From 873236cd100b6c8a683a655aefb84fd059dbfa0c Mon Sep 17 00:00:00 2001 From: Ingo Bauersachs Date: Tue, 1 Nov 2011 20:18:31 +0000 Subject: [PATCH] Format code according to Jitsi conventions --- .../transform/srtp/SRTCPCryptoContext.java | 159 +++++++++++------- .../transform/srtp/SRTPCipherCTR.java | 34 ++-- .../neomedia/transform/srtp/SRTPCipherF8.java | 30 ++-- .../transform/srtp/SRTPCryptoContext.java | 24 ++- .../transform/srtp/SRTPTransformEngine.java | 3 +- 5 files changed, 154 insertions(+), 96 deletions(-) diff --git a/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTCPCryptoContext.java b/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTCPCryptoContext.java index 56f1016dc..e819995aa 100644 --- a/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTCPCryptoContext.java +++ b/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTCPCryptoContext.java @@ -58,7 +58,7 @@ * Cryptographic related parameters, i.e. encryption mode / authentication mode, * master encryption key and master salt key are determined outside the scope * of SRTP implementation. They can be assigned manually, or can be assigned - * automatically using some key management protocol, such as MIKEY (RFC3880) or + * automatically using some key management protocol, such as MIKEY (RFC3830) or * Phil Zimmermann's ZRTP protocol. * * @author Bing SU (nova.su@gmail.com) @@ -255,7 +255,8 @@ public SRTCPCryptoContext(long ssrcIn, * * @return the authentication tag length of this SRTP cryptographic context */ - public int getAuthTagLength() { + public int getAuthTagLength() + { return policy.getAuthTagLength(); } @@ -264,12 +265,11 @@ public int getAuthTagLength() { * * @return the MKI length of this SRTP cryptographic context */ - public int getMKILength() { - if (mki != null) { + public int getMKILength() + { + if (mki != null) return mki.length; - } else { - return 0; - } + return 0; } /** @@ -277,7 +277,8 @@ public int getMKILength() { * * @return the SSRC of this SRTP cryptographic context */ - public long getSSRC() { + public long getSSRC() + { return ssrc; } @@ -298,19 +299,21 @@ public long getSSRC() { * * @param pkt the RTP packet that is going to be sent out */ - public void transformPacket(RawPacket pkt) { - + public void transformPacket(RawPacket pkt) + { boolean encrypt = false; /* Encrypt the packet using Counter Mode encryption */ if (policy.getEncType() == SRTPPolicy.AESCM_ENCRYPTION || - policy.getEncType() == SRTPPolicy.TWOFISH_ENCRYPTION) { + policy.getEncType() == SRTPPolicy.TWOFISH_ENCRYPTION) + { processPacketAESCM(pkt, sentIndex); encrypt = true; } /* Encrypt the packet using F8 Mode encryption */ else if (policy.getEncType() == SRTPPolicy.AESF8_ENCRYPTION || - policy.getEncType() == SRTPPolicy.TWOFISHF8_ENCRYPTION) { + policy.getEncType() == SRTPPolicy.TWOFISHF8_ENCRYPTION) + { processPacketAESF8(pkt, sentIndex); encrypt = true; } @@ -320,11 +323,12 @@ else if (policy.getEncType() == SRTPPolicy.AESF8_ENCRYPTION || // Grow packet storage in one step pkt.grow(4 + policy.getAuthTagLength()); - + // Authenticate the packet // The authenticate method gets the index via parameter and stores // it in network order in rbStore variable. - if (policy.getAuthType() != SRTPPolicy.NULL_AUTHENTICATION) { + if (policy.getAuthType() != SRTPPolicy.NULL_AUTHENTICATION) + { authenticatePacket(pkt, index); pkt.append(rbStore, 4); pkt.append(tagStore, policy.getAuthTagLength()); @@ -351,8 +355,8 @@ else if (policy.getEncType() == SRTPPolicy.AESF8_ENCRYPTION || * @return true if the packet can be accepted * false if authentication or replay check failed */ - public boolean reverseTransformPacket(RawPacket pkt) { - + public boolean reverseTransformPacket(RawPacket pkt) + { boolean decrypt = false; int tagLength = policy.getAuthTagLength(); int indexEflag = pkt.getSRTCPIndex(tagLength); @@ -363,17 +367,18 @@ public boolean reverseTransformPacket(RawPacket pkt) { int index = indexEflag & ~0x80000000; /* Replay control */ - if (!checkReplay(index)) { + if (!checkReplay(index)) + { return false; - } - /* Authenticate the packet */ - if (policy.getAuthType() != SRTPPolicy.NULL_AUTHENTICATION) { + /* Authenticate the packet */ + if (policy.getAuthType() != SRTPPolicy.NULL_AUTHENTICATION) + { // get original authentication data and store in tempStore pkt.readRegionToBuff(pkt.getLength() - tagLength, tagLength, tempStore); - + // Shrink packet to remove the authentication tag and index // because this is part of authenicated data pkt.shrink(tagLength + 4); @@ -381,7 +386,8 @@ public boolean reverseTransformPacket(RawPacket pkt) { // compute, then save authentication in tagStore authenticatePacket(pkt, indexEflag); - for (int i = 0; i < tagLength; i++) { + for (int i = 0; i < tagLength; i++) + { if ((tempStore[i] & 0xff) == (tagStore[i] & 0xff)) continue; else @@ -389,16 +395,19 @@ public boolean reverseTransformPacket(RawPacket pkt) { } } - if (decrypt) { + if (decrypt) + { /* Decrypt the packet using Counter Mode encryption */ if (policy.getEncType() == SRTPPolicy.AESCM_ENCRYPTION - || policy.getEncType() == SRTPPolicy.TWOFISH_ENCRYPTION) { + || policy.getEncType() == SRTPPolicy.TWOFISH_ENCRYPTION) + { processPacketAESCM(pkt, index); } /* Decrypt the packet using F8 Mode encryption */ else if (policy.getEncType() == SRTPPolicy.AESF8_ENCRYPTION - || policy.getEncType() == SRTPPolicy.TWOFISHF8_ENCRYPTION) { + || policy.getEncType() == SRTPPolicy.TWOFISHF8_ENCRYPTION) + { processPacketAESF8(pkt, index); } } @@ -411,7 +420,8 @@ else if (policy.getEncType() == SRTPPolicy.AESF8_ENCRYPTION * Perform Counter Mode AES encryption / decryption * @param pkt the RTP packet to be encrypted / decrypted */ - public void processPacketAESCM(RawPacket pkt, int index) { + public void processPacketAESCM(RawPacket pkt, int index) + { long ssrc = pkt.GetRTCPSSRC(); /* Compute the CM IV (refer to chapter 4.1.1 in RFC 3711): @@ -448,8 +458,9 @@ public void processPacketAESCM(RawPacket pkt, int index) { final int payloadOffset = 8; final int payloadLength = pkt.getLength() - payloadOffset; - cipherCtr.process(cipher, pkt.getBuffer(), pkt.getOffset() + payloadOffset, - payloadLength, ivStore); + cipherCtr.process(cipher, pkt.getBuffer(), + pkt.getOffset() + payloadOffset, + payloadLength, ivStore); } /** @@ -457,7 +468,8 @@ public void processPacketAESCM(RawPacket pkt, int index) { * * @param pkt the RTP packet to be encrypted / decrypted */ - public void processPacketAESF8(RawPacket pkt, int index) { + public void processPacketAESF8(RawPacket pkt, int index) + { // byte[] iv = new byte[16]; // 4 bytes of the iv are zero @@ -482,10 +494,12 @@ public void processPacketAESF8(RawPacket pkt, int index) { // Encrypted part excludes fixed header (8 bytes), index (4 bytes), and // authentication tag (variable according to policy) final int payloadOffset = 8; - final int payloadLength = pkt.getLength() - (4 + policy.getAuthTagLength()); + final int payloadLength + = pkt.getLength() - (4 + policy.getAuthTagLength()); - SRTPCipherF8.process(cipher, pkt.getBuffer(), pkt.getOffset() + payloadOffset, - payloadLength, ivStore, encKey, saltKey, cipherF8); + SRTPCipherF8.process(cipher, pkt.getBuffer(), + pkt.getOffset() + payloadOffset, + payloadLength, ivStore, encKey, saltKey, cipherF8); } /** @@ -495,8 +509,8 @@ public void processPacketAESF8(RawPacket pkt, int index) { * * @param pkt the RTP packet to be authenticated */ - private void authenticatePacket(RawPacket pkt, int index) { - + private void authenticatePacket(RawPacket pkt, int index) + { mac.update(pkt.getBuffer(), 0, pkt.getLength()); // byte[] rb = new byte[4]; rbStore[0] = (byte) (index >> 24); @@ -520,23 +534,33 @@ private void authenticatePacket(RawPacket pkt, int index) { * @return true if this sequence number indicates the packet is not a * replayed one, false if not */ - boolean checkReplay(int index) { + boolean checkReplay(int index) + { // compute the index of previously received packet and its // delta to the new received packet long delta = index - receivedIndex; - - if (delta > 0) { + + if (delta > 0) + { /* Packet not yet received */ return true; - } else { - if (-delta > REPLAY_WINDOW_SIZE) { + } + else + { + if (-delta > REPLAY_WINDOW_SIZE) + { /* Packet too old */ return false; - } else { - if (((this.replayWindow >> (-delta)) & 0x1) != 0) { + } + else + { + if (((this.replayWindow >> (-delta)) & 0x1) != 0) + { /* Packet already received ! */ return false; - } else { + } + else + { /* Packet not yet received */ return true; } @@ -550,9 +574,10 @@ boolean checkReplay(int index) { * * @param label label specified for each type of iv */ - private void computeIv(byte label) { - - for (int i = 0; i < 14; i++) { + private void computeIv(byte label) + { + for (int i = 0; i < 14; i++) + { ivStore[i] = masterSalt[i]; } ivStore[7] ^= label; @@ -563,21 +588,26 @@ private void computeIv(byte label) { * Derives the srtcp session keys from the master key. * */ - public void deriveSrtcpKeys() { + public void deriveSrtcpKeys() + { // compute the session encryption key byte label = 3; computeIv(label); KeyParameter encryptionKey = new KeyParameter(masterKey); cipher.init(true, encryptionKey); - cipherCtr.getCipherStream(cipher, encKey, policy.getEncKeyLength(), ivStore); + cipherCtr.getCipherStream(cipher, encKey, + policy.getEncKeyLength(), ivStore); - if (authKey != null) { + if (authKey != null) + { label = 4; computeIv(label); - cipherCtr.getCipherStream(cipher, authKey, policy.getAuthKeyLength(), ivStore); + cipherCtr.getCipherStream(cipher, authKey, + policy.getAuthKeyLength(), ivStore); - switch ((policy.getAuthType())) { + switch ((policy.getAuthType())) + { case SRTPPolicy.HMACSHA1_AUTHENTICATION: KeyParameter key = new KeyParameter(authKey); mac.init(key); @@ -585,17 +615,20 @@ public void deriveSrtcpKeys() { case SRTPPolicy.SKEIN_AUTHENTICATION: // Skein MAC uses number of bits as MAC size, not just bytes - ParametersForSkein pfs = new ParametersForSkein(new KeyParameter(authKey), - ParametersForSkein.Skein512, tagStore.length*8); + ParametersForSkein pfs = new ParametersForSkein( + new KeyParameter(authKey), + ParametersForSkein.Skein512, tagStore.length * 8); mac.init(pfs); break; } } + // compute the session salt label = 5; computeIv(label); - cipherCtr.getCipherStream(cipher, saltKey, policy.getSaltKeyLength(), ivStore); - + cipherCtr.getCipherStream(cipher, saltKey, + policy.getSaltKeyLength(), ivStore); + // As last step: initialize cipher with derived encryption key. encryptionKey = new KeyParameter(encKey); cipher.init(true, encryptionKey); @@ -609,16 +642,19 @@ public void deriveSrtcpKeys() { * * @param index index number of the accepted packet */ - private void update(int index) { + private void update(int index) + { int delta = receivedIndex - index; /* update the replay bit mask */ - if( delta > 0 ){ - replayWindow = replayWindow << delta; - replayWindow |= 1; + if (delta > 0) + { + replayWindow = replayWindow << delta; + replayWindow |= 1; } - else { - replayWindow |= ( 1 << delta ); + else + { + replayWindow |= ( 1 << delta ); } receivedIndex = index; @@ -640,7 +676,8 @@ private void update(int index) { * The SSRC for this context * @return a new SRTPCryptoContext with all relevant data set. */ - public SRTCPCryptoContext deriveContext(long ssrc) { + public SRTCPCryptoContext deriveContext(long ssrc) + { SRTCPCryptoContext pcc = null; pcc = new SRTCPCryptoContext(ssrc, masterKey, masterSalt, policy); diff --git a/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPCipherCTR.java b/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPCipherCTR.java index 3b87ac205..fd75aa9a7 100644 --- a/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPCipherCTR.java +++ b/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPCipherCTR.java @@ -62,35 +62,37 @@ public class SRTPCipherCTR private final byte[] cipherInBlock = new byte[BLKLEN]; private final byte[] tmpCipherBlock = new byte[BLKLEN]; private byte[] streamBuf = new byte[1024]; - - public SRTPCipherCTR() { + + public SRTPCipherCTR() + { } - - public void process(BlockCipher cipher, byte[] data, int off, int len, - byte[] iv) { - if (off + len > data.length) { + public void process(BlockCipher cipher, byte[] data, int off, int len, + byte[] iv) + { + if (off + len > data.length) return; - } + // if data fits in inter buffer - use it. Otherwise allocate bigger // buffer store it to use it for later processing - up to a defined // maximum size. byte[] cipherStream = null; - if (len > streamBuf.length) { + if (len > streamBuf.length) + { cipherStream = new byte[len]; - if (cipherStream.length <= MAX_BUFFER_LENGTH) { + if (cipherStream.length <= MAX_BUFFER_LENGTH) + { streamBuf = cipherStream; } } - else { + else + { cipherStream = streamBuf; } getCipherStream(cipher, cipherStream, len, iv); - - for (int i = 0; i < len; i++) { + for (int i = 0; i < len; i++) data[i + off] ^= cipherStream[i]; - } } /** @@ -104,12 +106,14 @@ public void process(BlockCipher cipher, byte[] data, int off, int len, * @param iv * initialization vector used to generate this cipher stream */ - public void getCipherStream(BlockCipher aesCipher, byte[] out, int length, byte[] iv) + public void getCipherStream(BlockCipher aesCipher, byte[] out, int length, + byte[] iv) { System.arraycopy(iv, 0, cipherInBlock, 0, 14); int ctr; - for (ctr = 0; ctr < length / BLKLEN; ctr++) { + for (ctr = 0; ctr < length / BLKLEN; ctr++) + { // compute the cipher stream cipherInBlock[14] = (byte) ((ctr & 0xFF00) >> 8); cipherInBlock[15] = (byte) ((ctr & 0x00FF)); diff --git a/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPCipherF8.java b/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPCipherF8.java index da6cf04f6..bce7ea727 100644 --- a/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPCipherF8.java +++ b/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPCipherF8.java @@ -74,8 +74,9 @@ class F8Context long J; } - public static void process(BlockCipher cipher, byte[] data, int off, int len, - byte[] iv, byte[] key, byte[] salt, BlockCipher f8Cipher) { + public static void process(BlockCipher cipher, byte[] data, int off, + int len, byte[] iv, byte[] key, byte[] salt, BlockCipher f8Cipher) + { F8Context f8ctx = new SRTPCipherF8().new F8Context(); /* @@ -95,23 +96,22 @@ public static void process(BlockCipher cipher, byte[] data, int off, int len, * full key. */ System.arraycopy(salt, 0, saltMask, 0, salt.length); - for (int i = salt.length; i < saltMask.length; ++i) { + for (int i = salt.length; i < saltMask.length; ++i) saltMask[i] = 0x55; - } /* * XOR the original key with the above created mask to get the special * key. */ - for (int i = 0; i < key.length; i++) { + for (int i = 0; i < key.length; i++) maskedKey[i] = (byte) (key[i] ^ saltMask[i]); - } /* * Prepare the f8Cipher with the special key to compute IV' */ KeyParameter encryptionKey = new KeyParameter(maskedKey); f8Cipher.init(true, encryptionKey); + /* * Use the masked key to encrypt the original IV to produce IV'. */ @@ -126,17 +126,19 @@ public static void process(BlockCipher cipher, byte[] data, int off, int len, int inLen = len; - while (inLen >= BLKLEN) { + while (inLen >= BLKLEN) + { processBlock(cipher, f8ctx, data, off, data, off, BLKLEN); inLen -= BLKLEN; off += BLKLEN; } - if (inLen > 0) { + if (inLen > 0) + { processBlock(cipher, f8ctx, data, off, data, off, inLen); } } - + /** * Encrypt / Decrypt a block using F8 Mode AES algorithm, read len bytes * data from in at inOff and write the output into out at outOff @@ -155,15 +157,14 @@ public static void process(BlockCipher cipher, byte[] data, int off, int len, * length of the input data */ private static void processBlock(BlockCipher cipher, F8Context f8ctx, - byte[] in, int inOff, byte[] out, int outOff, int len) { - + byte[] in, int inOff, byte[] out, int outOff, int len) + { /* * XOR the previous key stream with IV' * ( S(-1) xor IV' ) */ - for (int i = 0; i < BLKLEN; i++) { + for (int i = 0; i < BLKLEN; i++) f8ctx.S[i] ^= f8ctx.ivAccent[i]; - } /* * Now XOR (S(n-1) xor IV') with the current counter, then increment @@ -184,8 +185,7 @@ private static void processBlock(BlockCipher cipher, F8Context f8ctx, * As the last step XOR the plain text with the key stream to produce * the cipher text. */ - for (int i = 0; i < len; i++) { + for (int i = 0; i < len; i++) out[outOff + i] = (byte) (in[inOff + i] ^ f8ctx.S[i]); - } } } diff --git a/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPCryptoContext.java b/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPCryptoContext.java index 540296a84..2825808e7 100644 --- a/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPCryptoContext.java +++ b/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPCryptoContext.java @@ -467,7 +467,8 @@ public boolean reverseTransformPacket(RawPacket pkt) /* Decrypt the packet using Counter Mode encryption*/ if (policy.getEncType() == SRTPPolicy.AESCM_ENCRYPTION || - policy.getEncType() == SRTPPolicy.TWOFISH_ENCRYPTION) { + policy.getEncType() == SRTPPolicy.TWOFISH_ENCRYPTION) + { processPacketAESCM(pkt); } @@ -502,12 +503,22 @@ public void processPacketAESCM(RawPacket pkt) int i; for (i = 4; i < 8; i++) { - ivStore[i] = (byte) ((0xFF & (ssrc >> ((7 - i) * 8))) ^ this.saltKey[i]); + ivStore[i] = (byte) + ( + (0xFF & (ssrc >> ((7 - i) * 8))) + ^ + this.saltKey[i] + ); } for (i = 8; i < 14; i++) { - ivStore[i] = (byte) ((0xFF & (byte) (index >> ((13 - i) * 8))) ^ this.saltKey[i]); + ivStore[i] = (byte) + ( + (0xFF & (byte) (index >> ((13 - i) * 8))) + ^ + this.saltKey[i] + ); } ivStore[14] = ivStore[15] = 0; @@ -640,7 +651,12 @@ private void computeIv(long label, long index) } for (int i = 7; i < 14; i++) { - ivStore[i] = (byte) ((byte) (0xFF & (key_id >> (8 * (13 - i)))) ^ masterSalt[i]); + ivStore[i] = (byte) + ( + (byte) (0xFF & (key_id >> (8 * (13 - i)))) + ^ + masterSalt[i] + ); } ivStore[14] = ivStore[15] = 0; } diff --git a/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPTransformEngine.java b/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPTransformEngine.java index 1666654b2..e6a041633 100644 --- a/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPTransformEngine.java +++ b/src/net/java/sip/communicator/impl/neomedia/transform/srtp/SRTPTransformEngine.java @@ -158,7 +158,8 @@ public SRTPCryptoContext getDefaultContext() * * @return the default SRTPCryptoContext */ - public SRTCPCryptoContext getDefaultContextControl() { + public SRTCPCryptoContext getDefaultContextControl() + { return this.defaultContextControl; } }