srtp_cipher_t *cipher_array[], &octets_to_encrypt); /* choose a cipher at random from the array*/ - cipher_index = (*((uint32_t *)enc_buf)) % num_cipher; + cipher_index = (*((size_t *)enc_buf)) % num_cipher; } timer = clock() - timer; @@ -565,23 +585,23 @@ uint64_t cipher_array_bits_per_second(srtp_cipher_t *cipher_array[], void cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher) { - int i; - int min_enc_len = 16; - int max_enc_len = 2048; /* should be a power of two */ - int num_trials = 1000000; + size_t min_enc_len = 16; + size_t max_enc_len = 2048; /* should be a power of two */ + size_t num_trials = 1000000; printf("timing %s throughput with key length %zu, array size %d:\n", (ca[0])->type->description, (ca[0])->key_len, num_cipher); fflush(stdout); - for (i = min_enc_len; i <= max_enc_len; i = i * 4) - printf("msg len: %d\tgigabits per second: %f\n", i, + for (size_t i = min_enc_len; i <= max_enc_len; i = i * 4) { + printf("msg len: %zd\tgigabits per second: %f\n", i, cipher_array_bits_per_second(ca, num_cipher, i, num_trials) / 1e9); + } } srtp_err_status_t cipher_driver_test_array_throughput(srtp_cipher_type_t *ct, - int klen, - int num_cipher) + size_t klen, + size_t num_cipher) { srtp_cipher_t **ca = NULL; srtp_err_status_t status; diff --git a/crypto/test/datatypes_driver.c b/crypto/test/datatypes_driver.c index 7be8dcd19..b30401935 100644 --- a/crypto/test/datatypes_driver.c +++ b/crypto/test/datatypes_driver.c @@ -70,7 +70,6 @@ int main(void) * case of future problems */ - int i, j; v128_t x; char *r = "The Moving Finger writes; and, having writ,\n" "Moves on: nor all thy Piety nor Wit\n" @@ -84,7 +83,7 @@ int main(void) byte_order(); test_hex_string_funcs(); - for (j = 0; j < 128; j++) { + for (size_t j = 0; j < 128; j++) { v128_set_to_zero(&x); /* x.v32[0] = (1 << j); */ v128_set_bit(&x, j); @@ -95,7 +94,7 @@ int main(void) printf("----------------------------------------------\n"); v128_set_to_zero(&x); - for (i = 0; i < 128; i++) { + for (size_t i = 0; i < 128; i++) { v128_set_bit(&x, i); } printf("%s\n", v128_bit_string(&x)); @@ -103,12 +102,12 @@ int main(void) printf("----------------------------------------------\n"); v128_set_to_zero(&x); v128_set_bit(&x, 127); - for (i = 0; i < 128; i++) { + for (size_t i = 0; i < 128; i++) { printf("%s\n", v128_bit_string(&x)); v128_left_shift(&x, 1); } printf("----------------------------------------------\n"); - for (i = 0; i < 128; i++) { + for (size_t i = 0; i < 128; i++) { v128_set_to_zero(&x); v128_set_bit(&x, 127); v128_left_shift(&x, i); @@ -116,16 +115,17 @@ int main(void) } printf("----------------------------------------------\n"); v128_set_to_zero(&x); - for (i = 0; i < 128; i += 2) { + for (size_t i = 0; i < 128; i += 2) { v128_set_bit(&x, i); } printf("bit_string: { %s }\n", v128_bit_string(&x)); printf("get_bit: { "); - for (i = 0; i < 128; i++) { - if (v128_get_bit(&x, i) == 1) + for (size_t i = 0; i < 128; i++) { + if (v128_get_bit(&x, i) == 1) { printf("1"); - else + } else { printf("0"); + } } printf(" } \n"); @@ -143,8 +143,9 @@ void byte_order(void) v128_t e; printf("byte ordering of crypto/math datatypes:\n"); - for (i = 0; i < sizeof(e); i++) + for (i = 0; i < sizeof(e); i++) { e.v8[i] = (uint8_t)i; + } printf("v128_t: %s\n", v128_hex_string(&e)); } @@ -170,12 +171,13 @@ void print_string(char *s) { size_t i; printf("%s\n", s); - printf("strlen(s) = %u\n", (unsigned)strlen(s)); + printf("strlen(s) = %zu\n", strlen(s)); printf("{ "); for (i = 0; i < strlen(s); i++) { printf("0x%x, ", s[i]); - if (((i + 1) % 8) == 0) + if (((i + 1) % 8) == 0) { printf("\n "); + } } printf("}\n"); } diff --git a/crypto/test/env.c b/crypto/test/env.c index 8c3f4edfa..46f8b8f5d 100644 --- a/crypto/test/env.c +++ b/crypto/test/env.c @@ -48,7 +48,7 @@ int main(void) { - int err_count = 0; + size_t err_count = 0; #ifdef WORDS_BIGENDIAN printf("CPU set to big-endian\t\t\t(WORDS_BIGENDIAN == 1)\n"); @@ -80,10 +80,11 @@ int main(void) printf("using stdout for error reporting\t(ERR_REPORTING_STDOUT == 1)\n"); #endif - if (err_count) + if (err_count) { printf("warning: configuration is probably in error " - "(found %d problems)\n", + "(found %zu problems)\n", err_count); + } return err_count; } diff --git a/crypto/test/kernel_driver.c b/crypto/test/kernel_driver.c index 929a2470a..ada85dca3 100644 --- a/crypto/test/kernel_driver.c +++ b/crypto/test/kernel_driver.c @@ -62,8 +62,9 @@ int main(int argc, char *argv[]) int do_validation = 0; srtp_err_status_t status; - if (argc == 1) + if (argc == 1) { usage(argv[0]); + } /* initialize kernel - we need to do this before anything else */ status = srtp_crypto_kernel_init(); @@ -76,14 +77,15 @@ int main(int argc, char *argv[]) /* process input arguments */ while (1) { q = getopt_s(argc, argv, "vd:"); - if (q == -1) + if (q == -1) { break; + } switch (q) { case 'v': do_validation = 1; break; case 'd': - status = srtp_crypto_kernel_set_debug_module(optarg_s, 1); + status = srtp_crypto_kernel_set_debug_module(optarg_s, true); if (status) { printf("error: set debug module (%s) failed\n", optarg_s); exit(1); diff --git a/crypto/test/sha1_driver.c b/crypto/test/sha1_driver.c index 31d506fb6..90ef2ad99 100644 --- a/crypto/test/sha1_driver.c +++ b/crypto/test/sha1_driver.c @@ -59,8 +59,8 @@ #define MAX_HASH_OUT_LEN 20 typedef struct hash_test_case_t { - unsigned data_len; /* number of octets in data */ - unsigned hash_len; /* number of octets output by hash */ + size_t data_len; /* number of octets in data */ + size_t hash_len; /* number of octets output by hash */ uint8_t data[MAX_HASH_DATA_LEN]; /* message data */ uint8_t hash[MAX_HASH_OUT_LEN]; /* expected hash output */ struct hash_test_case_t *next_test_case; @@ -70,17 +70,18 @@ hash_test_case_t *sha1_test_case_list; srtp_err_status_t hash_test_case_add(hash_test_case_t **list_ptr, char *hex_data, - unsigned data_len, + size_t data_len, char *hex_hash, - unsigned hash_len) + size_t hash_len) { hash_test_case_t *list_head = *list_ptr; hash_test_case_t *test_case; size_t tmp_len; test_case = malloc(sizeof(hash_test_case_t)); - if (test_case == NULL) + if (test_case == NULL) { return srtp_err_status_alloc_fail; + } tmp_len = hex_string_to_octet_string(test_case->data, hex_data, data_len * 2); @@ -111,13 +112,16 @@ srtp_err_status_t sha1_test_case_validate(const hash_test_case_t *test_case) srtp_sha1_ctx_t ctx; uint32_t hash_value[5]; - if (test_case == NULL) + if (test_case == NULL) { return srtp_err_status_bad_param; + } - if (test_case->hash_len != 20) + if (test_case->hash_len != 20) { return srtp_err_status_bad_param; - if (test_case->data_len > MAX_HASH_DATA_LEN) + } + if (test_case->data_len > MAX_HASH_DATA_LEN) { return srtp_err_status_bad_param; + } srtp_sha1_init(&ctx); srtp_sha1_update(&ctx, test_case->data, test_case->data_len); @@ -141,14 +145,13 @@ srtp_err_status_t sha1_test_case_validate(const hash_test_case_t *test_case) } struct hex_sha1_test_case_t { - unsigned bit_len; + size_t bit_len; char hex_data[MAX_HASH_DATA_LEN * 2]; char hex_hash[40 + 1]; }; srtp_err_status_t sha1_add_test_cases(void) { - int i; srtp_err_status_t err; /* @@ -346,7 +349,7 @@ srtp_err_status_t sha1_add_test_cases(void) "a3054427cdb13f164a610b348702724c808a0dcc" } }; - for (i = 0; i < 65; i++) { + for (size_t i = 0; i < 65; i++) { err = hash_test_case_add(&sha1_test_case_list, tc[i].hex_data, tc[i].bit_len / 8, tc[i].hex_hash, 20); if (err) { @@ -383,8 +386,9 @@ srtp_err_status_t sha1_validate(void) return err; } - if (sha1_test_case_list == NULL) + if (sha1_test_case_list == NULL) { return srtp_err_status_cant_check; + } test_case = sha1_test_case_list; while (test_case != NULL) { diff --git a/doc/crypto_kernel.txt b/doc/crypto_kernel.txt index b0d033ff0..19e3fc127 100644 --- a/doc/crypto_kernel.txt +++ b/doc/crypto_kernel.txt @@ -24,53 +24,51 @@ directly, if need be. * @brief Allocates a cipher of a particular type. * @warning May be implemented as a macro. */ -err_status_t -cipher_type_alloc(cipher_type_t *ctype, cipher_t **cipher, - unsigned key_len); +srtp_err_status_t srtp_cipher_type_alloc(const srtp_cipher_type_t *ct, + srtp_cipher_t **c, + size_t key_len, + size_t tlen); /** * @brief Initialized a cipher to use a particular key. May * be invoked more than once on the same cipher. * @warning May be implemented as a macro. */ - -err_status_t -cipher_init(cipher_t *cipher, const uint8_t *key); +srtp_err_status_t srtp_cipher_init(srtp_cipher_t *c, const uint8_t *key); /** * @brief Sets the initialization vector of a given cipher. * @warning May be implemented as a macro. */ - -err_status_t -cipher_set_iv(cipher_t *cipher, void *iv); +srtp_err_status_t srtp_cipher_set_iv(srtp_cipher_t *c, + uint8_t *iv, + srtp_cipher_direction_t direction); /** * @brief Encrypts a buffer with a given cipher. * @warning May be implemented as a macro. - */ - -err_status_t -cipher_encrypt(cipher_t *cipher, void *buf, unsigned int *len); + */ +srtp_err_status_t srtp_cipher_encrypt(srtp_cipher_t *c, + uint8_t *buffer, + size_t *num_octets_to_output); /** * @brief Sets a buffer to the keystream generated by the cipher. * @warning May be implemented as a macro. */ -err_status_t -cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output); +srtp_err_status_t srtp_cipher_output(srtp_cipher_t *c, + uint8_t *buffer, + size_t *num_octets_to_output); /** * @brief Deallocates a cipher. * @warning May be implemented as a macro. */ -err_status_t -cipher_dealloc(cipher_t *cipher); - +srtp_err_status_t srtp_cipher_dealloc(srtp_cipher_t *c); /** * @} */ - */ \ No newline at end of file + */ diff --git a/fuzzer/fuzzer.c b/fuzzer/fuzzer.c index 20d634e1b..65499fefd 100644 --- a/fuzzer/fuzzer.c +++ b/fuzzer/fuzzer.c @@ -186,7 +186,7 @@ static srtp_err_status_t fuzz_srtp_protect(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki) + size_t mki) { return srtp_protect(srtp_sender, hdr, len); } @@ -195,7 +195,7 @@ static srtp_err_status_t fuzz_srtp_unprotect(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki) + size_t mki) { return srtp_unprotect(srtp_sender, hdr, len); } @@ -204,7 +204,7 @@ static srtp_err_status_t fuzz_srtp_protect_rtcp(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki) + size_t mki) { return srtp_protect_rtcp(srtp_sender, hdr, len); } @@ -213,7 +213,7 @@ static srtp_err_status_t fuzz_srtp_unprotect_rtcp(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki) + size_t mki) { return srtp_unprotect_rtcp(srtp_sender, hdr, len); } @@ -222,7 +222,7 @@ static srtp_err_status_t fuzz_srtp_protect_mki(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki) + size_t mki) { return srtp_protect_mki(srtp_sender, hdr, len, use_mki, mki); } @@ -231,7 +231,7 @@ static srtp_err_status_t fuzz_srtp_protect_rtcp_mki(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki) + size_t mki) { return srtp_protect_rtcp_mki(srtp_sender, hdr, len, use_mki, mki); } @@ -240,7 +240,7 @@ static srtp_err_status_t fuzz_srtp_unprotect_mki(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki) + size_t mki) { return srtp_unprotect_mki(srtp_sender, hdr, len, use_mki); } @@ -249,7 +249,7 @@ static srtp_err_status_t fuzz_srtp_unprotect_rtcp_mki(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki) + size_t mki) { return srtp_unprotect_rtcp_mki(srtp_sender, hdr, len, use_mki); } @@ -258,7 +258,7 @@ static srtp_err_status_t fuzz_srtp_unprotect_rtcp_mki(srtp_t srtp_sender, static srtp_err_status_t fuzz_srtp_get_protect_length(const srtp_t srtp_ctx, uint8_t use_mki, - unsigned int mki, + size_t mki, size_t *length) { return srtp_get_protect_trailer_length(srtp_ctx, 0, 0, length); @@ -267,7 +267,7 @@ static srtp_err_status_t fuzz_srtp_get_protect_length(const srtp_t srtp_ctx, static srtp_err_status_t fuzz_srtp_get_protect_rtcp_length( const srtp_t srtp_ctx, uint8_t use_mki, - unsigned int mki, + size_t mki, size_t *length) { return srtp_get_protect_rtcp_trailer_length(srtp_ctx, 0, 0, length); @@ -275,7 +275,7 @@ static srtp_err_status_t fuzz_srtp_get_protect_rtcp_length( static srtp_err_status_t fuzz_srtp_get_protect_mki_length(const srtp_t srtp_ctx, uint8_t use_mki, - unsigned int mki, + size_t mki, size_t *length) { return srtp_get_protect_trailer_length(srtp_ctx, use_mki, mki, length); @@ -284,7 +284,7 @@ static srtp_err_status_t fuzz_srtp_get_protect_mki_length(const srtp_t srtp_ctx, static srtp_err_status_t fuzz_srtp_get_protect_rtcp_mki_length( const srtp_t srtp_ctx, uint8_t use_mki, - unsigned int mki, + size_t mki, size_t *length) { return srtp_get_protect_rtcp_trailer_length(srtp_ctx, use_mki, mki, length); @@ -415,7 +415,7 @@ static srtp_policy_t *extract_policy(const uint8_t **data, size_t *size) srtp_policy_t *policy = NULL; struct { uint8_t srtp_crypto_policy_func; - uint64_t window_size; + size_t window_size; uint8_t allow_repeat_tx; uint8_t ssrc_type; uint32_t ssrc_value; diff --git a/fuzzer/fuzzer.h b/fuzzer/fuzzer.h index f11ff0896..52c84a38b 100644 --- a/fuzzer/fuzzer.h +++ b/fuzzer/fuzzer.h @@ -24,17 +24,17 @@ #endif typedef srtp_err_status_t ( - *fuzz_srtp_func)(srtp_t, void *, size_t *, uint8_t, unsigned int); + *fuzz_srtp_func)(srtp_t, void *, size_t *, uint8_t, size_t); typedef void (*fuzz_srtp_crypto_policy_func)(srtp_crypto_policy_t *); typedef srtp_err_status_t (*fuzz_srtp_get_length_func)(const srtp_t, uint8_t, - unsigned int, + size_t, size_t *); struct fuzz_srtp_params { uint8_t srtp_func; uint8_t srtp_crypto_policy_func; - uint16_t window_size; + size_t window_size; uint8_t allow_repeat_tx; uint8_t ssrc_type; uint32_t ssrc_value; @@ -46,60 +46,60 @@ static srtp_err_status_t fuzz_srtp_protect(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki); + size_t mki); static srtp_err_status_t fuzz_srtp_unprotect(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki); + size_t mki); static srtp_err_status_t fuzz_srtp_protect_rtcp(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki); + size_t mki); static srtp_err_status_t fuzz_srtp_unprotect_rtcp(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki); + size_t mki); static srtp_err_status_t fuzz_srtp_protect_mki(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki); + size_t mki); static srtp_err_status_t fuzz_srtp_protect_rtcp_mki(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki); + size_t mki); static srtp_err_status_t fuzz_srtp_unprotect_mki(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki); + size_t mki); static srtp_err_status_t fuzz_srtp_unprotect_rtcp_mki(srtp_t srtp_sender, void *hdr, size_t *len, uint8_t use_mki, - unsigned int mki); + size_t mki); static srtp_err_status_t fuzz_srtp_get_protect_length(const srtp_t srtp_ctx, uint8_t use_mki, - unsigned int mki, + size_t mki, size_t *length); static srtp_err_status_t fuzz_srtp_get_protect_mki_length(const srtp_t srtp_ctx, uint8_t use_mki, - unsigned int mki, + size_t mki, size_t *length); static srtp_err_status_t fuzz_srtp_get_protect_rtcp_length( const srtp_t srtp_ctx, uint8_t use_mki, - unsigned int mki, + size_t mki, size_t *length); static srtp_err_status_t fuzz_srtp_get_protect_rtcp_mki_length( const srtp_t srtp_ctx, uint8_t use_mki, - unsigned int mki, + size_t mki, size_t *length); struct fuzz_srtp_func_ext { diff --git a/include/srtp.h b/include/srtp.h index 555460d4a..e06c5d53c 100644 --- a/include/srtp.h +++ b/include/srtp.h @@ -338,7 +338,7 @@ typedef struct srtp_policy_t { /**< this stream. */ srtp_master_key_t **keys; /** Array of Master Key structures */ size_t num_master_keys; /** Number of master keys */ - unsigned long window_size; /**< The window size to use for replay */ + size_t window_size; /**< The window size to use for replay */ /**< protection. */ bool allow_repeat_tx; /**< Whether retransmissions of */ /**< packets with the same sequence */ @@ -347,8 +347,8 @@ typedef struct srtp_policy_t { /**< transmissions must have the same */ /**< RTP payload, or a severe security */ /**< weakness is introduced!) */ - int *enc_xtn_hdr; /**< List of header ids to encrypt. */ - int enc_xtn_hdr_count; /**< Number of entries in list of header */ + uint8_t *enc_xtn_hdr; /**< List of header ids to encrypt. */ + size_t enc_xtn_hdr_count; /**< Number of entries in list of header */ /**< ids. */ struct srtp_policy_t *next; /**< Pointer to next stream policy. */ } srtp_policy_t; @@ -476,7 +476,7 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, uint8_t *rtp_hdr, size_t *pkt_octet_len, bool use_mki, - unsigned int mki_index); + size_t mki_index); /** * @brief srtp_unprotect() is the Secure RTP receiver-side packet @@ -1386,7 +1386,7 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, uint8_t *rtcp_hdr, size_t *pkt_octet_len, bool use_mki, - unsigned int mki_index); + size_t mki_index); /** * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet @@ -1635,12 +1635,12 @@ unsigned int srtp_get_version(void); /** * @brief srtp_set_debug_module(mod_name, v) * - * sets dynamic debugging to the value v (0 for off, 1 for on) for the + * sets dynamic debugging to the value v (false for off, true for on) for the * debug module with the name mod_name * * returns err_status_ok on success, err_status_fail otherwise */ -srtp_err_status_t srtp_set_debug_module(const char *mod_name, int v); +srtp_err_status_t srtp_set_debug_module(const char *mod_name, bool v); /** * @brief srtp_list_debug_modules() outputs a list of debugging modules diff --git a/include/srtp_priv.h b/include/srtp_priv.h index 3cc69de58..8fa4b08c3 100644 --- a/include/srtp_priv.h +++ b/include/srtp_priv.h @@ -141,8 +141,8 @@ typedef struct srtp_stream_ctx_t_ { srtp_sec_serv_t rtcp_services; direction_t direction; bool allow_repeat_tx; - int *enc_xtn_hdr; - int enc_xtn_hdr_count; + uint8_t *enc_xtn_hdr; + size_t enc_xtn_hdr_count; uint32_t pending_roc; } strp_stream_ctx_t_; diff --git a/include/stream_list_priv.h b/include/stream_list_priv.h index 5df0464a0..c630c8721 100644 --- a/include/stream_list_priv.h +++ b/include/stream_list_priv.h @@ -111,7 +111,7 @@ void srtp_stream_list_remove(srtp_stream_list_t list, srtp_stream_t stream); * returning non-zero from callback aborts the iteration. */ void srtp_stream_list_for_each(srtp_stream_list_t list, - int (*callback)(srtp_stream_t, void *), + bool (*callback)(srtp_stream_t, void *), void *data); #ifdef __cplusplus diff --git a/srtp/srtp.c b/srtp/srtp.c index ed7ec0b3c..5cd11006f 100644 --- a/srtp/srtp.c +++ b/srtp/srtp.c @@ -69,7 +69,7 @@ /* the debug module for srtp */ srtp_debug_module_t mod_srtp = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "srtp" /* printable name for module */ }; @@ -111,23 +111,27 @@ static srtp_err_status_t srtp_validate_rtp_header(const uint8_t *rtp_hdr, const srtp_hdr_t *hdr = (const srtp_hdr_t *)rtp_hdr; size_t rtp_header_len; - if (pkt_octet_len < octets_in_rtp_header) + if (pkt_octet_len < octets_in_rtp_header) { return srtp_err_status_bad_param; + } /* Check RTP header length */ rtp_header_len = srtp_get_rtp_hdr_len(hdr); - if (pkt_octet_len < rtp_header_len) + if (pkt_octet_len < rtp_header_len) { return srtp_err_status_bad_param; + } /* Verifying profile length. */ if (hdr->x == 1) { - if (pkt_octet_len < rtp_header_len + octets_in_rtp_xtn_hdr) + if (pkt_octet_len < rtp_header_len + octets_in_rtp_xtn_hdr) { return srtp_err_status_bad_param; + } rtp_header_len += srtp_get_rtp_xtn_hdr_len( (const srtp_hdr_xtnd_t *)(rtp_hdr + rtp_header_len)); - if (pkt_octet_len < rtp_header_len) + if (pkt_octet_len < rtp_header_len) { return srtp_err_status_bad_param; + } } return srtp_err_status_ok; @@ -204,8 +208,9 @@ static srtp_err_status_t srtp_stream_dealloc( /* do nothing */ } else if (session_keys->rtp_cipher) { status = srtp_cipher_dealloc(session_keys->rtp_cipher); - if (status) + if (status) { return status; + } } /* @@ -217,8 +222,9 @@ static srtp_err_status_t srtp_stream_dealloc( /* do nothing */ } else if (session_keys->rtp_auth) { status = srtp_auth_dealloc(session_keys->rtp_auth); - if (status) + if (status) { return status; + } } if (template_session_keys && @@ -227,8 +233,9 @@ static srtp_err_status_t srtp_stream_dealloc( /* do nothing */ } else if (session_keys->rtp_xtn_hdr_cipher) { status = srtp_cipher_dealloc(session_keys->rtp_xtn_hdr_cipher); - if (status) + if (status) { return status; + } } /* @@ -241,8 +248,9 @@ static srtp_err_status_t srtp_stream_dealloc( /* do nothing */ } else if (session_keys->rtcp_cipher) { status = srtp_cipher_dealloc(session_keys->rtcp_cipher); - if (status) + if (status) { return status; + } } /* @@ -254,8 +262,9 @@ static srtp_err_status_t srtp_stream_dealloc( /* do nothing */ } else if (session_keys->rtcp_auth) { status = srtp_auth_dealloc(session_keys->rtcp_auth); - if (status) + if (status) { return status; + } } /* @@ -286,8 +295,9 @@ static srtp_err_status_t srtp_stream_dealloc( } status = srtp_rdbx_dealloc(&stream->rtp_rdbx); - if (status) + if (status) { return status; + } if (stream_template && stream->enc_xtn_hdr == stream_template->enc_xtn_hdr) { @@ -321,16 +331,16 @@ struct remove_and_dealloc_streams_data { srtp_stream_t template; }; -static int remove_and_dealloc_streams_cb(srtp_stream_t stream, void *data) +static bool remove_and_dealloc_streams_cb(srtp_stream_t stream, void *data) { struct remove_and_dealloc_streams_data *d = (struct remove_and_dealloc_streams_data *)data; srtp_stream_list_remove(d->list, stream); d->status = srtp_stream_dealloc(stream, d->template); if (d->status) { - return 1; + return false; } - return 0; + return true; } static srtp_err_status_t srtp_remove_and_dealloc_streams( @@ -358,7 +368,7 @@ static srtp_err_status_t srtp_valid_policy(const srtp_policy_t *policy) return srtp_err_status_bad_param; } - for (unsigned long i = 0; i < policy->num_master_keys; i++) { + for (size_t i = 0; i < policy->num_master_keys; i++) { if (policy->keys[i]->key == NULL) { return srtp_err_status_bad_param; } @@ -394,8 +404,9 @@ static srtp_err_status_t srtp_stream_alloc(srtp_stream_ctx_t **str_ptr, /* allocate srtp stream and set str_ptr */ str = (srtp_stream_ctx_t *)srtp_crypto_alloc(sizeof(srtp_stream_ctx_t)); - if (str == NULL) + if (str == NULL) { return srtp_err_status_alloc_fail; + } *str_ptr = str; @@ -474,8 +485,8 @@ static srtp_err_status_t srtp_stream_alloc(srtp_stream_ctx_t **str_ptr, srtp_cipher_type_id_t enc_xtn_hdr_cipher_type; size_t enc_xtn_hdr_cipher_key_len; - str->enc_xtn_hdr = (int *)srtp_crypto_alloc(p->enc_xtn_hdr_count * - sizeof(p->enc_xtn_hdr[0])); + str->enc_xtn_hdr = (uint8_t *)srtp_crypto_alloc( + p->enc_xtn_hdr_count * sizeof(p->enc_xtn_hdr[0])); if (!str->enc_xtn_hdr) { srtp_stream_dealloc(str, NULL); return srtp_err_status_alloc_fail; @@ -550,8 +561,9 @@ static srtp_err_status_t srtp_stream_clone( /* allocate srtp stream and set str_ptr */ str = (srtp_stream_ctx_t *)srtp_crypto_alloc(sizeof(srtp_stream_ctx_t)); - if (str == NULL) + if (str == NULL) { return srtp_err_status_alloc_fail; + } *str_ptr = str; str->num_master_keys = stream_template->num_master_keys; @@ -687,8 +699,9 @@ static srtp_err_status_t srtp_kdf_init(srtp_kdf_t *kdf, memset(kdf, 0x0, sizeof(srtp_kdf_t)); /* The NULL cipher has zero key length */ - if (key_len == 0) + if (key_len == 0) { return srtp_err_status_ok; + } if ((key_len > MAX_SRTP_AESKEY_LEN) || (salt_len > MAX_SRTP_SALT_LEN)) { return srtp_err_status_bad_param; @@ -715,13 +728,14 @@ static srtp_err_status_t srtp_kdf_init(srtp_kdf_t *kdf, static srtp_err_status_t srtp_kdf_generate(srtp_kdf_t *kdf, srtp_prf_label label, uint8_t *key, - unsigned int length) + size_t length) { int ret; /* The NULL cipher will not have an EVP */ - if (!kdf->evp) + if (!kdf->evp) { return srtp_err_status_ok; + } octet_string_set_to_zero(key, length); /* @@ -729,8 +743,8 @@ static srtp_err_status_t srtp_kdf_generate(srtp_kdf_t *kdf, * This is useful if OpenSSL is in FIPS mode and FIP * compliance is required for SRTP. */ - ret = kdf_srtp(kdf->evp, (char *)&kdf->master_key, - (char *)&kdf->master_salt, NULL, NULL, label, (char *)key); + ret = kdf_srtp(kdf->evp, (char *)&kdf->master_key, &kdf->master_salt, NULL, + NULL, label, key); if (ret == -1) { return (srtp_err_status_algo_fail); } @@ -780,8 +794,9 @@ static srtp_err_status_t srtp_kdf_init(srtp_kdf_t *kdf, } stat = srtp_crypto_kernel_alloc_cipher(cipher_id, &kdf->cipher, key_len, 0); - if (stat) + if (stat) { return stat; + } stat = srtp_cipher_init(kdf->cipher, key); if (stat) { @@ -805,14 +820,16 @@ static srtp_err_status_t srtp_kdf_generate(srtp_kdf_t *kdf, status = srtp_cipher_set_iv(kdf->cipher, (uint8_t *)&nonce, srtp_direction_encrypt); - if (status) + if (status) { return status; + } /* generate keystream output */ octet_string_set_to_zero(key, length); status = srtp_cipher_encrypt(kdf->cipher, key, &length); - if (status) + if (status) { return status; + } return srtp_err_status_ok; } @@ -821,8 +838,9 @@ static srtp_err_status_t srtp_kdf_clear(srtp_kdf_t *kdf) { srtp_err_status_t status; status = srtp_cipher_dealloc(kdf->cipher); - if (status) + if (status) { return status; + } kdf->cipher = NULL; return srtp_err_status_ok; } @@ -879,7 +897,7 @@ static inline size_t full_key_length(const srtp_cipher_type_t *cipher) srtp_session_keys_t *srtp_get_session_keys_with_mki_index( srtp_stream_ctx_t *stream, bool use_mki, - unsigned int mki_index) + size_t mki_index) { if (use_mki) { if (mki_index >= stream->num_master_keys) { @@ -1306,8 +1324,9 @@ srtp_err_status_t srtp_stream_init_keys(srtp_stream_ctx_t *srtp, /* clear memory then return */ stat = srtp_kdf_clear(&kdf); octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - if (stat) + if (stat) { return srtp_err_status_init_fail; + } return srtp_err_status_ok; } @@ -1336,12 +1355,14 @@ static srtp_err_status_t srtp_stream_init(srtp_stream_ctx_t *srtp, (p->window_size < 64 || p->window_size >= 0x8000)) return srtp_err_status_bad_param; - if (p->window_size != 0) + if (p->window_size != 0) { err = srtp_rdbx_init(&srtp->rtp_rdbx, p->window_size); - else + } else { err = srtp_rdbx_init(&srtp->rtp_rdbx, 128); - if (err) + } + if (err) { return err; + } /* set the SSRC value */ srtp->ssrc = htonl(p->ssrc.value); @@ -1438,26 +1459,26 @@ srtp_err_status_t srtp_install_event_handler(srtp_event_handler_func_t func) /* * Check if the given extension header id is / should be encrypted. - * Returns 1 if yes, otherwise 0. + * Returns true if yes, otherwise false. */ -static int srtp_protect_extension_header(srtp_stream_ctx_t *stream, int id) +static bool srtp_protect_extension_header(srtp_stream_ctx_t *stream, uint8_t id) { - int *enc_xtn_hdr = stream->enc_xtn_hdr; - int count = stream->enc_xtn_hdr_count; + uint8_t *enc_xtn_hdr = stream->enc_xtn_hdr; + size_t count = stream->enc_xtn_hdr_count; if (!enc_xtn_hdr || count <= 0) { - return 0; + return false; } while (count > 0) { if (*enc_xtn_hdr == id) { - return 1; + return true; } enc_xtn_hdr++; count--; } - return 0; + return false; } /* @@ -1470,7 +1491,7 @@ static srtp_err_status_t srtp_process_header_encryption( { srtp_err_status_t status; uint8_t keystream[257]; /* Maximum 2 bytes header + 255 bytes data. */ - int keystream_pos; + size_t keystream_pos; uint8_t *xtn_hdr_data = ((uint8_t *)xtn_hdr) + octets_in_rtp_xtn_hdr; uint8_t *xtn_hdr_end = xtn_hdr_data + (ntohs(xtn_hdr->length) * sizeof(uint32_t)); @@ -1483,18 +1504,20 @@ static srtp_err_status_t srtp_process_header_encryption( size_t xlen_with_header = 1 + xlen; xtn_hdr_data++; - if (xtn_hdr_data + xlen > xtn_hdr_end) + if (xtn_hdr_data + xlen > xtn_hdr_end) { return srtp_err_status_parse_err; + } if (xid == 15) { - /* found header 15, stop further processing. */ + /* found header 15, stop further processing */ break; } status = srtp_cipher_output(session_keys->rtp_xtn_hdr_cipher, keystream, &xlen_with_header); - if (status) + if (status) { return srtp_err_status_cipher_fail; + } if (srtp_protect_extension_header(stream, xid)) { keystream_pos = 1; @@ -1507,7 +1530,7 @@ static srtp_err_status_t srtp_process_header_encryption( xtn_hdr_data += xlen; } - /* skip padding bytes. */ + /* skip padding bytes */ while (xtn_hdr_data < xtn_hdr_end && *xtn_hdr_data == 0) { xtn_hdr_data++; } @@ -1520,13 +1543,15 @@ static srtp_err_status_t srtp_process_header_encryption( size_t xlen_with_header = 2 + xlen; xtn_hdr_data += 2; - if (xtn_hdr_data + xlen > xtn_hdr_end) + if (xtn_hdr_data + xlen > xtn_hdr_end) { return srtp_err_status_parse_err; + } status = srtp_cipher_output(session_keys->rtp_xtn_hdr_cipher, keystream, &xlen_with_header); - if (status) + if (status) { return srtp_err_status_cipher_fail; + } if (xlen > 0 && srtp_protect_extension_header(stream, xid)) { keystream_pos = 2; @@ -1667,7 +1692,7 @@ static srtp_err_status_t srtp_estimate_index(srtp_rdbx_t *rdbx, uint32_t roc, srtp_xtd_seq_num_t *est, srtp_sequence_number_t seq, - int *delta) + ssize_t *delta) { #ifdef NO_64BIT_MATH uint32_t internal_pkt_idx_reduced; @@ -1681,7 +1706,7 @@ static srtp_err_status_t srtp_estimate_index(srtp_rdbx_t *rdbx, *delta = low32(est) - rdbx->index; #else *est = (srtp_xtd_seq_num_t)(((uint64_t)roc) << 16) | seq; - *delta = (int)(*est - rdbx->index); + *delta = *est - rdbx->index; #endif if (*est > rdbx->index) { @@ -1740,7 +1765,7 @@ static srtp_err_status_t srtp_estimate_index(srtp_rdbx_t *rdbx, static srtp_err_status_t srtp_get_est_pkt_index(const srtp_hdr_t *hdr, srtp_stream_ctx_t *stream, srtp_xtd_seq_num_t *est, - int *delta) + ssize_t *delta) { srtp_err_status_t result = srtp_err_status_ok; @@ -1778,7 +1803,7 @@ static srtp_err_status_t srtp_protect_aead(srtp_ctx_t *ctx, uint8_t *enc_start; /* pointer to start of encrypted portion */ size_t enc_octet_len = 0; /* number of octets in encrypted portion */ srtp_xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */ - int delta; /* delta of local pkt idx and that in hdr */ + ssize_t delta; /* delta of local pkt idx and that in hdr */ srtp_err_status_t status; size_t tag_len; v128_t iv; @@ -1821,8 +1846,9 @@ static srtp_err_status_t srtp_protect_aead(srtp_ctx_t *ctx, enc_start += srtp_get_rtp_xtn_hdr_len(xtn_hdr); } /* note: the passed size is without the auth tag */ - if (!(enc_start <= rtp_hdr + *pkt_octet_len)) + if (!(enc_start <= rtp_hdr + *pkt_octet_len)) { return srtp_err_status_parse_err; + } enc_octet_len = *pkt_octet_len - (enc_start - rtp_hdr); @@ -1832,8 +1858,9 @@ static srtp_err_status_t srtp_protect_aead(srtp_ctx_t *ctx, */ status = srtp_get_est_pkt_index(hdr, stream, &est, &delta); - if (status && (status != srtp_err_status_pkt_idx_adv)) + if (status && (status != srtp_err_status_pkt_idx_adv)) { return status; + } if (status == srtp_err_status_pkt_idx_adv) { srtp_rdbx_set_roc_seq(&stream->rtp_rdbx, (uint32_t)(est >> 16), @@ -1938,7 +1965,7 @@ static srtp_err_status_t srtp_protect_aead(srtp_ctx_t *ctx, */ static srtp_err_status_t srtp_unprotect_aead(srtp_ctx_t *ctx, srtp_stream_ctx_t *stream, - int delta, + ssize_t delta, srtp_xtd_seq_num_t est, uint8_t *srtp_hdr, size_t *pkt_octet_len, @@ -2000,8 +2027,10 @@ static srtp_err_status_t srtp_unprotect_aead(srtp_ctx_t *ctx, xtn_hdr = srtp_get_rtp_xtn_hdr(hdr); enc_start += srtp_get_rtp_xtn_hdr_len(xtn_hdr); } - if (!(enc_start <= srtp_hdr + (*pkt_octet_len - tag_len - mki_size))) + if (!(enc_start <= srtp_hdr + (*pkt_octet_len - tag_len - mki_size))) { return srtp_err_status_parse_err; + } + /* * We pass the tag down to the cipher when doing GCM mode */ @@ -2145,14 +2174,14 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, uint8_t *rtp_hdr, size_t *pkt_octet_len, bool use_mki, - unsigned int mki_index) + size_t mki_index) { srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr; uint8_t *enc_start; /* pointer to start of encrypted portion */ uint8_t *auth_start; /* pointer to start of auth. portion */ size_t enc_octet_len = 0; /* number of octets in encrypted portion */ srtp_xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */ - int delta; /* delta of local pkt idx and that in hdr */ + ssize_t delta; /* delta of local pkt idx and that in hdr */ uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ srtp_err_status_t status; size_t tag_len; @@ -2167,12 +2196,14 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, /* Verify RTP header */ status = srtp_validate_rtp_header(rtp_hdr, *pkt_octet_len); - if (status) + if (status) { return status; + } /* check the packet length - it must at least contain a full header */ - if (*pkt_octet_len < octets_in_rtp_header) + if (*pkt_octet_len < octets_in_rtp_header) { return srtp_err_status_bad_param; + } /* * look up ssrc in srtp_stream list, and process the packet with @@ -2189,8 +2220,9 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, /* allocate and initialize a new stream */ status = srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); - if (status) + if (status) { return status; + } /* add new stream to the list */ status = srtp_insert_or_dealloc_stream(ctx->stream_list, new_stream, @@ -2228,8 +2260,9 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, session_keys = srtp_get_session_keys_with_mki_index(stream, use_mki, mki_index); - if (session_keys == NULL) + if (session_keys == NULL) { return srtp_err_status_bad_mki; + } /* * Check if this is an AEAD stream (GCM mode). If so, then dispatch @@ -2277,8 +2310,9 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, enc_start += srtp_get_rtp_xtn_hdr_len(xtn_hdr); } /* note: the passed size is without the auth tag */ - if (!(enc_start <= rtp_hdr + *pkt_octet_len)) + if (!(enc_start <= rtp_hdr + *pkt_octet_len)) { return srtp_err_status_parse_err; + } enc_octet_len = *pkt_octet_len - (enc_start - rtp_hdr); } else { @@ -2307,8 +2341,9 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, */ status = srtp_get_est_pkt_index(hdr, stream, &est, &delta); - if (status && (status != srtp_err_status_pkt_idx_adv)) + if (status && (status != srtp_err_status_pkt_idx_adv)) { return status; + } if (status == srtp_err_status_pkt_idx_adv) { srtp_rdbx_set_roc_seq(&stream->rtp_rdbx, (uint32_t)(est >> 16), @@ -2372,8 +2407,9 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, (uint8_t *)&iv, srtp_direction_encrypt); } } - if (status) + if (status) { return srtp_err_status_cipher_fail; + } /* shift est, put into network byte order */ #ifdef NO_64BIT_MATH @@ -2392,8 +2428,9 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, if (prefix_len) { status = srtp_cipher_output(session_keys->rtp_cipher, auth_tag, &prefix_len); - if (status) + if (status) { return srtp_err_status_cipher_fail; + } debug_print(mod_srtp, "keystream prefix: %s", srtp_octet_string_hex_string(auth_tag, prefix_len)); } @@ -2413,8 +2450,9 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, if (enc_start) { status = srtp_cipher_encrypt(session_keys->rtp_cipher, enc_start, &enc_octet_len); - if (status) + if (status) { return srtp_err_status_cipher_fail; + } } /* @@ -2424,14 +2462,16 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, if (auth_start) { /* initialize auth func context */ status = srtp_auth_start(session_keys->rtp_auth); - if (status) + if (status) { return status; + } /* run auth func over packet */ status = srtp_auth_update(session_keys->rtp_auth, auth_start, *pkt_octet_len); - if (status) + if (status) { return status; + } /* run auth func over ROC, put result into auth_tag */ debug_print(mod_srtp, "estimated packet index: %016" PRIx64, est); @@ -2439,8 +2479,9 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, auth_tag); debug_print(mod_srtp, "srtp auth tag: %s", srtp_octet_string_hex_string(auth_tag, tag_len)); - if (status) - return srtp_err_status_auth_fail; + if (status) { + return status; + } } if (auth_tag) { @@ -2474,7 +2515,7 @@ srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, size_t enc_octet_len = 0; /* number of octets in encrypted portion */ uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ srtp_xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */ - int delta; /* delta of local pkt idx and that in hdr */ + ssize_t delta; /* delta of local pkt idx and that in hdr */ v128_t iv; srtp_err_status_t status; srtp_stream_ctx_t *stream; @@ -2491,12 +2532,14 @@ srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, /* Verify RTP header */ status = srtp_validate_rtp_header(srtp_hdr, *pkt_octet_len); - if (status) + if (status) { return status; + } /* check the packet length - it must at least contain a full header */ - if (*pkt_octet_len < octets_in_rtp_header) + if (*pkt_octet_len < octets_in_rtp_header) { return srtp_err_status_bad_param; + } /* * look up ssrc in srtp_stream list, and process the packet with @@ -2533,8 +2576,9 @@ srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, } else { status = srtp_get_est_pkt_index(hdr, stream, &est, &delta); - if (status && (status != srtp_err_status_pkt_idx_adv)) + if (status && (status != srtp_err_status_pkt_idx_adv)) { return status; + } if (status == srtp_err_status_pkt_idx_adv) { advance_packet_index = true; @@ -2545,8 +2589,9 @@ srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, /* check replay database */ if (!advance_packet_index) { status = srtp_rdbx_check(&stream->rtp_rdbx, delta); - if (status) + if (status) { return status; + } } } @@ -2562,8 +2607,9 @@ srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, session_keys = srtp_get_session_keys(stream, srtp_hdr, *pkt_octet_len, &mki_size); - if (session_keys == NULL) + if (session_keys == NULL) { return srtp_err_status_bad_mki; + } } else { session_keys = &stream->session_keys[0]; } @@ -2620,8 +2666,9 @@ srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, (uint8_t *)&iv, srtp_direction_decrypt); } } - if (status) + if (status) { return srtp_err_status_cipher_fail; + } /* shift est, put into network byte order */ #ifdef NO_64BIT_MATH @@ -2645,8 +2692,9 @@ srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, xtn_hdr = srtp_get_rtp_xtn_hdr(hdr); enc_start += srtp_get_rtp_xtn_hdr_len(xtn_hdr); } - if (!(enc_start <= srtp_hdr + (*pkt_octet_len - tag_len - mki_size))) + if (!(enc_start <= srtp_hdr + (*pkt_octet_len - tag_len - mki_size))) { return srtp_err_status_parse_err; + } enc_octet_len = *pkt_octet_len - tag_len - mki_size - (enc_start - srtp_hdr); @@ -2685,20 +2733,23 @@ srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, &prefix_len); debug_print(mod_srtp, "keystream prefix: %s", srtp_octet_string_hex_string(tmp_tag, prefix_len)); - if (status) + if (status) { return srtp_err_status_cipher_fail; + } } /* initialize auth func context */ status = srtp_auth_start(session_keys->rtp_auth); - if (status) + if (status) { return status; + } /* now compute auth function over packet */ status = srtp_auth_update(session_keys->rtp_auth, auth_start, *pkt_octet_len - tag_len - mki_size); - if (status) + if (status) { return status; + } /* run auth func over ROC, then write tmp tag */ status = srtp_auth_compute(session_keys->rtp_auth, (uint8_t *)&est, 4, @@ -2708,11 +2759,13 @@ srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, srtp_octet_string_hex_string(tmp_tag, tag_len)); debug_print(mod_srtp, "packet auth tag: %s", srtp_octet_string_hex_string(auth_tag, tag_len)); - if (status) + if (status) { return srtp_err_status_auth_fail; + } - if (srtp_octet_string_is_eq(tmp_tag, auth_tag, tag_len)) + if (srtp_octet_string_is_eq(tmp_tag, auth_tag, tag_len)) { return srtp_err_status_auth_fail; + } } /* @@ -2745,8 +2798,9 @@ srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, if (enc_start) { status = srtp_cipher_decrypt(session_keys->rtp_cipher, enc_start, &enc_octet_len); - if (status) + if (status) { return srtp_err_status_cipher_fail; + } } /* @@ -2826,13 +2880,15 @@ srtp_err_status_t srtp_init(void) /* initialize crypto kernel */ status = srtp_crypto_kernel_init(); - if (status) + if (status) { return status; + } /* load srtp debug module into the kernel */ status = srtp_crypto_kernel_load_debug_module(&mod_srtp); - if (status) + if (status) { return status; + } return srtp_err_status_ok; } @@ -2843,8 +2899,9 @@ srtp_err_status_t srtp_shutdown(void) /* shut down crypto kernel */ status = srtp_crypto_kernel_shutdown(); - if (status) + if (status) { return status; + } /* shutting down crypto kernel frees the srtp debug module as well */ @@ -2982,8 +3039,9 @@ srtp_err_status_t srtp_create(srtp_t *session, /* handle for session */ /* allocate srtp context and set ctx_ptr */ ctx = (srtp_ctx_t *)srtp_crypto_alloc(sizeof(srtp_ctx_t)); - if (ctx == NULL) + if (ctx == NULL) { return srtp_err_status_alloc_fail; + } *session = ctx; ctx->stream_template = NULL; @@ -3025,8 +3083,9 @@ srtp_err_status_t srtp_stream_remove(srtp_t session, uint32_t ssrc) srtp_err_status_t status; /* sanity check arguments */ - if (session == NULL) + if (session == NULL) { return srtp_err_status_bad_param; + } /* find and remove stream from the list */ stream = srtp_stream_list_get(session->stream_list, htonl(ssrc)); @@ -3038,8 +3097,9 @@ srtp_err_status_t srtp_stream_remove(srtp_t session, uint32_t ssrc) /* deallocate the stream */ status = srtp_stream_dealloc(stream, session->stream_template); - if (status) + if (status) { return status; + } return srtp_err_status_ok; } @@ -3077,7 +3137,7 @@ struct update_template_stream_data { srtp_stream_list_t new_stream_list; }; -static int update_template_stream_cb(srtp_stream_t stream, void *raw_data) +static bool update_template_stream_cb(srtp_stream_t stream, void *raw_data) { struct update_template_stream_data *data = (struct update_template_stream_data *)raw_data; @@ -3093,39 +3153,39 @@ static int update_template_stream_cb(srtp_stream_t stream, void *raw_data) data->status = srtp_insert_or_dealloc_stream( data->new_stream_list, stream, session->stream_template); if (data->status) { - return 1; + return false; } - return 0; + return true; } - /* save old extendard seq */ + /* save old extended seq */ old_index = stream->rtp_rdbx.index; old_rtcp_rdb = stream->rtcp_rdb; /* remove stream */ data->status = srtp_stream_remove(session, ssrc); if (data->status) { - return 1; + return false; } /* allocate and initialize a new stream */ data->status = srtp_stream_clone(data->new_stream_template, ssrc, &stream); if (data->status) { - return 1; + return false; } /* add new stream to the head of the new_stream_list */ data->status = srtp_insert_or_dealloc_stream(data->new_stream_list, stream, data->new_stream_template); if (data->status) { - return 1; + return false; } /* restore old extended seq */ stream->rtp_rdbx.index = old_index; stream->rtcp_rdb = old_rtcp_rdb; - return 0; + return true; } static srtp_err_status_t update_template_streams(srtp_t session, @@ -3982,7 +4042,7 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, uint8_t *rtcp_hdr, size_t *pkt_octet_len, bool use_mki, - unsigned int mki_index) + size_t mki_index) { srtcp_hdr_t *hdr = (srtcp_hdr_t *)rtcp_hdr; uint8_t *enc_start; /* pointer to start of encrypted portion */ @@ -4000,8 +4060,9 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, srtp_session_keys_t *session_keys = NULL; /* check the packet length - it must at least contain a full header */ - if (*pkt_octet_len < octets_in_rtcp_header) + if (*pkt_octet_len < octets_in_rtcp_header) { return srtp_err_status_bad_param; + } /* * look up ssrc in srtp_stream list, and process the packet with @@ -4018,8 +4079,9 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, /* allocate and initialize a new stream */ status = srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); - if (status) + if (status) { return status; + } /* add new stream to the list */ status = srtp_insert_or_dealloc_stream(ctx->stream_list, new_stream, @@ -4053,8 +4115,9 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, session_keys = srtp_get_session_keys_with_mki_index(stream, use_mki, mki_index); - if (session_keys == NULL) + if (session_keys == NULL) { return srtp_err_status_bad_mki; + } /* * Check if this is an AEAD stream (GCM mode). If so, then dispatch @@ -4109,8 +4172,9 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, * if its value isn't too big */ status = srtp_rdb_increment(&stream->rtcp_rdb); - if (status) + if (status) { return status; + } seq_num = srtp_rdb_get_value(&stream->rtcp_rdb); trailer |= htonl(seq_num); debug_print(mod_srtp, "srtcp index: %x", seq_num); @@ -4143,8 +4207,9 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, status = srtp_cipher_set_iv(session_keys->rtcp_cipher, (uint8_t *)&iv, srtp_direction_encrypt); } - if (status) + if (status) { return srtp_err_status_cipher_fail; + } /* * if we're authenticating using a universal hash, put the keystream @@ -4161,22 +4226,25 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, debug_print(mod_srtp, "keystream prefix: %s", srtp_octet_string_hex_string(auth_tag, prefix_len)); - if (status) + if (status) { return srtp_err_status_cipher_fail; + } } /* if we're encrypting, exor keystream into the message */ if (enc_start) { status = srtp_cipher_encrypt(session_keys->rtcp_cipher, enc_start, &enc_octet_len); - if (status) + if (status) { return srtp_err_status_cipher_fail; + } } /* initialize auth func context */ status = srtp_auth_start(session_keys->rtcp_auth); - if (status) + if (status) { return status; + } /* * run auth func over packet (including trailer), and write the @@ -4187,8 +4255,9 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, (*pkt_octet_len) + sizeof(srtcp_trailer_t), auth_tag); debug_print(mod_srtp, "srtcp auth tag: %s", srtp_octet_string_hex_string(auth_tag, tag_len)); - if (status) + if (status) { return srtp_err_status_auth_fail; + } /* increase the packet length by the length of the auth tag and seq_num*/ *pkt_octet_len += (tag_len + sizeof(srtcp_trailer_t)); @@ -4225,8 +4294,8 @@ srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, srtp_stream_ctx_t *stream; size_t prefix_len; uint32_t seq_num; - int e_bit_in_packet; /* whether the E-bit was found in the packet */ - int sec_serv_confidentiality; /* whether confidentiality was requested */ + bool e_bit_in_packet; /* E-bit was found in the packet */ + bool sec_serv_confidentiality; /* whether confidentiality was requested */ size_t mki_size = 0; srtp_session_keys_t *session_keys = NULL; @@ -4235,8 +4304,9 @@ srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, * know the tag length, but we at least want to know that it is * a positive value */ - if (*pkt_octet_len < octets_in_rtcp_header + sizeof(srtcp_trailer_t)) + if (*pkt_octet_len < octets_in_rtcp_header + sizeof(srtcp_trailer_t)) { return srtp_err_status_bad_param; + } /* * look up ssrc in srtp_stream list, and process the packet with @@ -4266,8 +4336,9 @@ srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, session_keys = srtp_get_session_keys(stream, srtcp_hdr, *pkt_octet_len, &mki_size); - if (session_keys == NULL) + if (session_keys == NULL) { return srtp_err_status_bad_mki; + } } else { session_keys = &stream->session_keys[0]; } @@ -4343,8 +4414,9 @@ srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, seq_num = ntohl(trailer) & SRTCP_INDEX_MASK; debug_print(mod_srtp, "srtcp index: %x", seq_num); status = srtp_rdb_check(&stream->rtcp_rdb, seq_num); - if (status) + if (status) { return status; + } /* * if we're using aes counter mode, set nonce and seq @@ -4372,27 +4444,31 @@ srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, status = srtp_cipher_set_iv(session_keys->rtcp_cipher, (uint8_t *)&iv, srtp_direction_decrypt); } - if (status) + if (status) { return srtp_err_status_cipher_fail; + } /* initialize auth func context */ status = srtp_auth_start(session_keys->rtcp_auth); - if (status) + if (status) { return status; + } /* run auth func over packet, put result into tmp_tag */ status = srtp_auth_compute(session_keys->rtcp_auth, auth_start, auth_len, tmp_tag); debug_print(mod_srtp, "srtcp computed tag: %s", srtp_octet_string_hex_string(tmp_tag, tag_len)); - if (status) + if (status) { return srtp_err_status_auth_fail; + } /* compare the tag just computed with the one in the packet */ debug_print(mod_srtp, "srtcp tag from packet: %s", srtp_octet_string_hex_string(auth_tag, tag_len)); - if (srtp_octet_string_is_eq(tmp_tag, auth_tag, tag_len)) + if (srtp_octet_string_is_eq(tmp_tag, auth_tag, tag_len)) { return srtp_err_status_auth_fail; + } /* * if we're authenticating using a universal hash, put the keystream @@ -4404,16 +4480,18 @@ srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, &prefix_len); debug_print(mod_srtp, "keystream prefix: %s", srtp_octet_string_hex_string(auth_tag, prefix_len)); - if (status) + if (status) { return srtp_err_status_cipher_fail; + } } /* if we're decrypting, exor keystream into the message */ if (enc_start) { status = srtp_cipher_decrypt(session_keys->rtcp_cipher, enc_start, &enc_octet_len); - if (status) + if (status) { return srtp_err_status_cipher_fail; + } } /* decrease the packet length by the length of the auth tag and seq_num */ @@ -4457,8 +4535,9 @@ srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, */ status = srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); - if (status) + if (status) { return status; + } /* add new stream to the list */ status = srtp_insert_or_dealloc_stream(ctx->stream_list, new_stream, @@ -4654,7 +4733,7 @@ struct get_protect_trailer_length_data { uint32_t mki_index; }; -static int get_protect_trailer_length_cb(srtp_stream_t stream, void *raw_data) +static bool get_protect_trailer_length_cb(srtp_stream_t stream, void *raw_data) { struct get_protect_trailer_length_data *data = (struct get_protect_trailer_length_data *)raw_data; @@ -4669,7 +4748,7 @@ static int get_protect_trailer_length_cb(srtp_stream_t stream, void *raw_data) } } - return 0; + return true; } srtp_err_status_t get_protect_trailer_length(srtp_t session, @@ -4725,7 +4804,7 @@ srtp_err_status_t srtp_get_protect_rtcp_trailer_length(srtp_t session, /* * SRTP debug interface */ -srtp_err_status_t srtp_set_debug_module(const char *mod_name, int v) +srtp_err_status_t srtp_set_debug_module(const char *mod_name, bool v) { return srtp_crypto_kernel_set_debug_module(mod_name, v); } @@ -4794,8 +4873,9 @@ srtp_err_status_t srtp_stream_set_roc(srtp_t session, srtp_stream_t stream; stream = srtp_get_stream(session, htonl(ssrc)); - if (stream == NULL) + if (stream == NULL) { return srtp_err_status_bad_param; + } stream->pending_roc = roc; @@ -4809,8 +4889,9 @@ srtp_err_status_t srtp_stream_get_roc(srtp_t session, srtp_stream_t stream; stream = srtp_get_stream(session, htonl(ssrc)); - if (stream == NULL) + if (stream == NULL) { return srtp_err_status_bad_param; + } *roc = srtp_rdbx_get_roc(&stream->rtp_rdbx); @@ -4911,7 +4992,7 @@ srtp_err_status_t srtp_stream_list_insert(srtp_stream_list_t list, /* * removing an entry from the list performs a memory move of the following - * entries one possition back in order to keep all the entries in the buffer + * entries one position back in order to keep all the entries in the buffer * contiguous. */ void srtp_stream_list_remove(srtp_stream_list_t list, @@ -4919,7 +5000,7 @@ void srtp_stream_list_remove(srtp_stream_list_t list, { size_t end = list->size - list->available; - for (unsigned int i = 0; i < end; i++) { + for (size_t i = 0; i < end; i++) { if (list->entries[i].ssrc == stream_to_remove->ssrc) { size_t entries_to_move = list->size - list->available - i - 1; memmove(&list->entries[i], &list->entries[i + 1], @@ -4937,7 +5018,7 @@ srtp_stream_t srtp_stream_list_get(srtp_stream_list_t list, uint32_t ssrc) list_entry *entries = list->entries; - for (unsigned int i = 0; i < end; i++) { + for (size_t i = 0; i < end; i++) { if (entries[i].ssrc == ssrc) { return entries[i].stream; } @@ -4947,7 +5028,7 @@ srtp_stream_t srtp_stream_list_get(srtp_stream_list_t list, uint32_t ssrc) } void srtp_stream_list_for_each(srtp_stream_list_t list, - int (*callback)(srtp_stream_t, void *), + bool (*callback)(srtp_stream_t, void *), void *data) { list_entry *entries = list->entries; @@ -4960,8 +5041,8 @@ void srtp_stream_list_for_each(srtp_stream_list_t list, * callback. * Ie: in case the callback calls srtp_stream_list_remove(). */ - for (unsigned int i = 0; i < list->size - list->available;) { - if (callback(entries[i].stream, data)) { + for (size_t i = 0; i < list->size - list->available;) { + if (!callback(entries[i].stream, data)) { break; } diff --git a/test/cutest.h b/test/cutest.h index 94e1087e6..d6ec1b8c1 100644 --- a/test/cutest.h +++ b/test/cutest.h @@ -223,8 +223,9 @@ static size_t test_print_in_color__(int color, const char *fmt, ...) attr = 0; break; } - if (attr != 0) + if (attr != 0) { SetConsoleTextAttribute(h, attr); + } n = printf("%s", buffer); SetConsoleTextAttribute(h, info.wAttributes); return n; @@ -263,8 +264,9 @@ int test_check__(int cond, const char *file, int line, const char *fmt, ...) printf(" "); - if (file != NULL) + if (file != NULL) { printf("%s:%d: Check ", file, line); + } va_start(args, fmt); vprintf(fmt, args); @@ -284,8 +286,9 @@ static void test_list_names__(void) const struct test__ *test; printf("Unit tests:\n"); - for (test = &test_list__[0]; test->func != NULL; test++) + for (test = &test_list__[0]; test->func != NULL; test++) { printf(" %s\n", test->name); + } } static const struct test__ *test_by_name__(const char *name) @@ -293,8 +296,9 @@ static const struct test__ *test_by_name__(const char *name) const struct test__ *test; for (test = &test_list__[0]; test->func != NULL; test++) { - if (strcmp(test->name, name) == 0) + if (strcmp(test->name, name) == 0) { return test; + } } return NULL; @@ -318,8 +322,9 @@ static int test_do_run__(const struct test__ *test) n = test_print_in_color__(CUTEST_COLOR_DEFAULT_INTENSIVE__, "Test %s... ", test->name); memset(spaces, ' ', sizeof(spaces)); - if (n < sizeof(spaces)) + if (n < sizeof(spaces)) { printf("%.*s", (int)(sizeof(spaces) - n), spaces); + } } else { test_current_already_logged__ = 1; } @@ -337,10 +342,11 @@ static int test_do_run__(const struct test__ *test) #ifdef __cplusplus } catch (std::exception &e) { const char *what = e.what(); - if (what != NULL) + if (what != NULL) { test_check__(0, NULL, 0, "Threw std::exception: %s", what); - else + } else { test_check__(0, NULL, 0, "Threw std::exception"); + } } catch (...) { test_check__(0, NULL, 0, "Threw an exception"); } @@ -380,8 +386,9 @@ static void test_error__(const char *fmt, ...) { va_list args; - if (test_verbose_level__ == 0) + if (test_verbose_level__ == 0) { return; + } if (test_verbose_level__ <= 2 && !test_current_already_logged__ && test_current_unit__ != NULL) { @@ -520,8 +527,9 @@ static void test_run__(const struct test__ *test) test_current_unit__ = NULL; test_stat_run_units__++; - if (failed) + if (failed) { test_stat_failed_units__++; + } } #if defined(CUTEST_WIN__) @@ -646,18 +654,21 @@ int main(int argc, char **argv) /* Count all test units */ test_count__ = 0; - for (i = 0; test_list__[i].func != NULL; i++) + for (i = 0; test_list__[i].func != NULL; i++) { test_count__++; + } /* Run the tests */ if (n == 0) { /* Run all tests */ - for (i = 0; test_list__[i].func != NULL; i++) + for (i = 0; test_list__[i].func != NULL; i++) { test_run__(&test_list__[i]); + } } else if (!test_skip_mode__) { /* Run the listed tests */ - for (i = 0; i < n; i++) + for (i = 0; i < n; i++) { test_run__(tests[i]); + } } else { /* Run all tests except those listed */ for (i = 0; test_list__[i].func != NULL; i++) { @@ -668,8 +679,9 @@ int main(int argc, char **argv) break; } } - if (!want_skip) + if (!want_skip) { test_run__(&test_list__[i]); + } } } @@ -698,8 +710,9 @@ int main(int argc, char **argv) } } - if (tests != NULL) + if (tests != NULL) { free((void *)tests); + } return (test_stat_failed_units__ == 0) ? 0 : 1; } diff --git a/test/getopt_s.c b/test/getopt_s.c index e0bd7f77e..a5af6a3c7 100644 --- a/test/getopt_s.c +++ b/test/getopt_s.c @@ -54,7 +54,7 @@ char *optarg_s; static int getopt_check_character(char c, const char *string) { - unsigned int max_string_len = 128; + size_t max_string_len = 128; while (*string != 0) { if (max_string_len == 0) { @@ -81,11 +81,13 @@ int getopt_s(int argc, char *const argv[], const char *optstring) optind_s++; string = argv[optind_s]; - if (string == NULL) + if (string == NULL) { return '?'; /* NULL argument string */ + } - if (string[0] != '-') + if (string[0] != '-') { return -1; /* found an unexpected character */ + } switch (getopt_check_character(string[1], optstring)) { case GETOPT_FOUND_WITH_ARGUMENT: diff --git a/test/rdbx_driver.c b/test/rdbx_driver.c index 2cb676f0f..2a19ed554 100644 --- a/test/rdbx_driver.c +++ b/test/rdbx_driver.c @@ -58,9 +58,9 @@ #include "ut_sim.h" -srtp_err_status_t test_replay_dbx(int num_trials, unsigned long ws); +srtp_err_status_t test_replay_dbx(size_t num_trials, size_t ws); -double rdbx_check_adds_per_second(int num_trials, unsigned long ws); +double rdbx_check_adds_per_second(size_t num_trials, size_t ws); void usage(char *prog_name) { @@ -73,20 +73,21 @@ int main(int argc, char *argv[]) double rate; srtp_err_status_t status; int q; - unsigned do_timing_test = 0; - unsigned do_validation = 0; + bool do_timing_test = false; + bool do_validation = false; /* process input arguments */ while (1) { q = getopt_s(argc, argv, "tv"); - if (q == -1) + if (q == -1) { break; + } switch (q) { case 't': - do_timing_test = 1; + do_timing_test = true; break; case 'v': - do_validation = 1; + do_validation = true; break; default: usage(argv[0]); @@ -97,8 +98,9 @@ int main(int argc, char *argv[]) "David A. McGrew\n" "Cisco Systems, Inc.\n"); - if (!do_validation && !do_timing_test) + if (!do_validation && !do_timing_test) { usage(argv[0]); + } if (do_validation) { printf("testing srtp_rdbx_t (ws=128)...\n"); @@ -140,7 +142,7 @@ int main(int argc, char *argv[]) srtp_err_status_t rdbx_check_add(srtp_rdbx_t *rdbx, uint32_t idx) { - int delta; + ssize_t delta; srtp_xtd_seq_num_t est; delta = srtp_index_guess(&rdbx->index, &est, (srtp_sequence_number_t)idx); @@ -172,7 +174,7 @@ srtp_err_status_t rdbx_check_add(srtp_rdbx_t *rdbx, uint32_t idx) srtp_err_status_t rdbx_check_expect_failure(srtp_rdbx_t *rdbx, uint32_t idx) { - int delta; + ssize_t delta; srtp_xtd_seq_num_t est; srtp_err_status_t status; @@ -180,7 +182,7 @@ srtp_err_status_t rdbx_check_expect_failure(srtp_rdbx_t *rdbx, uint32_t idx) status = srtp_rdbx_check(rdbx, delta); if (status == srtp_err_status_ok) { - printf("delta: %d ", delta); + printf("delta: %zd ", delta); printf("replay_check failed at index %u (false positive)\n", idx); return srtp_err_status_algo_fail; } @@ -190,7 +192,7 @@ srtp_err_status_t rdbx_check_expect_failure(srtp_rdbx_t *rdbx, uint32_t idx) srtp_err_status_t rdbx_check_add_unordered(srtp_rdbx_t *rdbx, uint32_t idx) { - int delta; + ssize_t delta; srtp_xtd_seq_num_t est; srtp_err_status_t rstat; @@ -213,13 +215,13 @@ srtp_err_status_t rdbx_check_add_unordered(srtp_rdbx_t *rdbx, uint32_t idx) return srtp_err_status_ok; } -srtp_err_status_t test_replay_dbx(int num_trials, unsigned long ws) +srtp_err_status_t test_replay_dbx(size_t num_trials, size_t ws) { srtp_rdbx_t rdbx; - uint32_t idx, ircvd; + uint32_t ircvd = 0; ut_connection utc; srtp_err_status_t status; - int num_fp_trials; + size_t num_fp_trials; status = srtp_rdbx_init(&rdbx, ws); if (status) { @@ -231,10 +233,11 @@ srtp_err_status_t test_replay_dbx(int num_trials, unsigned long ws) * test sequential insertion */ printf("\ttesting sequential insertion..."); - for (idx = 0; (int)idx < num_trials; idx++) { + for (size_t idx = 0; idx < num_trials; idx++) { status = rdbx_check_add(&rdbx, idx); - if (status) + if (status) { return status; + } } printf("passed\n"); @@ -250,10 +253,11 @@ srtp_err_status_t test_replay_dbx(int num_trials, unsigned long ws) printf("warning: no false positive tests performed\n"); } printf("\ttesting for false positives..."); - for (idx = 0; (int)idx < num_fp_trials; idx++) { + for (size_t idx = 0; idx < num_fp_trials; idx++) { status = rdbx_check_expect_failure(&rdbx, idx); - if (status) + if (status) { return status; + } } printf("passed\n"); @@ -274,14 +278,16 @@ srtp_err_status_t test_replay_dbx(int num_trials, unsigned long ws) ut_init(&utc); printf("\ttesting non-sequential insertion..."); - for (idx = 0; (int)idx < num_trials; idx++) { + for (size_t idx = 0; idx < num_trials; idx++) { ircvd = ut_next_index(&utc); status = rdbx_check_add_unordered(&rdbx, ircvd); - if (status) + if (status) { return status; + } status = rdbx_check_expect_failure(&rdbx, ircvd); - if (status) + if (status) { return status; + } } printf("passed\n"); @@ -298,14 +304,17 @@ srtp_err_status_t test_replay_dbx(int num_trials, unsigned long ws) * check for false positives for each insertion. */ printf("\ttesting insertion with large gaps..."); - for (idx = 0, ircvd = 0; (int)idx < num_trials; + ircvd = 0; + for (size_t idx = 0; idx < num_trials; idx++, ircvd += (1 << (srtp_cipher_rand_u32_for_tests() % 12))) { status = rdbx_check_add(&rdbx, ircvd); - if (status) + if (status) { return status; + } status = rdbx_check_expect_failure(&rdbx, ircvd); - if (status) + if (status) { return status; + } } printf("passed\n"); @@ -316,36 +325,35 @@ srtp_err_status_t test_replay_dbx(int num_trials, unsigned long ws) #include /* for clock() */ -double rdbx_check_adds_per_second(int num_trials, unsigned long ws) +double rdbx_check_adds_per_second(size_t num_trials, size_t ws) { - uint32_t i; - int delta; + ssize_t delta; srtp_rdbx_t rdbx; srtp_xtd_seq_num_t est; clock_t timer; - int failures; /* count number of failures */ + size_t failures = 0; /* count number of failures */ if (srtp_rdbx_init(&rdbx, ws) != srtp_err_status_ok) { printf("replay_init failed\n"); exit(1); } - failures = 0; timer = clock(); - for (i = 0; (int)i < num_trials; i++) { + for (size_t i = 0; i < num_trials; i++) { delta = srtp_index_guess(&rdbx.index, &est, (srtp_sequence_number_t)i); - if (srtp_rdbx_check(&rdbx, delta) != srtp_err_status_ok) + if (srtp_rdbx_check(&rdbx, delta) != srtp_err_status_ok) { ++failures; - else if (srtp_rdbx_add_index(&rdbx, delta) != srtp_err_status_ok) + } else if (srtp_rdbx_add_index(&rdbx, delta) != srtp_err_status_ok) { ++failures; + } } timer = clock() - timer; if (timer < 1) { timer = 1; } - printf("number of failures: %d \n", failures); + printf("number of failures: %zd \n", failures); srtp_rdbx_dealloc(&rdbx); diff --git a/test/replay_driver.c b/test/replay_driver.c index 45aec02f2..689dd793b 100644 --- a/test/replay_driver.c +++ b/test/replay_driver.c @@ -59,7 +59,7 @@ * validation functions below */ -unsigned num_trials = 1 << 16; +size_t num_trials = 1 << 16; srtp_err_status_t test_rdb_db(void); @@ -135,7 +135,7 @@ srtp_err_status_t rdb_check_add_unordered(srtp_rdb_t *rdb, uint32_t idx) srtp_err_status_t test_rdb_db(void) { srtp_rdb_t rdb; - uint32_t idx, ircvd; + uint32_t ircvd; ut_connection utc; srtp_err_status_t err; @@ -145,17 +145,19 @@ srtp_err_status_t test_rdb_db(void) } /* test sequential insertion */ - for (idx = 0; idx < num_trials; idx++) { + for (size_t idx = 0; idx < num_trials; idx++) { err = rdb_check_add(&rdb, idx); - if (err) + if (err) { return err; + } } /* test for false positives */ - for (idx = 0; idx < num_trials; idx++) { + for (size_t idx = 0; idx < num_trials; idx++) { err = rdb_check_expect_failure(&rdb, idx); - if (err) + if (err) { return err; + } } /* re-initialize */ @@ -167,14 +169,16 @@ srtp_err_status_t test_rdb_db(void) /* test non-sequential insertion */ ut_init(&utc); - for (idx = 0; idx < num_trials; idx++) { + for (size_t idx = 0; idx < num_trials; idx++) { ircvd = ut_next_index(&utc); err = rdb_check_add_unordered(&rdb, ircvd); - if (err) + if (err) { return err; + } err = rdb_check_expect_failure(&rdb, ircvd); - if (err) + if (err) { return err; + } } /* re-initialize */ @@ -184,14 +188,17 @@ srtp_err_status_t test_rdb_db(void) } /* test insertion with large gaps */ - for (idx = 0, ircvd = 0; idx < num_trials; + ircvd = 0; + for (size_t idx = 0; idx < num_trials; idx++, ircvd += (1 << (srtp_cipher_rand_u32_for_tests() % 10))) { err = rdb_check_add(&rdb, ircvd); - if (err) + if (err) { return err; + } err = rdb_check_expect_failure(&rdb, ircvd); - if (err) + if (err) { return err; + } } /* re-initialize */ @@ -201,17 +208,19 @@ srtp_err_status_t test_rdb_db(void) } /* test loss of first 513 packets */ - for (idx = 0; idx < num_trials; idx++) { + for (size_t idx = 0; idx < num_trials; idx++) { err = rdb_check_add(&rdb, idx + 513); - if (err) + if (err) { return err; + } } /* test for false positives */ - for (idx = 0; idx < num_trials + 513; idx++) { + for (size_t idx = 0; idx < num_trials + 513; idx++) { err = rdb_check_expect_failure(&rdb, idx); - if (err) + if (err) { return err; + } } /* test for key expired */ @@ -248,7 +257,6 @@ srtp_err_status_t test_rdb_db(void) double rdb_check_adds_per_second(void) { - uint32_t i; srtp_rdb_t rdb; clock_t timer; @@ -258,7 +266,7 @@ double rdb_check_adds_per_second(void) } timer = clock(); - for (i = 0; i < REPLAY_NUM_TRIALS; i += 3) { + for (uint32_t i = 0; i < REPLAY_NUM_TRIALS; i += 3) { srtp_rdb_check(&rdb, i + 2); srtp_rdb_add_index(&rdb, i + 2); srtp_rdb_check(&rdb, i + 1); diff --git a/test/roc_driver.c b/test/roc_driver.c index 11d1bbb0c..466a95628 100644 --- a/test/roc_driver.c +++ b/test/roc_driver.c @@ -60,7 +60,7 @@ #include "rdbx.h" #include "ut_sim.h" -srtp_err_status_t roc_test(int num_trials); +srtp_err_status_t roc_test(size_t num_trials); int main(void) { @@ -82,12 +82,12 @@ int main(void) #define ROC_VERBOSE 0 -srtp_err_status_t roc_test(int num_trials) +srtp_err_status_t roc_test(size_t num_trials) { srtp_xtd_seq_num_t local, est, ref; ut_connection utc; - int i, num_bad_est = 0; - int delta; + size_t num_bad_est = 0; + ssize_t delta; uint32_t ircvd; double failure_rate; @@ -96,7 +96,7 @@ srtp_err_status_t roc_test(int num_trials) srtp_index_init(&est); printf("\n\ttesting sequential insertion..."); - for (i = 0; i < 2048; i++) { + for (size_t i = 0; i < 2048; i++) { srtp_index_guess(&local, &est, (uint16_t)ref); #if ROC_VERBOSE printf("%lld, %lld, %d\n", ref, est, i); @@ -111,8 +111,9 @@ srtp_err_status_t roc_test(int num_trials) } failure_rate = (double)num_bad_est / num_trials; if (failure_rate > 0.01) { - printf("error: failure rate too high (%d bad estimates in %d trials)\n", - num_bad_est, num_trials); + printf( + "error: failure rate too high (%zd bad estimates in %zd trials)\n", + num_bad_est, num_trials); return srtp_err_status_algo_fail; } printf("done\n"); @@ -123,7 +124,7 @@ srtp_err_status_t roc_test(int num_trials) srtp_index_init(&est); ut_init(&utc); - for (i = 0; i < num_trials; i++) { + for (size_t i = 0; i < num_trials; i++) { /* get next seq num from unreliable transport simulator */ ircvd = ut_next_index(&utc); @@ -138,14 +139,15 @@ srtp_err_status_t roc_test(int num_trials) #endif if (local + delta != est) { - printf(" *bad delta*: local %llu + delta %d != est %llu\n", + printf(" *bad delta*: local %llu + delta %zd != est %llu\n", (unsigned long long)local, delta, (unsigned long long)est); return srtp_err_status_algo_fail; } /* now update local srtp_xtd_seq_num_t as necessary */ - if (delta > 0) + if (delta > 0) { srtp_index_advance(&local, (srtp_sequence_number_t)delta); + } if (ref != est) { #if ROC_VERBOSE @@ -160,8 +162,9 @@ srtp_err_status_t roc_test(int num_trials) } failure_rate = (double)num_bad_est / num_trials; if (failure_rate > 0.01) { - printf("error: failure rate too high (%d bad estimates in %d trials)\n", - num_bad_est, num_trials); + printf( + "error: failure rate too high (%zd bad estimates in %zd trials)\n", + num_bad_est, num_trials); return srtp_err_status_algo_fail; } printf("done\n"); diff --git a/test/rtp.c b/test/rtp.c index 487cf95fe..4c8ca571a 100644 --- a/test/rtp.c +++ b/test/rtp.c @@ -145,10 +145,10 @@ ssize_t rtp_recvfrom(rtp_receiver_t receiver, void *msg, size_t *len) return octets_recvd; } -int rtp_sender_init(rtp_sender_t sender, - int sock, - struct sockaddr_in addr, - uint32_t ssrc) +srtp_err_status_t rtp_sender_init(rtp_sender_t sender, + int sock, + struct sockaddr_in addr, + uint32_t ssrc) { /* set header values */ sender->message.header.ssrc = htonl(ssrc); @@ -165,13 +165,13 @@ int rtp_sender_init(rtp_sender_t sender, sender->socket = sock; sender->addr = addr; - return 0; + return srtp_err_status_ok; } -int rtp_receiver_init(rtp_receiver_t rcvr, - int sock, - struct sockaddr_in addr, - uint32_t ssrc) +srtp_err_status_t rtp_receiver_init(rtp_receiver_t rcvr, + int sock, + struct sockaddr_in addr, + uint32_t ssrc) { /* set header values */ rcvr->message.header.ssrc = htonl(ssrc); @@ -188,25 +188,27 @@ int rtp_receiver_init(rtp_receiver_t rcvr, rcvr->socket = sock; rcvr->addr = addr; - return 0; + return srtp_err_status_ok; } -int rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy) +srtp_err_status_t rtp_sender_init_srtp(rtp_sender_t sender, + const srtp_policy_t *policy) { return srtp_create(&sender->srtp_ctx, policy); } -int rtp_sender_deinit_srtp(rtp_sender_t sender) +srtp_err_status_t rtp_sender_deinit_srtp(rtp_sender_t sender) { return srtp_dealloc(sender->srtp_ctx); } -int rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy) +srtp_err_status_t rtp_receiver_init_srtp(rtp_receiver_t sender, + const srtp_policy_t *policy) { return srtp_create(&sender->srtp_ctx, policy); } -int rtp_receiver_deinit_srtp(rtp_receiver_t sender) +srtp_err_status_t rtp_receiver_deinit_srtp(rtp_receiver_t sender) { return srtp_dealloc(sender->srtp_ctx); } diff --git a/test/rtp.h b/test/rtp.h index bc670e41b..4de87da63 100644 --- a/test/rtp.h +++ b/test/rtp.h @@ -104,23 +104,25 @@ ssize_t rtp_sendto(rtp_sender_t sender, const void *msg, size_t len); ssize_t rtp_recvfrom(rtp_receiver_t receiver, void *msg, size_t *len); -int rtp_receiver_init(rtp_receiver_t rcvr, - int sock, - struct sockaddr_in addr, - uint32_t ssrc); +srtp_err_status_t rtp_receiver_init(rtp_receiver_t rcvr, + int sock, + struct sockaddr_in addr, + uint32_t ssrc); -int rtp_sender_init(rtp_sender_t sender, - int sock, - struct sockaddr_in addr, - uint32_t ssrc); +srtp_err_status_t rtp_sender_init(rtp_sender_t sender, + int sock, + struct sockaddr_in addr, + uint32_t ssrc); -int rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy); +srtp_err_status_t rtp_sender_init_srtp(rtp_sender_t sender, + const srtp_policy_t *policy); -int rtp_sender_deinit_srtp(rtp_sender_t sender); +srtp_err_status_t rtp_sender_deinit_srtp(rtp_sender_t sender); -int rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy); +srtp_err_status_t rtp_receiver_init_srtp(rtp_receiver_t sender, + const srtp_policy_t *policy); -int rtp_receiver_deinit_srtp(rtp_receiver_t sender); +srtp_err_status_t rtp_receiver_deinit_srtp(rtp_receiver_t sender); rtp_sender_t rtp_sender_alloc(void); diff --git a/test/rtp_decoder.c b/test/rtp_decoder.c index f9ab24d24..2c2810dac 100644 --- a/test/rtp_decoder.c +++ b/test/rtp_decoder.c @@ -87,45 +87,45 @@ struct srtp_crypto_suite { const char *can_name; - int gcm_on; - int key_size; - int tag_size; + bool gcm_on; + size_t key_size; + size_t tag_size; }; static struct srtp_crypto_suite srtp_crypto_suites[] = { #if 0 - {.can_name = "F8_128_HMAC_SHA1_32", .gcm_on = 0, .key_size = 128, .tag_size = 4}, + {.can_name = "F8_128_HMAC_SHA1_32", .gcm_on = false, .key_size = 128, .tag_size = 4}, #endif { .can_name = "AES_CM_128_HMAC_SHA1_32", - .gcm_on = 0, + .gcm_on = false, .key_size = 128, .tag_size = 4 }, { .can_name = "AES_CM_128_HMAC_SHA1_80", - .gcm_on = 0, + .gcm_on = false, .key_size = 128, .tag_size = 10 }, { .can_name = "AES_192_CM_HMAC_SHA1_32", - .gcm_on = 0, + .gcm_on = false, .key_size = 192, .tag_size = 4 }, { .can_name = "AES_192_CM_HMAC_SHA1_80", - .gcm_on = 0, + .gcm_on = false, .key_size = 192, .tag_size = 10 }, { .can_name = "AES_256_CM_HMAC_SHA1_32", - .gcm_on = 0, + .gcm_on = false, .key_size = 256, .tag_size = 4 }, { .can_name = "AES_256_CM_HMAC_SHA1_80", - .gcm_on = 0, + .gcm_on = false, .key_size = 256, .tag_size = 10 }, { .can_name = "AEAD_AES_128_GCM", - .gcm_on = 1, + .gcm_on = true, .key_size = 128, .tag_size = 16 }, { .can_name = "AEAD_AES_256_GCM", - .gcm_on = 1, + .gcm_on = true, .key_size = 256, .tag_size = 16 }, { .can_name = NULL } @@ -167,7 +167,7 @@ int main(int argc, char *argv[]) struct srtp_crypto_suite scs, *i_scsp; scs.key_size = 128; scs.tag_size = 0; - int gcm_on = 0; + bool gcm_on = false; char *input_key = NULL; int b64_input = 0; uint8_t key[MAX_KEY_LEN]; @@ -220,10 +220,10 @@ int main(int argc, char *argv[]) scs.key_size = atoi(optarg_s); if (scs.key_size != 128 && scs.key_size != 192 && scs.key_size != 256) { - fprintf( - stderr, - "error: encryption key size must be 128, 192 or 256 (%d)\n", - scs.key_size); + fprintf(stderr, + "error: encryption key size must be 128, 192 or 256 " + "(%zu)\n", + scs.key_size); exit(1); } input_key = malloc(scs.key_size); @@ -236,11 +236,11 @@ int main(int argc, char *argv[]) sec_servs |= sec_serv_auth; break; case 'g': - gcm_on = 1; + gcm_on = true; sec_servs |= sec_serv_auth; break; case 'd': - status = srtp_set_debug_module(optarg_s, 1); + status = srtp_set_debug_module(optarg_s, true); if (status) { fprintf(stderr, "error: set debug module (%s) failed\n", optarg_s); @@ -321,13 +321,13 @@ int main(int argc, char *argv[]) } if (gcm_on && scs.tag_size != 8 && scs.tag_size != 16) { - fprintf(stderr, "error: GCM tag size must be 8 or 16 (%d)\n", + fprintf(stderr, "error: GCM tag size must be 8 or 16 (%zu)\n", scs.tag_size); exit(1); } if (!gcm_on && scs.tag_size != 4 && scs.tag_size != 10) { - fprintf(stderr, "error: non GCM tag size must be 4 or 10 (%d)\n", + fprintf(stderr, "error: non GCM tag size must be 4 or 10 (%zu)\n", scs.tag_size); exit(1); } @@ -358,12 +358,15 @@ int main(int argc, char *argv[]) /* report security services selected on the command line */ fprintf(stderr, "security services: "); - if (sec_servs & sec_serv_conf) + if (sec_servs & sec_serv_conf) { fprintf(stderr, "confidentiality "); - if (sec_servs & sec_serv_auth) + } + if (sec_servs & sec_serv_auth) { fprintf(stderr, "message authentication"); - if (sec_servs == sec_serv_none) + } + if (sec_servs == sec_serv_none) { fprintf(stderr, "none"); + } fprintf(stderr, "\n"); /* set up the srtp policy and master key */ @@ -527,11 +530,11 @@ int main(int argc, char *argv[]) policy.rtp.sec_serv = sec_servs; policy.rtcp.sec_serv = sec_servs; // sec_serv_none; /* we don't do RTCP anyway */ - fprintf(stderr, "setting tag len %d\n", scs.tag_size); + fprintf(stderr, "setting tag len %zu\n", scs.tag_size); policy.rtp.auth_tag_len = scs.tag_size; if (gcm_on && scs.tag_size != 8) { - fprintf(stderr, "set tag len %d\n", scs.tag_size); + fprintf(stderr, "set tag len %zu\n", scs.tag_size); policy.rtp.auth_tag_len = scs.tag_size; } @@ -559,13 +562,13 @@ int main(int argc, char *argv[]) if (strlen(input_key) > policy.rtp.cipher_key_len * 2) { fprintf(stderr, "error: too many digits in key/salt " - "(should be %zu hexadecimal digits, found %u)\n", - policy.rtp.cipher_key_len * 2, (unsigned)strlen(input_key)); + "(should be %zu hexadecimal digits, found %zu)\n", + policy.rtp.cipher_key_len * 2, strlen(input_key)); exit(1); } - int key_octets = (scs.key_size / 8); - int salt_octets = policy.rtp.cipher_key_len - key_octets; + size_t key_octets = (scs.key_size / 8); + size_t salt_octets = policy.rtp.cipher_key_len - key_octets; fprintf(stderr, "set master key/salt to %s/", octet_string_hex_string(key, key_octets)); fprintf(stderr, "%s\n", @@ -615,12 +618,12 @@ int main(int argc, char *argv[]) pcap_loop(pcap_handle, 0, rtp_decoder_handle_pkt, (u_char *)dec); if (dec->mode == mode_rtp || dec->mode == mode_rtcp_mux) { - fprintf(stderr, "RTP packets decoded: %d\n", dec->rtp_cnt); + fprintf(stderr, "RTP packets decoded: %zu\n", dec->rtp_cnt); } if (dec->mode == mode_rtcp || dec->mode == mode_rtcp_mux) { - fprintf(stderr, "RTCP packets decoded: %d\n", dec->rtcp_cnt); + fprintf(stderr, "RTCP packets decoded: %zu\n", dec->rtcp_cnt); } - fprintf(stderr, "Packet decode errors: %d\n", dec->error_cnt); + fprintf(stderr, "Packet decode errors: %zu\n", dec->error_cnt); rtp_decoder_deinit(dec); rtp_decoder_dealloc(dec); @@ -674,19 +677,19 @@ void rtp_decoder_dealloc(rtp_decoder_t rtp_ctx) free(rtp_ctx); } -int rtp_decoder_deinit(rtp_decoder_t decoder) +srtp_err_status_t rtp_decoder_deinit(rtp_decoder_t decoder) { if (decoder->srtp_ctx) { return srtp_dealloc(decoder->srtp_ctx); } - return 0; + return srtp_err_status_ok; } -int rtp_decoder_init(rtp_decoder_t dcdr, - srtp_policy_t policy, - rtp_decoder_mode_t mode, - size_t rtp_packet_offset, - uint32_t roc) +srtp_err_status_t rtp_decoder_init(rtp_decoder_t dcdr, + srtp_policy_t policy, + rtp_decoder_mode_t mode, + size_t rtp_packet_offset, + uint32_t roc) { dcdr->rtp_offset = rtp_packet_offset; dcdr->srtp_ctx = NULL; @@ -699,16 +702,18 @@ int rtp_decoder_init(rtp_decoder_t dcdr, dcdr->mode = mode; dcdr->policy = policy; - if (srtp_create(&dcdr->srtp_ctx, &dcdr->policy)) { - return 1; + srtp_err_status_t result = srtp_create(&dcdr->srtp_ctx, &dcdr->policy); + if (result != srtp_err_status_ok) { + return result; } if (policy.ssrc.type == ssrc_specific && roc != 0) { - if (srtp_stream_set_roc(dcdr->srtp_ctx, policy.ssrc.value, roc)) { - return 1; + result = srtp_stream_set_roc(dcdr->srtp_ctx, policy.ssrc.value, roc); + if (result != srtp_err_status_ok) { + return result; } } - return 0; + return srtp_err_status_ok; } /* @@ -721,7 +726,7 @@ void hexdump(const void *ptr, size_t size) const unsigned char *cptr = ptr; for (i = 0; i < size; i += 16) { - fprintf(stdout, "%04x ", (unsigned int)i); + fprintf(stdout, "%04zx ", i); for (j = 0; j < 16 && i + j < size; j++) { fprintf(stdout, "%02x ", cptr[i + j]); } @@ -735,8 +740,8 @@ void rtp_decoder_handle_pkt(u_char *arg, { rtp_decoder_t dcdr = (rtp_decoder_t)arg; rtp_msg_t message; - int rtp; - int pktsize; + bool rtp; + ssize_t pktsize; struct timeval delta; size_t octets_recvd; srtp_err_status_t status; @@ -761,11 +766,11 @@ void rtp_decoder_handle_pkt(u_char *arg, octets_recvd = pktsize; if (dcdr->mode == mode_rtp) { - rtp = 1; + rtp = true; } else if (dcdr->mode == mode_rtcp) { - rtp = 0; + rtp = false; } else { - rtp = 1; + rtp = true; if (octets_recvd >= 2) { /* rfc5761 */ u_char payload_type = *(bytes + dcdr->rtp_offset + 1) & 0x7f; diff --git a/test/rtp_decoder.h b/test/rtp_decoder.h index fd63bac96..7c0b6b8ee 100644 --- a/test/rtp_decoder.h +++ b/test/rtp_decoder.h @@ -64,10 +64,10 @@ typedef struct rtp_decoder_ctx_t { rtp_decoder_mode_t mode; size_t rtp_offset; struct timeval start_tv; - int frame_nr; - int error_cnt; - int rtp_cnt; - int rtcp_cnt; + ssize_t frame_nr; + size_t error_cnt; + size_t rtp_cnt; + size_t rtcp_cnt; } rtp_decoder_ctx_t; typedef struct rtp_decoder_ctx_t *rtp_decoder_t; @@ -99,13 +99,13 @@ rtp_decoder_t rtp_decoder_alloc(void); void rtp_decoder_dealloc(rtp_decoder_t rtp_ctx); -int rtp_decoder_init(rtp_decoder_t dcdr, - srtp_policy_t policy, - rtp_decoder_mode_t mode, - size_t rtp_packet_offset, - uint32_t roc); +srtp_err_status_t rtp_decoder_init(rtp_decoder_t dcdr, + srtp_policy_t policy, + rtp_decoder_mode_t mode, + size_t rtp_packet_offset, + uint32_t roc); -int rtp_decoder_deinit(rtp_decoder_t decoder); +srtp_err_status_t rtp_decoder_deinit(rtp_decoder_t decoder); void rtp_decoder_srtp_log_handler(srtp_log_level_t level, const char *msg, diff --git a/test/rtpw.c b/test/rtpw.c index 414f0dd57..6e347de2b 100644 --- a/test/rtpw.c +++ b/test/rtpw.c @@ -151,18 +151,18 @@ int main(int argc, char *argv[]) int c; size_t key_size = 128; size_t tag_size = 8; - int gcm_on = 0; + bool gcm_on = false; char *input_key = NULL; - int b64_input = 0; + bool b64_input = false; char *address = NULL; uint8_t key[MAX_KEY_LEN]; - unsigned short port = 0; + uint16_t port = 0; rtp_sender_t snd; srtp_policy_t policy; srtp_err_status_t status; size_t len; size_t expected_len; - int do_list_mods = 0; + bool do_list_mods = false; uint32_t ssrc = 0xdeadbeef; /* ssrc value hardcoded for now */ #ifdef RTPW_USE_WINSOCK2 WORD wVersionRequested = MAKEWORD(2, 0); @@ -199,7 +199,7 @@ int main(int argc, char *argv[]) } switch (c) { case 'b': - b64_input = 1; + b64_input = true; /* fall thru */ case 'k': input_key = optarg_s; @@ -224,7 +224,7 @@ int main(int argc, char *argv[]) sec_servs |= sec_serv_auth; break; case 'g': - gcm_on = 1; + gcm_on = true; sec_servs |= sec_serv_auth; break; case 'r': @@ -234,14 +234,14 @@ int main(int argc, char *argv[]) prog_type = sender; break; case 'd': - status = srtp_set_debug_module(optarg_s, 1); + status = srtp_set_debug_module(optarg_s, true); if (status) { printf("error: set debug module (%s) failed\n", optarg_s); exit(1); } break; case 'l': - do_list_mods = 1; + do_list_mods = true; break; case 'w': dictfile = optarg_s; @@ -357,12 +357,15 @@ int main(int argc, char *argv[]) /* report security services selected on the command line */ printf("security services: "); - if (sec_servs & sec_serv_conf) + if (sec_servs & sec_serv_conf) { printf("confidentiality "); - if (sec_servs & sec_serv_auth) + } + if (sec_servs & sec_serv_auth) { printf("message authentication"); - if (sec_servs == sec_serv_none) + } + if (sec_servs == sec_serv_none) { printf("none"); + } printf("\n"); /* set up the srtp policy and master key */ @@ -562,9 +565,9 @@ int main(int argc, char *argv[]) while (!interrupted && fgets(word, MAX_WORD_LEN, dict) != NULL) { len = strlen(word) + 1; /* plus one for null */ - if (len > MAX_WORD_LEN) + if (len > MAX_WORD_LEN) { printf("error: word %s too large to send\n", word); - else { + } else { rtp_sendto(snd, word, len); printf("sending word: %s", word); } @@ -604,8 +607,9 @@ int main(int argc, char *argv[]) /* get next word and loop */ while (!interrupted) { len = MAX_WORD_LEN; - if (rtp_recvfrom(rcvr, word, &len) > -1) + if (rtp_recvfrom(rcvr, word, &len) > -1) { printf("\tword: %s\n", word); + } } rtp_receiver_deinit_srtp(rcvr); diff --git a/test/srtp_driver.c b/test/srtp_driver.c index a4a364816..b45831dfb 100644 --- a/test/srtp_driver.c +++ b/test/srtp_driver.c @@ -104,7 +104,7 @@ srtp_err_status_t srtp_test_set_sender_roc(void); double srtp_bits_per_second(size_t msg_len_octets, const srtp_policy_t *policy); -double srtp_rejections_per_second(int msg_len_octets, +double srtp_rejections_per_second(size_t msg_len_octets, const srtp_policy_t *policy); void srtp_do_timing(const srtp_policy_t *policy); @@ -113,9 +113,12 @@ void srtp_do_rejection_timing(const srtp_policy_t *policy); srtp_err_status_t srtp_test(const srtp_policy_t *policy, bool test_extension_headers, - int mki_index); + bool use_mki, + size_t mki_index); -srtp_err_status_t srtcp_test(const srtp_policy_t *policy, int mki_index); +srtp_err_status_t srtcp_test(const srtp_policy_t *policy, + bool use_mki, + size_t mki_index); srtp_err_status_t srtp_session_print_policy(srtp_t srtp); @@ -124,7 +127,7 @@ srtp_err_status_t srtp_print_policy(const srtp_policy_t *policy); char *srtp_packet_to_string(uint8_t *packet, size_t packet_len); char *srtp_rtcp_packet_to_string(uint8_t *packet, size_t pkt_octet_len); -double mips_estimate(int num_trials, int *ignore); +double mips_estimate(size_t num_trials, size_t *ignore); srtp_err_status_t srtp_stream_list_test(void); @@ -212,7 +215,7 @@ extern const srtp_policy_t wildcard_policy; */ srtp_debug_module_t mod_driver = { - 0, /* debugging is off by default */ + false, /* debugging is off by default */ "driver" /* printable name for module */ }; @@ -286,7 +289,7 @@ int main(int argc, char *argv[]) do_list_mods = true; break; case 'd': - status = srtp_set_debug_module(optarg_s, 1); + status = srtp_set_debug_module(optarg_s, true); if (status) { printf("error: set debug module (%s) failed\n", optarg_s); exit(1); @@ -326,7 +329,7 @@ int main(int argc, char *argv[]) /* loop over policy array, testing srtp and srtcp for each policy */ while (*policy != NULL) { printf("testing srtp_protect and srtp_unprotect\n"); - if (srtp_test(*policy, false, -1) == srtp_err_status_ok) { + if (srtp_test(*policy, false, false, 0) == srtp_err_status_ok) { printf("passed\n\n"); } else { printf("failed\n"); @@ -335,14 +338,14 @@ int main(int argc, char *argv[]) printf("testing srtp_protect and srtp_unprotect with encrypted " "extensions headers\n"); - if (srtp_test(*policy, true, -1) == srtp_err_status_ok) { + if (srtp_test(*policy, true, false, 0) == srtp_err_status_ok) { printf("passed\n\n"); } else { printf("failed\n"); exit(1); } printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp\n"); - if (srtcp_test(*policy, -1) == srtp_err_status_ok) { + if (srtcp_test(*policy, false, 0) == srtp_err_status_ok) { printf("passed\n\n"); } else { printf("failed\n"); @@ -350,7 +353,7 @@ int main(int argc, char *argv[]) } printf("testing srtp_protect_rtp and srtp_unprotect_rtp with MKI " "index set to 0\n"); - if (srtp_test(*policy, false, 0) == srtp_err_status_ok) { + if (srtp_test(*policy, false, true, 0) == srtp_err_status_ok) { printf("passed\n\n"); } else { printf("failed\n"); @@ -358,7 +361,7 @@ int main(int argc, char *argv[]) } printf("testing srtp_protect_rtp and srtp_unprotect_rtp with MKI " "index set to 1\n"); - if (srtp_test(*policy, false, 1) == srtp_err_status_ok) { + if (srtp_test(*policy, false, true, 1) == srtp_err_status_ok) { printf("passed\n\n"); } else { printf("failed\n"); @@ -367,7 +370,7 @@ int main(int argc, char *argv[]) printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp with MKI " "index set to 0\n"); - if (srtcp_test(*policy, 0) == srtp_err_status_ok) { + if (srtcp_test(*policy, true, 0) == srtp_err_status_ok) { printf("passed\n\n"); } else { printf("failed\n"); @@ -375,7 +378,7 @@ int main(int argc, char *argv[]) } printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp with MKI " "index set to 1\n"); - if (srtcp_test(*policy, 1) == srtp_err_status_ok) { + if (srtcp_test(*policy, true, 1) == srtp_err_status_ok) { printf("passed\n\n"); } else { printf("failed\n"); @@ -406,7 +409,7 @@ int main(int argc, char *argv[]) exit(1); } printf("testing srtp_protect and srtp_unprotect with big policy\n"); - if (srtp_test(big_policy, false, -1) == srtp_err_status_ok) { + if (srtp_test(big_policy, false, false, 0) == srtp_err_status_ok) { printf("passed\n\n"); } else { printf("failed\n"); @@ -414,7 +417,7 @@ int main(int argc, char *argv[]) } printf("testing srtp_protect and srtp_unprotect with big policy and " "encrypted extensions headers\n"); - if (srtp_test(big_policy, true, -1) == srtp_err_status_ok) { + if (srtp_test(big_policy, true, false, 0) == srtp_err_status_ok) { printf("passed\n\n"); } else { printf("failed\n"); @@ -429,7 +432,8 @@ int main(int argc, char *argv[]) /* run test on wildcard policy */ printf("testing srtp_protect and srtp_unprotect on " "wildcard ssrc policy\n"); - if (srtp_test(&wildcard_policy, false, -1) == srtp_err_status_ok) { + if (srtp_test(&wildcard_policy, false, false, 0) == + srtp_err_status_ok) { printf("passed\n\n"); } else { printf("failed\n"); @@ -437,7 +441,7 @@ int main(int argc, char *argv[]) } printf("testing srtp_protect and srtp_unprotect on " "wildcard ssrc policy and encrypted extensions headers\n"); - if (srtp_test(&wildcard_policy, true, -1) == srtp_err_status_ok) { + if (srtp_test(&wildcard_policy, true, false, 0) == srtp_err_status_ok) { printf("passed\n\n"); } else { printf("failed\n"); @@ -479,9 +483,10 @@ int main(int argc, char *argv[]) printf("testing srtp_protect and srtp_unprotect against " "reference packet with encrypted extensions headers\n"); - if (srtp_validate_encrypted_extensions_headers() == srtp_err_status_ok) + if (srtp_validate_encrypted_extensions_headers() == + srtp_err_status_ok) { printf("passed\n\n"); - else { + } else { printf("failed\n"); exit(1); } @@ -642,7 +647,7 @@ int main(int argc, char *argv[]) if (do_codec_timing) { srtp_policy_t policy; - int ignore; + size_t ignore; double mips_value = mips_estimate(1000000000, &ignore); memset(&policy, 0, sizeof(policy)); @@ -840,8 +845,9 @@ uint8_t *srtp_create_test_packet_ext_hdr(size_t pkt_octet_len, hdr = (srtp_hdr_t *)malloc(pkt_octet_len + bytes_in_hdr + sizeof(extension_header) + SRTP_MAX_TRAILER_LEN + 4); - if (!hdr) + if (!hdr) { return NULL; + } hdr->version = 2; /* RTP version two */ hdr->p = 0; /* no padding needed */ @@ -860,12 +866,14 @@ uint8_t *srtp_create_test_packet_ext_hdr(size_t pkt_octet_len, buffer += sizeof(extension_header); /* set RTP data to 0xab */ - for (i = 0; i < pkt_octet_len; i++) + for (i = 0; i < pkt_octet_len; i++) { *buffer++ = 0xab; + } /* set post-data value to 0xffff to enable overrun checking */ - for (i = 0; i < SRTP_MAX_TRAILER_LEN + 4; i++) + for (i = 0; i < SRTP_MAX_TRAILER_LEN + 4; i++) { *buffer++ = 0xff; + } *pkt_len = bytes_in_hdr + sizeof(extension_header) + pkt_octet_len; @@ -921,9 +929,8 @@ double srtp_bits_per_second(size_t msg_len_octets, const srtp_policy_t *policy) { srtp_t srtp; uint8_t *mesg; - int i; clock_t timer; - int num_trials = 100000; + size_t num_trials = 100000; size_t input_len, len; uint32_t ssrc; srtp_err_status_t status; @@ -954,7 +961,7 @@ double srtp_bits_per_second(size_t msg_len_octets, const srtp_policy_t *policy) return 0.0; /* indicate failure by returning zero */ } timer = clock(); - for (i = 0; i < num_trials; i++) { + for (size_t i = 0; i < num_trials; i++) { len = input_len; /* srtp protect message */ status = srtp_protect(srtp, mesg, &len); @@ -982,18 +989,17 @@ double srtp_bits_per_second(size_t msg_len_octets, const srtp_policy_t *policy) exit(1); } - return (double)(msg_len_octets)*8 * num_trials * CLOCKS_PER_SEC / timer; + return msg_len_octets * 8.0 * num_trials * CLOCKS_PER_SEC / timer; } -double srtp_rejections_per_second(int msg_len_octets, +double srtp_rejections_per_second(size_t msg_len_octets, const srtp_policy_t *policy) { srtp_ctx_t *srtp; uint8_t *mesg; - int i; size_t len; clock_t timer; - int num_trials = 1000000; + size_t num_trials = 1000000; uint32_t ssrc = policy->ssrc.value; srtp_err_status_t status; @@ -1013,7 +1019,7 @@ double srtp_rejections_per_second(int msg_len_octets, srtp_protect(srtp, mesg, &len); timer = clock(); - for (i = 0; i < num_trials; i++) { + for (size_t i = 0; i < num_trials; i++) { len = msg_len_octets; srtp_unprotect(srtp, mesg, &len); } @@ -1041,9 +1047,10 @@ void err_check(srtp_err_status_t s) srtp_err_status_t srtp_test_call_protect(srtp_t srtp_sender, uint8_t *hdr, size_t *len, + bool use_mki, int mki_index) { - if (mki_index == -1) { + if (!use_mki) { return srtp_protect(srtp_sender, hdr, len); } else { return srtp_protect_mki(srtp_sender, hdr, len, true, mki_index); @@ -1053,9 +1060,10 @@ srtp_err_status_t srtp_test_call_protect(srtp_t srtp_sender, srtp_err_status_t srtp_test_call_protect_rtcp(srtp_t srtp_sender, uint8_t *hdr, size_t *len, - int mki_index) + bool use_mki, + size_t mki_index) { - if (mki_index == -1) { + if (!use_mki) { return srtp_protect_rtcp(srtp_sender, hdr, len); } else { return srtp_protect_rtcp_mki(srtp_sender, hdr, len, true, mki_index); @@ -1088,7 +1096,8 @@ srtp_err_status_t srtp_test_call_unprotect_rtcp(srtp_t srtp_sender, srtp_err_status_t srtp_test(const srtp_policy_t *policy, bool test_extension_headers, - int mki_index) + bool use_mki, + size_t mki_index) { size_t i; srtp_t srtp_sender; @@ -1103,11 +1112,7 @@ srtp_err_status_t srtp_test(const srtp_policy_t *policy, uint32_t ssrc; srtp_policy_t *rcvr_policy; srtp_policy_t tmp_policy; - int header = 1; - bool use_mki = false; - - if (mki_index >= 0) - use_mki = true; + uint8_t header = 1; if (test_extension_headers) { memcpy(&tmp_policy, policy, sizeof(srtp_policy_t)); @@ -1159,7 +1164,8 @@ srtp_err_status_t srtp_test(const srtp_policy_t *policy, debug_print(mod_driver, "reference packet before protection:\n%s", octet_string_hex_string(hdr, len)); #endif - err_check(srtp_test_call_protect(srtp_sender, hdr, &len, mki_index)); + err_check( + srtp_test_call_protect(srtp_sender, hdr, &len, use_mki, mki_index)); debug_print(mod_driver, "after protection:\n%s", srtp_packet_to_string(hdr, len)); @@ -1293,7 +1299,8 @@ srtp_err_status_t srtp_test(const srtp_policy_t *policy, ((srtp_hdr_t *)hdr)->seq++; /* apply protection */ - err_check(srtp_test_call_protect(srtp_sender, hdr, &len, mki_index)); + err_check( + srtp_test_call_protect(srtp_sender, hdr, &len, use_mki, mki_index)); /* flip bits in packet */ data[0] ^= 0xff; @@ -1321,9 +1328,10 @@ srtp_err_status_t srtp_test(const srtp_policy_t *policy, return srtp_err_status_ok; } -srtp_err_status_t srtcp_test(const srtp_policy_t *policy, int mki_index) +srtp_err_status_t srtcp_test(const srtp_policy_t *policy, + bool use_mki, + size_t mki_index) { - size_t i; srtp_t srtcp_sender; srtp_t srtcp_rcvr; srtp_err_status_t status = srtp_err_status_ok; @@ -1335,10 +1343,6 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, int mki_index) size_t tag_length; uint32_t ssrc; srtp_policy_t *rcvr_policy; - bool use_mki = false; - - if (mki_index >= 0) - use_mki = true; err_check(srtp_create(&srtcp_sender, policy)); @@ -1376,7 +1380,8 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, int mki_index) debug_print(mod_driver, "reference packet before protection:\n%s", octet_string_hex_string(hdr, len)); #endif - err_check(srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, mki_index)); + err_check(srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, use_mki, + mki_index)); debug_print(mod_driver, "after protection:\n%s", srtp_rtcp_packet_to_string(hdr, len)); @@ -1399,7 +1404,7 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, int mki_index) srtp_get_protect_rtcp_trailer_length(srtcp_sender, use_mki, mki_index, &tag_length); pkt_end = hdr + msg_len + tag_length; - for (i = 0; i < 4; i++) { + for (size_t i = 0; i < 4; i++) { if (pkt_end[i] != 0xff) { fprintf(stdout, "overwrite in srtp_protect_rtcp() function " @@ -1423,7 +1428,7 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, int mki_index) if ((policy->rtcp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) { printf("testing that ciphertext is distinct from plaintext..."); status = srtp_err_status_algo_fail; - for (i = 12; i < msg_len_octets + 12; i++) { + for (size_t i = 12; i < msg_len_octets + 12; i++) { if (hdr[i] != hdr2[i]) { status = srtp_err_status_ok; } @@ -1463,7 +1468,7 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, int mki_index) srtp_rtcp_packet_to_string(hdr, len)); /* verify that the unprotected packet matches the original one */ - for (i = 0; i < len; i++) { + for (size_t i = 0; i < len; i++) { if (hdr[i] != hdr2[i]) { fprintf(stdout, "mismatch at octet %zu\n", i); status = srtp_err_status_algo_fail; @@ -1500,8 +1505,8 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, int mki_index) printf("testing for false positives in auth check..."); /* apply protection */ - err_check( - srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, mki_index)); + err_check(srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, use_mki, + mki_index)); /* flip bits in packet */ data[0] ^= 0xff; @@ -1536,7 +1541,7 @@ struct srtp_session_print_stream_data { int is_template; }; -int srtp_session_print_stream(srtp_stream_t stream, void *raw_data) +bool srtp_session_print_stream(srtp_stream_t stream, void *raw_data) { static const char *serv_descr[4] = { "none", "confidentiality", "authentication", @@ -1550,7 +1555,7 @@ int srtp_session_print_stream(srtp_stream_t stream, void *raw_data) if (!data->is_template && stream->rtp_services > sec_serv_conf_and_auth) { data->status = srtp_err_status_bad_param; - return 1; + return false; } if (data->is_template) { @@ -1580,8 +1585,8 @@ int srtp_session_print_stream(srtp_stream_t stream, void *raw_data) printf("# Encrypted extension headers: "); if (stream->enc_xtn_hdr && stream->enc_xtn_hdr_count > 0) { - int *enc_xtn_hdr = stream->enc_xtn_hdr; - int count = stream->enc_xtn_hdr_count; + uint8_t *enc_xtn_hdr = stream->enc_xtn_hdr; + size_t count = stream->enc_xtn_hdr_count; while (count > 0) { printf("%d ", *enc_xtn_hdr); enc_xtn_hdr++; @@ -1592,7 +1597,7 @@ int srtp_session_print_stream(srtp_stream_t stream, void *raw_data) printf("none\n"); } - return 0; + return true; } srtp_err_status_t srtp_session_print_policy(srtp_t srtp) @@ -1723,14 +1728,14 @@ char *srtp_rtcp_packet_to_string(uint8_t *packet, size_t pkt_octet_len) * optimize away the function */ -double mips_estimate(int num_trials, int *ignore) +double mips_estimate(size_t num_trials, size_t *ignore) { clock_t t; - volatile int i, sum; + volatile size_t sum; sum = 0; t = clock(); - for (i = 0; i < num_trials; i++) { + for (size_t i = 0; i < num_trials; i++) { sum += i; } t = clock() - t; @@ -2236,7 +2241,7 @@ srtp_err_status_t srtp_validate_gcm(void) srtp_err_status_t srtp_validate_encrypted_extensions_headers(void) { // clang-format off - unsigned char test_key_ext_headers[30] = { + uint8_t test_key_ext_headers[30] = { 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb, @@ -2279,7 +2284,7 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers(void) srtp_err_status_t status; size_t len; srtp_policy_t policy; - int headers[3] = { 1, 3, 4 }; + uint8_t headers[3] = { 1, 3, 4 }; /* * create a session with a single stream using the default srtp @@ -2298,24 +2303,27 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers(void) policy.next = NULL; status = srtp_create(&srtp_snd, &policy); - if (status) + if (status) { return status; + } /* * protect plaintext, then compare with ciphertext */ len = sizeof(srtp_plaintext_ref); status = srtp_protect(srtp_snd, srtp_plaintext, &len); - if (status || (len != sizeof(srtp_plaintext))) + if (status || (len != sizeof(srtp_plaintext))) { return srtp_err_status_fail; + } debug_print(mod_driver, "ciphertext:\n %s", srtp_octet_string_hex_string(srtp_plaintext, len)); debug_print(mod_driver, "ciphertext reference:\n %s", srtp_octet_string_hex_string(srtp_ciphertext, len)); - if (srtp_octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) + if (srtp_octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) { return srtp_err_status_fail; + } /* * create a receiver session context comparable to the one created @@ -2323,8 +2331,9 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers(void) * complain */ status = srtp_create(&srtp_recv, &policy); - if (status) + if (status) { return status; + } /* * unprotect ciphertext, then compare with plaintext @@ -2336,16 +2345,19 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers(void) return srtp_err_status_fail; } - if (srtp_octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) + if (srtp_octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) { return srtp_err_status_fail; + } status = srtp_dealloc(srtp_snd); - if (status) + if (status) { return status; + } status = srtp_dealloc(srtp_recv); - if (status) + if (status) { return status; + } return srtp_err_status_ok; } @@ -2358,7 +2370,7 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers(void) srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm(void) { // clang-format off - unsigned char test_key_ext_headers[30] = { + uint8_t test_key_ext_headers[30] = { 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb, @@ -2399,7 +2411,7 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm(void) srtp_err_status_t status; size_t len; srtp_policy_t policy; - int headers[3] = { 1, 3, 4 }; + uint8_t headers[3] = { 1, 3, 4 }; /* * create a session with a single stream using the default srtp @@ -2418,24 +2430,27 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm(void) policy.next = NULL; status = srtp_create(&srtp_snd, &policy); - if (status) + if (status) { return status; + } /* * protect plaintext, then compare with ciphertext */ len = sizeof(srtp_plaintext_ref); status = srtp_protect(srtp_snd, srtp_plaintext, &len); - if (status || (len != sizeof(srtp_plaintext))) + if (status || (len != sizeof(srtp_plaintext))) { return srtp_err_status_fail; + } debug_print(mod_driver, "ciphertext:\n %s", srtp_octet_string_hex_string(srtp_plaintext, len)); debug_print(mod_driver, "ciphertext reference:\n %s", srtp_octet_string_hex_string(srtp_ciphertext, len)); - if (srtp_octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) + if (srtp_octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) { return srtp_err_status_fail; + } /* * create a receiver session context comparable to the one created @@ -2443,8 +2458,9 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm(void) * complain */ status = srtp_create(&srtp_recv, &policy); - if (status) + if (status) { return status; + } /* * unprotect ciphertext, then compare with plaintext @@ -2456,16 +2472,19 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm(void) return srtp_err_status_fail; } - if (srtp_octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) + if (srtp_octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) { return srtp_err_status_fail; + } status = srtp_dealloc(srtp_snd); - if (status) + if (status) { return status; + } status = srtp_dealloc(srtp_recv); - if (status) + if (status) { return status; + } return srtp_err_status_ok; } @@ -2480,7 +2499,7 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm(void) srtp_err_status_t srtp_validate_aes_256(void) { // clang-format off - unsigned char aes_256_test_key[46] = { + uint8_t aes_256_test_key[46] = { 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76, 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29, 0x98, 0xf6, 0xf6, 0xe4, 0x3e, 0x43, 0x09, 0xd1, @@ -2880,7 +2899,7 @@ srtp_err_status_t srtp_test_remove_stream(void) } // clang-format off -unsigned char test_alt_key[46] = { +uint8_t test_alt_key[46] = { 0xe5, 0x19, 0x6f, 0x01, 0x5e, 0xf1, 0x9b, 0xe1, 0xd7, 0x47, 0xa7, 0x27, 0x07, 0xd7, 0x47, 0x33, 0x01, 0xc2, 0x35, 0x4d, 0x59, 0x6a, 0xf7, 0x84, @@ -2891,10 +2910,10 @@ unsigned char test_alt_key[46] = { // clang-format on /* - * srtp_test_update() verifies updating/rekeying exsisting streams. + * srtp_test_update() verifies updating/rekeying existing streams. * As stated in https://tools.ietf.org/html/rfc3711#section-3.3.1 * the value of the ROC must not be reset after a rekey, this test - * atempts to prove that srtp_update does not reset the ROC. + * attempts to prove that srtp_update does not reset the ROC. */ srtp_err_status_t srtp_test_update(void) @@ -2918,45 +2937,53 @@ srtp_err_status_t srtp_test_update(void) /* create a send and recive ctx with defualt profile and test_key */ policy.ssrc.type = ssrc_any_outbound; status = srtp_create(&srtp_snd, &policy); - if (status) + if (status) { return status; + } policy.ssrc.type = ssrc_any_inbound; status = srtp_create(&srtp_recv, &policy); - if (status) + if (status) { return status; + } /* protect and unprotect two msg's that will cause the ROC to be equal to 1 */ msg = srtp_create_test_packet(msg_len_octets, ssrc, &protected_msg_len_octets); - if (msg == NULL) + if (msg == NULL) { return srtp_err_status_alloc_fail; + } ((srtp_hdr_t *)msg)->seq = htons(65535); status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); - if (status) + if (status) { return srtp_err_status_fail; + } status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); - if (status) + if (status) { return status; + } free(msg); msg = srtp_create_test_packet(msg_len_octets, ssrc, &protected_msg_len_octets); - if (msg == NULL) + if (msg == NULL) { return srtp_err_status_alloc_fail; + } ((srtp_hdr_t *)msg)->seq = htons(1); status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); - if (status) + if (status) { return srtp_err_status_fail; + } status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); - if (status) + if (status) { return status; + } free(msg); @@ -2964,22 +2991,26 @@ srtp_err_status_t srtp_test_update(void) policy.ssrc.type = ssrc_any_outbound; policy.key = test_key; status = srtp_update(srtp_snd, &policy); - if (status) + if (status) { return status; + } msg = srtp_create_test_packet(msg_len_octets, ssrc, &protected_msg_len_octets); - if (msg == NULL) + if (msg == NULL) { return srtp_err_status_alloc_fail; + } ((srtp_hdr_t *)msg)->seq = htons(2); status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); - if (status) + if (status) { return srtp_err_status_fail; + } status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); - if (status) + if (status) { return status; + } free(msg); @@ -2987,27 +3018,31 @@ srtp_err_status_t srtp_test_update(void) policy.ssrc.type = ssrc_any_outbound; policy.key = test_alt_key; status = srtp_update(srtp_snd, &policy); - if (status) + if (status) { return status; + } /* create and protect msg with new key and ROC still equal to 1 */ msg = srtp_create_test_packet(msg_len_octets, ssrc, &protected_msg_len_octets); - if (msg == NULL) + if (msg == NULL) { return srtp_err_status_alloc_fail; + } ((srtp_hdr_t *)msg)->seq = htons(3); status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); - if (status) + if (status) { return srtp_err_status_fail; + } - /* verify that recive ctx will fail to unprotect as it still uses test_key + /* verify that receive ctx will fail to unprotect as it still uses test_key */ status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); - if (status == srtp_err_status_ok) + if (status == srtp_err_status_ok) { return srtp_err_status_fail; + } - /* create a new recvieve ctx with test_alt_key but since it is new it will + /* create a new receive ctx with test_alt_key but since it is new it will * have ROC equal to 1 * and therefore should fail to unprotected */ { @@ -3016,41 +3051,48 @@ srtp_err_status_t srtp_test_update(void) policy.ssrc.type = ssrc_any_inbound; policy.key = test_alt_key; status = srtp_create(&srtp_recv_roc_0, &policy); - if (status) + if (status) { return status; + } status = srtp_unprotect(srtp_recv_roc_0, msg, &protected_msg_len_octets); - if (status == srtp_err_status_ok) + if (status == srtp_err_status_ok) { return srtp_err_status_fail; + } status = srtp_dealloc(srtp_recv_roc_0); - if (status) + if (status) { return status; + } } /* update recive ctx to use test_alt_key */ policy.ssrc.type = ssrc_any_inbound; policy.key = test_alt_key; status = srtp_update(srtp_recv, &policy); - if (status) + if (status) { return status; + } /* verify that can still unprotect, therfore key is updated and ROC value is * preserved */ status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); - if (status) + if (status) { return status; + } free(msg); status = srtp_dealloc(srtp_snd); - if (status) + if (status) { return status; + } status = srtp_dealloc(srtp_recv); - if (status) + if (status) { return status; + } return srtp_err_status_ok; } @@ -3117,21 +3159,25 @@ srtp_err_status_t srtp_test_setup_protect_trailer_streams( /* create a send ctx with defualt profile and test_key */ status = srtp_create(srtp_send, &policy); - if (status) + if (status) { return status; + } status = srtp_create(srtp_send_mki, &policy_mki); - if (status) + if (status) { return status; + } #ifdef GCM status = srtp_create(srtp_send_aes_gcm, &policy_aes_gcm); - if (status) + if (status) { return status; + } status = srtp_create(srtp_send_aes_gcm_mki, &policy_aes_gcm_mki); - if (status) + if (status) { return status; + } #endif // GCM return srtp_err_status_ok; @@ -3150,38 +3196,46 @@ srtp_err_status_t srtp_test_protect_trailer_length(void) &srtp_send, &srtp_send_mki, &srtp_send_aes_gcm, &srtp_send_aes_gcm_mki); status = srtp_get_protect_trailer_length(srtp_send, 0, 0, &length); - if (status) + if (status) { return status; + } /* TAG Length: 10 bytes */ - if (length != 10) + if (length != 10) { return srtp_err_status_fail; + } status = srtp_get_protect_trailer_length(srtp_send_mki, 1, 1, &length); - if (status) + if (status) { return status; + } /* TAG Length: 10 bytes + MKI length: 4 bytes*/ - if (length != 14) + if (length != 14) { return srtp_err_status_fail; + } #ifdef GCM status = srtp_get_protect_trailer_length(srtp_send_aes_gcm, 0, 0, &length); - if (status) + if (status) { return status; + } /* TAG Length: 16 bytes */ - if (length != 16) + if (length != 16) { return srtp_err_status_fail; + } status = srtp_get_protect_trailer_length(srtp_send_aes_gcm_mki, 1, 1, &length); - if (status) + if (status) { return status; + } /* TAG Length: 16 bytes + MKI length: 4 bytes*/ - if (length != 20) + if (length != 20) { return srtp_err_status_fail; + } #endif // GCM srtp_dealloc(srtp_send); @@ -3207,39 +3261,47 @@ srtp_err_status_t srtp_test_protect_rtcp_trailer_length(void) &srtp_send, &srtp_send_mki, &srtp_send_aes_gcm, &srtp_send_aes_gcm_mki); status = srtp_get_protect_rtcp_trailer_length(srtp_send, 0, 0, &length); - if (status) + if (status) { return status; + } /* TAG Length: 10 bytes + SRTCP Trailer 4 bytes*/ - if (length != 14) + if (length != 14) { return srtp_err_status_fail; + } status = srtp_get_protect_rtcp_trailer_length(srtp_send_mki, 1, 1, &length); - if (status) + if (status) { return status; + } /* TAG Length: 10 bytes + SRTCP Trailer 4 bytes + MKI 4 bytes*/ - if (length != 18) + if (length != 18) { return srtp_err_status_fail; + } #ifdef GCM status = srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm, 0, 0, &length); - if (status) + if (status) { return status; + } /* TAG Length: 16 bytes + SRTCP Trailer 4 bytes*/ - if (length != 20) + if (length != 20) { return srtp_err_status_fail; + } status = srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm_mki, 1, 1, &length); - if (status) + if (status) { return status; + } /* TAG Length: 16 bytes + SRTCP Trailer 4 bytes + MKI 4 bytes*/ - if (length != 24) + if (length != 24) { return srtp_err_status_fail; + } #endif // GCM srtp_dealloc(srtp_send); @@ -3921,7 +3983,7 @@ srtp_err_status_t srtp_test_set_sender_roc(void) */ // clang-format off -unsigned char test_key[46] = { +uint8_t test_key[46] = { 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb, @@ -3930,7 +3992,7 @@ unsigned char test_key[46] = { 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6 }; -unsigned char test_key_2[46] = { +uint8_t test_key_2[46] = { 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76, 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29, 0x98, 0xf6, 0xf6, 0xe4, 0x3e, 0x43, 0x09, 0xd1, @@ -3939,18 +4001,18 @@ unsigned char test_key_2[46] = { 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6 }; -unsigned char test_key_gcm[28] = { +uint8_t test_key_gcm[28] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab }; -unsigned char test_mki_id[TEST_MKI_ID_SIZE] = { +uint8_t test_mki_id[TEST_MKI_ID_SIZE] = { 0xe1, 0xf9, 0x7a, 0x0d }; -unsigned char test_mki_id_2[TEST_MKI_ID_SIZE] = { +uint8_t test_mki_id_2[TEST_MKI_ID_SIZE] = { 0xf3, 0xa1, 0x46, 0x71 }; // clang-format on @@ -4192,7 +4254,7 @@ const srtp_policy_t null_policy = { }; // clang-format off -unsigned char test_256_key[46] = { +uint8_t test_256_key[46] = { 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76, 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29, 0x98, 0xf6, 0xf6, 0xe4, 0x3e, 0x43, 0x09, 0xd1, @@ -4202,7 +4264,7 @@ unsigned char test_256_key[46] = { 0x64, 0x23, 0xab, 0x5b, 0x78, 0xd2 }; -unsigned char test_256_key_2[46] = { +uint8_t test_256_key_2[46] = { 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb, @@ -4363,12 +4425,12 @@ static void stream_list_test_free_stream(srtp_stream_t stream) free(stream); } -int stream_list_test_count_cb(srtp_stream_t stream, void *data) +bool stream_list_test_count_cb(srtp_stream_t stream, void *data) { - int *count = (int *)data; + size_t *count = (size_t *)data; (*count)++; (void)stream; - return 0; + return true; } struct remove_one_data { @@ -4376,23 +4438,23 @@ struct remove_one_data { srtp_stream_list_t list; }; -int stream_list_test_remove_one_cb(srtp_stream_t stream, void *data) +bool stream_list_test_remove_one_cb(srtp_stream_t stream, void *data) { struct remove_one_data *d = (struct remove_one_data *)data; if (stream->ssrc == d->ssrc) { srtp_stream_list_remove(d->list, stream); stream_list_test_free_stream(stream); - return 1; + return false; } - return 0; + return true; } -int stream_list_test_remove_all_cb(srtp_stream_t stream, void *data) +bool stream_list_test_remove_all_cb(srtp_stream_t stream, void *data) { srtp_stream_list_t *list = (srtp_stream_list_t *)data; srtp_stream_list_remove(*list, stream); stream_list_test_free_stream(stream); - return 0; + return true; } srtp_err_status_t srtp_stream_list_test(void) @@ -4403,7 +4465,7 @@ srtp_err_status_t srtp_stream_list_test(void) return srtp_err_status_fail; } - /* add 4 streams*/ + /* add 4 streams */ if (srtp_stream_list_insert(list, stream_list_test_create_stream(1))) { return srtp_err_status_fail; } @@ -4437,7 +4499,7 @@ srtp_err_status_t srtp_stream_list_test(void) } /* for each */ - int count = 0; + size_t count = 0; srtp_stream_list_for_each(list, stream_list_test_count_cb, &count); if (count != 4) { return srtp_err_status_fail; @@ -4552,8 +4614,9 @@ srtp_stream_t srtp_stream_list_get(srtp_stream_list_t list, uint32_t ssrc) { struct test_list_node *node = list->head; while (node != NULL) { - if (node->stream->ssrc == ssrc) + if (node->stream->ssrc == ssrc) { return node->stream; + } node = node->next; } return NULL; @@ -4574,15 +4637,16 @@ void srtp_stream_list_remove(srtp_stream_list_t list, srtp_stream_t stream) } void srtp_stream_list_for_each(srtp_stream_list_t list, - int (*callback)(srtp_stream_t, void *), + bool (*callback)(srtp_stream_t, void *), void *data) { struct test_list_node *node = list->head; while (node != NULL) { struct test_list_node *tmp = node; node = node->next; - if (callback(tmp->stream, data)) + if (!callback(tmp->stream, data)) { break; + } } } diff --git a/test/ut_sim.c b/test/ut_sim.c index 98d9ab283..06f494910 100644 --- a/test/ut_sim.c +++ b/test/ut_sim.c @@ -65,8 +65,9 @@ void ut_init(ut_connection *utc) int i; utc->index = 0; - for (i = 0; i < UT_BUF; i++) + for (i = 0; i < UT_BUF; i++) { utc->buffer[i] = i; + } qsort(utc->buffer, UT_BUF, sizeof(uint32_t), ut_compar);