[ptxdist] libSRTP: a Secure Realtime Transport Protocol

[Juergen Beisert <jbe@pengutronix.de>]

Signed-off-by: Juergen Beisert <jbe@pengutronix.de>

diff --git a/patches/srtp-1.4.2/autogen.sh b/patches/srtp-1.4.2/autogen.sh
new file mode 120000
index 0000000..9f8a4cb
--- /dev/null
+++ b/patches/srtp-1.4.2/autogen.sh
@@ -0,0 +1 @@
+../autogen.sh
\ No newline at end of file
diff --git a/patches/srtp-1.4.2/fix_clock_handling.diff b/patches/srtp-1.4.2/fix_clock_handling.diff
new file mode 100644
index 0000000..45e2a06
--- /dev/null
+++ b/patches/srtp-1.4.2/fix_clock_handling.diff
@@ -0,0 +1,30 @@
+From: Juergen Beisert <jbe@pengutronix.de>
+Subject: Remove kernel's timing information
+Signed-off-by: Juergen Beisert <jbe@pengutronix.de>
+---
+ crypto/include/kernel_compat.h |    5 -----
+ 1 file changed, 5 deletions(-)
+
+Index: srtp-1.4.2/crypto/include/kernel_compat.h
+===================================================================
+--- srtp-1.4.2.orig/crypto/include/kernel_compat.h
++++ srtp-1.4.2/crypto/include/kernel_compat.h
+@@ -78,8 +78,6 @@ static inline int get_random_bytes(uint3
+ 	return rand();
+ }
+ 
+-extern uint32_t jiffies;
+-
+ #define err_report(priority,x,y...) \
+   do {\
+     if (priority <= err_level) {\
+@@ -87,9 +85,6 @@ extern uint32_t jiffies;
+     }\
+   }while(0)
+ 
+-#define clock()	(jiffies)
+-#define time(x)	(jiffies)
+-
+ #define GFP_ATOMIC 0
+ #define GFP_KERNEL 1
+ 
diff --git a/patches/srtp-1.4.2/fix_endianess_handling.diff b/patches/srtp-1.4.2/fix_endianess_handling.diff
new file mode 100644
index 0000000..b12c594
--- /dev/null
+++ b/patches/srtp-1.4.2/fix_endianess_handling.diff
@@ -0,0 +1,286 @@
+From: Juergen Beisert <jbe@pengutronix.de>
+Subject: Fix endianess handling
+Signed-off-by: Juergen Beisert <jbe@pengutronix.de>
+---
+ crypto/hash/hmac.c             |    1 
+ crypto/hash/sha1.c             |   50 ++++++++++++++++++-------------------
+ crypto/include/kernel_compat.h |   54 +++++++++++++++++++++++++----------------
+ crypto/kernel/alloc.c          |    2 -
+ crypto/replay/ut_sim.c         |    2 -
+ srtp/srtp.c                    |   20 +++++++--------
+ 6 files changed, 71 insertions(+), 58 deletions(-)
+
+Index: srtp-1.4.2/crypto/include/kernel_compat.h
+===================================================================
+--- srtp-1.4.2.orig/crypto/include/kernel_compat.h
++++ srtp-1.4.2/crypto/include/kernel_compat.h
+@@ -48,36 +48,50 @@
+ 
+ #ifdef SRTP_KERNEL_LINUX
+ 
+-#include <linux/kernel.h>
+-#include <linux/slab.h>
+-#include <linux/sched.h>
+-#include <linux/random.h>
+-#include <linux/byteorder/generic.h>
++#include <stdint.h>
++#include <stdio.h>
++#include <time.h>
++#include <asm/byteorder.h>
++#include <unistd.h>
++#include <stdlib.h>
++#include <string.h>
++
++#define ntohl __be32_to_cpu
++#define htonl __cpu_to_be32
++#define htons __cpu_to_be16
++#define ntohs __be16_to_cpu
+ 
++#define in_interrupt() 0
+ 
+-#define err_report(priority, ...) \
++static inline void *kmalloc(size_t size, int v)
++{
++	return malloc(size);
++}
++
++static inline void kfree(void *p)
++{
++	free(p);
++}
++
++static inline int get_random_bytes(uint32_t *temp, size_t size)
++{
++	return rand();
++}
++
++extern uint32_t jiffies;
++
++#define err_report(priority,x,y...) \
+   do {\
+     if (priority <= err_level) {\
+-       printk(__VA_ARGS__);\
++       printf(x,##y);\
+     }\
+   }while(0)
+ 
+ #define clock()	(jiffies)
+ #define time(x)	(jiffies)
+ 
+-/* rand() implementation. */
+-#define RAND_MAX	32767
+-
+-static inline int rand(void)
+-{
+-	uint32_t temp;
+-	get_random_bytes(&temp, sizeof(temp));
+-	return temp % (RAND_MAX+1);
+-}
+-
+-/* stdio/stdlib implementation. */
+-#define printf(...)	printk(__VA_ARGS__)
+-#define exit(n)	panic("%s:%d: exit(%d)\n", __FILE__, __LINE__, (n))
++#define GFP_ATOMIC 0
++#define GFP_KERNEL 1
+ 
+ #endif /* SRTP_KERNEL_LINUX */
+ 
+Index: srtp-1.4.2/crypto/kernel/alloc.c
+===================================================================
+--- srtp-1.4.2.orig/crypto/kernel/alloc.c
++++ srtp-1.4.2/crypto/kernel/alloc.c
+@@ -63,8 +63,6 @@ debug_module_t mod_alloc = {
+ 
+ #ifdef SRTP_KERNEL_LINUX
+ 
+-#include <linux/interrupt.h>
+-
+ void *
+ crypto_alloc(size_t size) {
+   void *ptr;
+Index: srtp-1.4.2/crypto/replay/ut_sim.c
+===================================================================
+--- srtp-1.4.2.orig/crypto/replay/ut_sim.c
++++ srtp-1.4.2/crypto/replay/ut_sim.c
+@@ -46,7 +46,7 @@
+ 
+ 
+ #include "ut_sim.h"
+-
++#include <stdlib.h>
+ 
+ int
+ ut_compar(const void *a, const void *b) {
+Index: srtp-1.4.2/srtp/srtp.c
+===================================================================
+--- srtp-1.4.2.orig/srtp/srtp.c
++++ srtp-1.4.2/srtp/srtp.c
+@@ -706,10 +706,10 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
+      iv.v32[0] = 0;
+      iv.v32[1] = hdr->ssrc;
+ #ifdef NO_64BIT_MATH
+-     iv.v64[1] = be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16),
++     iv.v64[1] = __be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16),
+ 								 low32(est) << 16));
+ #else
+-     iv.v64[1] = be64_to_cpu(est << 16);
++     iv.v64[1] = __be64_to_cpu(est << 16);
+ #endif
+      status = cipher_set_iv(stream->rtp_cipher, &iv);
+ 
+@@ -723,7 +723,7 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
+ #else
+      iv.v64[0] = 0;
+ #endif
+-     iv.v64[1] = be64_to_cpu(est);
++     iv.v64[1] = __be64_to_cpu(est);
+      status = cipher_set_iv(stream->rtp_cipher, &iv);
+    }
+    if (status)
+@@ -731,11 +731,11 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
+ 
+    /* shift est, put into network byte order */
+ #ifdef NO_64BIT_MATH
+-   est = be64_to_cpu(make64((high32(est) << 16) |
++   est = __be64_to_cpu(make64((high32(est) << 16) |
+ 						 (low32(est) >> 16),
+ 						 low32(est) << 16));
+ #else
+-   est = be64_to_cpu(est << 16);
++   est = __be64_to_cpu(est << 16);
+ #endif
+    
+    /* 
+@@ -883,10 +883,10 @@ srtp_unprotect(srtp_ctx_t *ctx, void *sr
+     iv.v32[0] = 0;
+     iv.v32[1] = hdr->ssrc;  /* still in network order */
+ #ifdef NO_64BIT_MATH
+-    iv.v64[1] = be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16),
++    iv.v64[1] = __be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16),
+ 			         low32(est) << 16));
+ #else
+-    iv.v64[1] = be64_to_cpu(est << 16);
++    iv.v64[1] = __be64_to_cpu(est << 16);
+ #endif
+     status = aes_icm_set_iv(stream->rtp_cipher->state, &iv);
+   } else {  
+@@ -898,7 +898,7 @@ srtp_unprotect(srtp_ctx_t *ctx, void *sr
+ #else
+     iv.v64[0] = 0;
+ #endif
+-    iv.v64[1] = be64_to_cpu(est);
++    iv.v64[1] = __be64_to_cpu(est);
+     status = cipher_set_iv(stream->rtp_cipher, &iv);
+   }
+   if (status)
+@@ -906,11 +906,11 @@ srtp_unprotect(srtp_ctx_t *ctx, void *sr
+ 
+   /* shift est, put into network byte order */
+ #ifdef NO_64BIT_MATH
+-  est = be64_to_cpu(make64((high32(est) << 16) |
++  est = __be64_to_cpu(make64((high32(est) << 16) |
+ 					    (low32(est) >> 16),
+ 					    low32(est) << 16));
+ #else
+-  est = be64_to_cpu(est << 16);
++  est = __be64_to_cpu(est << 16);
+ #endif
+ 
+   /*
+Index: srtp-1.4.2/crypto/hash/hmac.c
+===================================================================
+--- srtp-1.4.2.orig/crypto/hash/hmac.c
++++ srtp-1.4.2/crypto/hash/hmac.c
+@@ -44,6 +44,7 @@
+ 
+ #include "hmac.h" 
+ #include "alloc.h"
++#include <string.h>
+ 
+ /* the debug module for authentiation */
+ 
+Index: srtp-1.4.2/crypto/hash/sha1.c
+===================================================================
+--- srtp-1.4.2.orig/crypto/hash/sha1.c
++++ srtp-1.4.2/crypto/hash/sha1.c
+@@ -115,22 +115,22 @@ sha1_core(const uint32_t M[16], uint32_t
+ 
+   /* copy/xor message into array */
+     
+-  W[0]  = be32_to_cpu(M[0]);
+-  W[1]  = be32_to_cpu(M[1]);
+-  W[2]  = be32_to_cpu(M[2]);
+-  W[3]  = be32_to_cpu(M[3]);
+-  W[4]  = be32_to_cpu(M[4]);
+-  W[5]  = be32_to_cpu(M[5]);
+-  W[6]  = be32_to_cpu(M[6]);
+-  W[7]  = be32_to_cpu(M[7]);
+-  W[8]  = be32_to_cpu(M[8]);
+-  W[9]  = be32_to_cpu(M[9]);
+-  W[10] = be32_to_cpu(M[10]);
+-  W[11] = be32_to_cpu(M[11]);
+-  W[12] = be32_to_cpu(M[12]);
+-  W[13] = be32_to_cpu(M[13]);
+-  W[14] = be32_to_cpu(M[14]);
+-  W[15] = be32_to_cpu(M[15]);
++  W[0]  = __be32_to_cpu(M[0]);
++  W[1]  = __be32_to_cpu(M[1]);
++  W[2]  = __be32_to_cpu(M[2]);
++  W[3]  = __be32_to_cpu(M[3]);
++  W[4]  = __be32_to_cpu(M[4]);
++  W[5]  = __be32_to_cpu(M[5]);
++  W[6]  = __be32_to_cpu(M[6]);
++  W[7]  = __be32_to_cpu(M[7]);
++  W[8]  = __be32_to_cpu(M[8]);
++  W[9]  = __be32_to_cpu(M[9]);
++  W[10] = __be32_to_cpu(M[10]);
++  W[11] = __be32_to_cpu(M[11]);
++  W[12] = __be32_to_cpu(M[12]);
++  W[13] = __be32_to_cpu(M[13]);
++  W[14] = __be32_to_cpu(M[14]);
++  W[15] = __be32_to_cpu(M[15]);
+   TEMP = W[13] ^ W[8]  ^ W[2]  ^ W[0];  W[16] = S1(TEMP);
+   TEMP = W[14] ^ W[9]  ^ W[3]  ^ W[1];  W[17] = S1(TEMP);
+   TEMP = W[15] ^ W[10] ^ W[4]  ^ W[2];  W[18] = S1(TEMP);
+@@ -263,20 +263,20 @@ sha1_final(sha1_ctx_t *ctx, uint32_t *ou
+     
+     /* copy/xor message into array */
+     for (i=0; i < (ctx->octets_in_buffer+3)/4; i++) 
+-      W[i]  = be32_to_cpu(ctx->M[i]);
++      W[i]  = __be32_to_cpu(ctx->M[i]);
+ 
+     /* set the high bit of the octet immediately following the message */
+     switch (tail) {
+     case (3):
+-      W[i-1] = (be32_to_cpu(ctx->M[i-1]) & 0xffffff00) | 0x80;
++      W[i-1] = (__be32_to_cpu(ctx->M[i-1]) & 0xffffff00) | 0x80;
+       W[i] = 0x0;
+       break;
+     case (2):      
+-      W[i-1] = (be32_to_cpu(ctx->M[i-1]) & 0xffff0000) | 0x8000;
++      W[i-1] = (__be32_to_cpu(ctx->M[i-1]) & 0xffff0000) | 0x8000;
+       W[i] = 0x0;
+       break;
+     case (1):
+-      W[i-1] = (be32_to_cpu(ctx->M[i-1]) & 0xff000000) | 0x800000;
++      W[i-1] = (__be32_to_cpu(ctx->M[i-1]) & 0xff000000) | 0x800000;
+       W[i] = 0x0;
+       break;
+     case (0):
+@@ -388,11 +388,11 @@ sha1_final(sha1_ctx_t *ctx, uint32_t *ou
+   }
+ 
+   /* copy result into output buffer */
+-  output[0] = be32_to_cpu(ctx->H[0]);
+-  output[1] = be32_to_cpu(ctx->H[1]);
+-  output[2] = be32_to_cpu(ctx->H[2]);
+-  output[3] = be32_to_cpu(ctx->H[3]);
+-  output[4] = be32_to_cpu(ctx->H[4]);
++  output[0] = __be32_to_cpu(ctx->H[0]);
++  output[1] = __be32_to_cpu(ctx->H[1]);
++  output[2] = __be32_to_cpu(ctx->H[2]);
++  output[3] = __be32_to_cpu(ctx->H[3]);
++  output[4] = __be32_to_cpu(ctx->H[4]);
+ 
+   /* indicate that message buffer in context is empty */
+   ctx->octets_in_buffer = 0;
diff --git a/patches/srtp-1.4.2/improve_machine_type_detection.diff b/patches/srtp-1.4.2/improve_machine_type_detection.diff
new file mode 100644
index 0000000..cf1be7d
--- /dev/null
+++ b/patches/srtp-1.4.2/improve_machine_type_detection.diff
@@ -0,0 +1,21 @@
+From: Juergen Beisert <jbe@pengutronix.de>
+Subject: ARM is also a RISC architecture
+Signed-off-by: Juergen Beisert <jbe@pengutronix.de>
+---
+ configure.in |    3 +++
+ 1 file changed, 3 insertions(+)
+
+Index: srtp-1.4.2/configure.in
+===================================================================
+--- srtp-1.4.2.orig/configure.in
++++ srtp-1.4.2/configure.in
+@@ -108,6 +108,9 @@ case $host_cpu in
+ 	   [Define if building for a CISC machine (e.g. Intel).])
+         AC_DEFINE(HAVE_X86, 1,
+ 	   [Define to use X86 inlined assembly code]);; 
++	arm )
++		AC_DEFINE(CPU_RISC, 1, [ARM architecture is of type RISC])
++		;;
+ 	* )
+ 	# CPU_RISC is only supported for big endian machines.
+ 	if test "$ac_cv_c_bigendian" = "yes"; then
diff --git a/patches/srtp-1.4.2/series b/patches/srtp-1.4.2/series
new file mode 100644
index 0000000..3267115
--- /dev/null
+++ b/patches/srtp-1.4.2/series
@@ -0,0 +1,3 @@
+improve_machine_type_detection.diff
+fix_endianess_handling.diff
+fix_clock_handling.diff
diff --git a/rules/libsrtp.in b/rules/libsrtp.in
new file mode 100644
index 0000000..af073ce
--- /dev/null
+++ b/rules/libsrtp.in
@@ -0,0 +1,19 @@
+## SECTION=system_libraries
+
+menuconfig LIBSRTP
+	tristate
+	prompt "libSRTP                       "
+	help
+	  The libSRTP library is an open-source implementation of the Secure
+	  Real-time Transport Protocol (SRTP) originally authored by Cisco
+	  Systems, Inc.
+
+if LIBSRTP
+
+config LIBSRTP_DEBUG
+	bool
+	prompt "enable debug"
+	help
+	  Make the library larger and more noisy.
+
+endif
diff --git a/rules/libsrtp.make b/rules/libsrtp.make
new file mode 100644
index 0000000..b915976
--- /dev/null
+++ b/rules/libsrtp.make
@@ -0,0 +1,57 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2011 by Juergen Beisert <jbe@pengutronix.de>
+#
+# See CREDITS for details about who has contributed to this project.
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+PACKAGES-$(PTXCONF_LIBSRTP) += libsrtp
+
+#
+# Paths and names
+#
+LIBSRTP_VERSION	:= 1.4.2
+LIBSRTP_MD5	:= 7b0ffbfad9bbaf33d397027e031cb35a
+LIBSRTP		:= srtp-$(LIBSRTP_VERSION)
+LIBSRTP_SUFFIX	:= tgz
+LIBSRTP_URL	:= http://srtp.sourceforge.net/$(LIBSRTP).$(LIBSRTP_SUFFIX)
+LIBSRTP_SOURCE	:= $(SRCDIR)/$(LIBSRTP).$(LIBSRTP_SUFFIX)
+LIBSRTP_DIR	:= $(BUILDDIR)/$(LIBSRTP)
+LIBSRTP_LICENSE	:= BSD
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+#
+# autoconf
+#
+LIBSRTP_CONF_TOOL	:= autoconf
+LIBSRTP_CONF_OPT	:= \
+	$(CROSS_AUTOCONF_USR) \
+	--enable-pic \
+	--enable-kernel-linux \
+	--$(call ptx/endis, PTXCONF_LIBSRTP_DEBUG)-debug \
+	--enable-generic-aesicm \
+	--$(call ptx/endis, PTXCONF_LIBSRTP_DEBUG)-syslog \
+	--$(call ptx/endis, PTXCONF_LIBSRTP_DEBUG)-stdout \
+	--disable-console \
+	--disable-gdoi
+
+LIBSRTP_MAKE_OPT := libsrtp.a
+
+# ----------------------------------------------------------------------------
+# Target-Install (this package builds a static library only)
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/libsrtp.targetinstall:
+	@$(call targetinfo)
+	@$(call touch)
+
+# vim: syntax=make

-- 
Pengutronix e.K.                              | Juergen Beisert             |
Linux Solutions for Science and Industry      | http://www.pengutronix.de/  |

-- 
ptxdist mailing list
ptxdist@pengutronix.de