From: Michael Olbrich <m.olbrich@pengutronix.de>
To: ptxdist@pengutronix.de
Subject: Re: [ptxdist] libSRTP: a Secure Realtime Transport Protocol
Date: Fri, 6 Apr 2012 08:10:14 +0200 [thread overview]
Message-ID: <20120406061014.GA28453@pengutronix.de> (raw)
In-Reply-To: <201204041005.27880.jbe@pengutronix.de>
On Wed, Apr 04, 2012 at 10:05:27AM +0200, Juergen Beisert wrote:
> Signed-off-by: Juergen Beisert <jbe@pengutronix.de>
>
> diff --git a/patches/srtp-1.4.2/autogen.sh b/patches/srtp-1.4.2/autogen.sh
> new file mode 120000
> index 0000000..9f8a4cb
> --- /dev/null
> +++ b/patches/srtp-1.4.2/autogen.sh
> @@ -0,0 +1 @@
> +../autogen.sh
> \ No newline at end of file
> diff --git a/patches/srtp-1.4.2/fix_clock_handling.diff b/patches/srtp-1.4.2/fix_clock_handling.diff
> new file mode 100644
> index 0000000..45e2a06
> --- /dev/null
> +++ b/patches/srtp-1.4.2/fix_clock_handling.diff
> @@ -0,0 +1,30 @@
> +From: Juergen Beisert <jbe@pengutronix.de>
> +Subject: Remove kernel's timing information
> +Signed-off-by: Juergen Beisert <jbe@pengutronix.de>
> +---
> + crypto/include/kernel_compat.h | 5 -----
> + 1 file changed, 5 deletions(-)
> +
> +Index: srtp-1.4.2/crypto/include/kernel_compat.h
> +===================================================================
> +--- srtp-1.4.2.orig/crypto/include/kernel_compat.h
> ++++ srtp-1.4.2/crypto/include/kernel_compat.h
> +@@ -78,8 +78,6 @@ static inline int get_random_bytes(uint3
> + return rand();
> + }
> +
> +-extern uint32_t jiffies;
> +-
> + #define err_report(priority,x,y...) \
> + do {\
> + if (priority <= err_level) {\
> +@@ -87,9 +85,6 @@ extern uint32_t jiffies;
> + }\
> + }while(0)
> +
> +-#define clock() (jiffies)
> +-#define time(x) (jiffies)
> +-
> + #define GFP_ATOMIC 0
> + #define GFP_KERNEL 1
> +
> diff --git a/patches/srtp-1.4.2/fix_endianess_handling.diff b/patches/srtp-1.4.2/fix_endianess_handling.diff
> new file mode 100644
> index 0000000..b12c594
> --- /dev/null
> +++ b/patches/srtp-1.4.2/fix_endianess_handling.diff
> @@ -0,0 +1,286 @@
> +From: Juergen Beisert <jbe@pengutronix.de>
> +Subject: Fix endianess handling
> +Signed-off-by: Juergen Beisert <jbe@pengutronix.de>
> +---
> + crypto/hash/hmac.c | 1
> + crypto/hash/sha1.c | 50 ++++++++++++++++++-------------------
> + crypto/include/kernel_compat.h | 54 +++++++++++++++++++++++++----------------
> + crypto/kernel/alloc.c | 2 -
> + crypto/replay/ut_sim.c | 2 -
> + srtp/srtp.c | 20 +++++++--------
> + 6 files changed, 71 insertions(+), 58 deletions(-)
> +
> +Index: srtp-1.4.2/crypto/include/kernel_compat.h
> +===================================================================
> +--- srtp-1.4.2.orig/crypto/include/kernel_compat.h
> ++++ srtp-1.4.2/crypto/include/kernel_compat.h
> +@@ -48,36 +48,50 @@
> +
> + #ifdef SRTP_KERNEL_LINUX
> +
> +-#include <linux/kernel.h>
> +-#include <linux/slab.h>
> +-#include <linux/sched.h>
> +-#include <linux/random.h>
> +-#include <linux/byteorder/generic.h>
> ++#include <stdint.h>
> ++#include <stdio.h>
> ++#include <time.h>
> ++#include <asm/byteorder.h>
> ++#include <unistd.h>
> ++#include <stdlib.h>
> ++#include <string.h>
> ++
> ++#define ntohl __be32_to_cpu
> ++#define htonl __cpu_to_be32
> ++#define htons __cpu_to_be16
> ++#define ntohs __be16_to_cpu
> +
> ++#define in_interrupt() 0
> +
> +-#define err_report(priority, ...) \
> ++static inline void *kmalloc(size_t size, int v)
> ++{
> ++ return malloc(size);
> ++}
> ++
> ++static inline void kfree(void *p)
> ++{
> ++ free(p);
> ++}
> ++
> ++static inline int get_random_bytes(uint32_t *temp, size_t size)
> ++{
> ++ return rand();
> ++}
> ++
> ++extern uint32_t jiffies;
> ++
> ++#define err_report(priority,x,y...) \
> + do {\
> + if (priority <= err_level) {\
> +- printk(__VA_ARGS__);\
> ++ printf(x,##y);\
> + }\
> + }while(0)
> +
> + #define clock() (jiffies)
> + #define time(x) (jiffies)
> +
> +-/* rand() implementation. */
> +-#define RAND_MAX 32767
> +-
> +-static inline int rand(void)
> +-{
> +- uint32_t temp;
> +- get_random_bytes(&temp, sizeof(temp));
> +- return temp % (RAND_MAX+1);
> +-}
> +-
> +-/* stdio/stdlib implementation. */
> +-#define printf(...) printk(__VA_ARGS__)
> +-#define exit(n) panic("%s:%d: exit(%d)\n", __FILE__, __LINE__, (n))
> ++#define GFP_ATOMIC 0
> ++#define GFP_KERNEL 1
> +
> + #endif /* SRTP_KERNEL_LINUX */
> +
> +Index: srtp-1.4.2/crypto/kernel/alloc.c
> +===================================================================
> +--- srtp-1.4.2.orig/crypto/kernel/alloc.c
> ++++ srtp-1.4.2/crypto/kernel/alloc.c
> +@@ -63,8 +63,6 @@ debug_module_t mod_alloc = {
> +
> + #ifdef SRTP_KERNEL_LINUX
> +
> +-#include <linux/interrupt.h>
> +-
> + void *
> + crypto_alloc(size_t size) {
> + void *ptr;
> +Index: srtp-1.4.2/crypto/replay/ut_sim.c
> +===================================================================
> +--- srtp-1.4.2.orig/crypto/replay/ut_sim.c
> ++++ srtp-1.4.2/crypto/replay/ut_sim.c
> +@@ -46,7 +46,7 @@
> +
> +
> + #include "ut_sim.h"
> +-
> ++#include <stdlib.h>
> +
> + int
> + ut_compar(const void *a, const void *b) {
> +Index: srtp-1.4.2/srtp/srtp.c
> +===================================================================
> +--- srtp-1.4.2.orig/srtp/srtp.c
> ++++ srtp-1.4.2/srtp/srtp.c
> +@@ -706,10 +706,10 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
> + iv.v32[0] = 0;
> + iv.v32[1] = hdr->ssrc;
> + #ifdef NO_64BIT_MATH
> +- iv.v64[1] = be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16),
> ++ iv.v64[1] = __be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16),
> + low32(est) << 16));
> + #else
> +- iv.v64[1] = be64_to_cpu(est << 16);
> ++ iv.v64[1] = __be64_to_cpu(est << 16);
> + #endif
> + status = cipher_set_iv(stream->rtp_cipher, &iv);
> +
> +@@ -723,7 +723,7 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
> + #else
> + iv.v64[0] = 0;
> + #endif
> +- iv.v64[1] = be64_to_cpu(est);
> ++ iv.v64[1] = __be64_to_cpu(est);
> + status = cipher_set_iv(stream->rtp_cipher, &iv);
> + }
> + if (status)
> +@@ -731,11 +731,11 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
> +
> + /* shift est, put into network byte order */
> + #ifdef NO_64BIT_MATH
> +- est = be64_to_cpu(make64((high32(est) << 16) |
> ++ est = __be64_to_cpu(make64((high32(est) << 16) |
> + (low32(est) >> 16),
> + low32(est) << 16));
> + #else
> +- est = be64_to_cpu(est << 16);
> ++ est = __be64_to_cpu(est << 16);
> + #endif
> +
> + /*
> +@@ -883,10 +883,10 @@ srtp_unprotect(srtp_ctx_t *ctx, void *sr
> + iv.v32[0] = 0;
> + iv.v32[1] = hdr->ssrc; /* still in network order */
> + #ifdef NO_64BIT_MATH
> +- iv.v64[1] = be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16),
> ++ iv.v64[1] = __be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16),
> + low32(est) << 16));
> + #else
> +- iv.v64[1] = be64_to_cpu(est << 16);
> ++ iv.v64[1] = __be64_to_cpu(est << 16);
> + #endif
> + status = aes_icm_set_iv(stream->rtp_cipher->state, &iv);
> + } else {
> +@@ -898,7 +898,7 @@ srtp_unprotect(srtp_ctx_t *ctx, void *sr
> + #else
> + iv.v64[0] = 0;
> + #endif
> +- iv.v64[1] = be64_to_cpu(est);
> ++ iv.v64[1] = __be64_to_cpu(est);
> + status = cipher_set_iv(stream->rtp_cipher, &iv);
> + }
> + if (status)
> +@@ -906,11 +906,11 @@ srtp_unprotect(srtp_ctx_t *ctx, void *sr
> +
> + /* shift est, put into network byte order */
> + #ifdef NO_64BIT_MATH
> +- est = be64_to_cpu(make64((high32(est) << 16) |
> ++ est = __be64_to_cpu(make64((high32(est) << 16) |
> + (low32(est) >> 16),
> + low32(est) << 16));
> + #else
> +- est = be64_to_cpu(est << 16);
> ++ est = __be64_to_cpu(est << 16);
> + #endif
> +
> + /*
> +Index: srtp-1.4.2/crypto/hash/hmac.c
> +===================================================================
> +--- srtp-1.4.2.orig/crypto/hash/hmac.c
> ++++ srtp-1.4.2/crypto/hash/hmac.c
> +@@ -44,6 +44,7 @@
> +
> + #include "hmac.h"
> + #include "alloc.h"
> ++#include <string.h>
> +
> + /* the debug module for authentiation */
> +
> +Index: srtp-1.4.2/crypto/hash/sha1.c
> +===================================================================
> +--- srtp-1.4.2.orig/crypto/hash/sha1.c
> ++++ srtp-1.4.2/crypto/hash/sha1.c
> +@@ -115,22 +115,22 @@ sha1_core(const uint32_t M[16], uint32_t
> +
> + /* copy/xor message into array */
> +
> +- W[0] = be32_to_cpu(M[0]);
> +- W[1] = be32_to_cpu(M[1]);
> +- W[2] = be32_to_cpu(M[2]);
> +- W[3] = be32_to_cpu(M[3]);
> +- W[4] = be32_to_cpu(M[4]);
> +- W[5] = be32_to_cpu(M[5]);
> +- W[6] = be32_to_cpu(M[6]);
> +- W[7] = be32_to_cpu(M[7]);
> +- W[8] = be32_to_cpu(M[8]);
> +- W[9] = be32_to_cpu(M[9]);
> +- W[10] = be32_to_cpu(M[10]);
> +- W[11] = be32_to_cpu(M[11]);
> +- W[12] = be32_to_cpu(M[12]);
> +- W[13] = be32_to_cpu(M[13]);
> +- W[14] = be32_to_cpu(M[14]);
> +- W[15] = be32_to_cpu(M[15]);
> ++ W[0] = __be32_to_cpu(M[0]);
> ++ W[1] = __be32_to_cpu(M[1]);
> ++ W[2] = __be32_to_cpu(M[2]);
> ++ W[3] = __be32_to_cpu(M[3]);
> ++ W[4] = __be32_to_cpu(M[4]);
> ++ W[5] = __be32_to_cpu(M[5]);
> ++ W[6] = __be32_to_cpu(M[6]);
> ++ W[7] = __be32_to_cpu(M[7]);
> ++ W[8] = __be32_to_cpu(M[8]);
> ++ W[9] = __be32_to_cpu(M[9]);
> ++ W[10] = __be32_to_cpu(M[10]);
> ++ W[11] = __be32_to_cpu(M[11]);
> ++ W[12] = __be32_to_cpu(M[12]);
> ++ W[13] = __be32_to_cpu(M[13]);
> ++ W[14] = __be32_to_cpu(M[14]);
> ++ W[15] = __be32_to_cpu(M[15]);
> + TEMP = W[13] ^ W[8] ^ W[2] ^ W[0]; W[16] = S1(TEMP);
> + TEMP = W[14] ^ W[9] ^ W[3] ^ W[1]; W[17] = S1(TEMP);
> + TEMP = W[15] ^ W[10] ^ W[4] ^ W[2]; W[18] = S1(TEMP);
> +@@ -263,20 +263,20 @@ sha1_final(sha1_ctx_t *ctx, uint32_t *ou
> +
> + /* copy/xor message into array */
> + for (i=0; i < (ctx->octets_in_buffer+3)/4; i++)
> +- W[i] = be32_to_cpu(ctx->M[i]);
> ++ W[i] = __be32_to_cpu(ctx->M[i]);
> +
> + /* set the high bit of the octet immediately following the message */
> + switch (tail) {
> + case (3):
> +- W[i-1] = (be32_to_cpu(ctx->M[i-1]) & 0xffffff00) | 0x80;
> ++ W[i-1] = (__be32_to_cpu(ctx->M[i-1]) & 0xffffff00) | 0x80;
> + W[i] = 0x0;
> + break;
> + case (2):
> +- W[i-1] = (be32_to_cpu(ctx->M[i-1]) & 0xffff0000) | 0x8000;
> ++ W[i-1] = (__be32_to_cpu(ctx->M[i-1]) & 0xffff0000) | 0x8000;
> + W[i] = 0x0;
> + break;
> + case (1):
> +- W[i-1] = (be32_to_cpu(ctx->M[i-1]) & 0xff000000) | 0x800000;
> ++ W[i-1] = (__be32_to_cpu(ctx->M[i-1]) & 0xff000000) | 0x800000;
> + W[i] = 0x0;
> + break;
> + case (0):
> +@@ -388,11 +388,11 @@ sha1_final(sha1_ctx_t *ctx, uint32_t *ou
> + }
> +
> + /* copy result into output buffer */
> +- output[0] = be32_to_cpu(ctx->H[0]);
> +- output[1] = be32_to_cpu(ctx->H[1]);
> +- output[2] = be32_to_cpu(ctx->H[2]);
> +- output[3] = be32_to_cpu(ctx->H[3]);
> +- output[4] = be32_to_cpu(ctx->H[4]);
> ++ output[0] = __be32_to_cpu(ctx->H[0]);
> ++ output[1] = __be32_to_cpu(ctx->H[1]);
> ++ output[2] = __be32_to_cpu(ctx->H[2]);
> ++ output[3] = __be32_to_cpu(ctx->H[3]);
> ++ output[4] = __be32_to_cpu(ctx->H[4]);
> +
> + /* indicate that message buffer in context is empty */
> + ctx->octets_in_buffer = 0;
> diff --git a/patches/srtp-1.4.2/improve_machine_type_detection.diff b/patches/srtp-1.4.2/improve_machine_type_detection.diff
> new file mode 100644
> index 0000000..cf1be7d
> --- /dev/null
> +++ b/patches/srtp-1.4.2/improve_machine_type_detection.diff
> @@ -0,0 +1,21 @@
> +From: Juergen Beisert <jbe@pengutronix.de>
> +Subject: ARM is also a RISC architecture
> +Signed-off-by: Juergen Beisert <jbe@pengutronix.de>
> +---
> + configure.in | 3 +++
> + 1 file changed, 3 insertions(+)
> +
> +Index: srtp-1.4.2/configure.in
> +===================================================================
> +--- srtp-1.4.2.orig/configure.in
> ++++ srtp-1.4.2/configure.in
> +@@ -108,6 +108,9 @@ case $host_cpu in
> + [Define if building for a CISC machine (e.g. Intel).])
> + AC_DEFINE(HAVE_X86, 1,
> + [Define to use X86 inlined assembly code]);;
> ++ arm )
> ++ AC_DEFINE(CPU_RISC, 1, [ARM architecture is of type RISC])
> ++ ;;
> + * )
> + # CPU_RISC is only supported for big endian machines.
> + if test "$ac_cv_c_bigendian" = "yes"; then
> diff --git a/patches/srtp-1.4.2/series b/patches/srtp-1.4.2/series
> new file mode 100644
> index 0000000..3267115
> --- /dev/null
> +++ b/patches/srtp-1.4.2/series
> @@ -0,0 +1,3 @@
> +improve_machine_type_detection.diff
> +fix_endianess_handling.diff
> +fix_clock_handling.diff
> diff --git a/rules/libsrtp.in b/rules/libsrtp.in
> new file mode 100644
> index 0000000..af073ce
> --- /dev/null
> +++ b/rules/libsrtp.in
> @@ -0,0 +1,19 @@
> +## SECTION=system_libraries
> +
> +menuconfig LIBSRTP
> + tristate
> + prompt "libSRTP "
> + help
> + The libSRTP library is an open-source implementation of the Secure
> + Real-time Transport Protocol (SRTP) originally authored by Cisco
> + Systems, Inc.
> +
> +if LIBSRTP
> +
> +config LIBSRTP_DEBUG
> + bool
> + prompt "enable debug"
> + help
> + Make the library larger and more noisy.
> +
> +endif
> diff --git a/rules/libsrtp.make b/rules/libsrtp.make
> new file mode 100644
> index 0000000..b915976
> --- /dev/null
> +++ b/rules/libsrtp.make
> @@ -0,0 +1,57 @@
> +# -*-makefile-*-
> +#
> +# Copyright (C) 2011 by Juergen Beisert <jbe@pengutronix.de>
> +#
> +# See CREDITS for details about who has contributed to this project.
> +#
> +# For further information about the PTXdist project and license conditions
> +# see the README file.
> +#
> +
> +#
> +# We provide this package
> +#
> +PACKAGES-$(PTXCONF_LIBSRTP) += libsrtp
> +
> +#
> +# Paths and names
> +#
> +LIBSRTP_VERSION := 1.4.2
> +LIBSRTP_MD5 := 7b0ffbfad9bbaf33d397027e031cb35a
> +LIBSRTP := srtp-$(LIBSRTP_VERSION)
> +LIBSRTP_SUFFIX := tgz
> +LIBSRTP_URL := http://srtp.sourceforge.net/$(LIBSRTP).$(LIBSRTP_SUFFIX)
Ok, now I'm confused. I can download this, but on the SF page I only find
version 1.4.0 and 1.4.4. I guess 1.4.4 is the latest and use
$(call ptx/mirror, SF, srtp/$(LIBSRTP).$(LIBSRTP_SUFFIX)) (I think).
Michael
> +LIBSRTP_SOURCE := $(SRCDIR)/$(LIBSRTP).$(LIBSRTP_SUFFIX)
> +LIBSRTP_DIR := $(BUILDDIR)/$(LIBSRTP)
> +LIBSRTP_LICENSE := BSD
> +
> +# ----------------------------------------------------------------------------
> +# Prepare
> +# ----------------------------------------------------------------------------
> +
> +#
> +# autoconf
> +#
> +LIBSRTP_CONF_TOOL := autoconf
> +LIBSRTP_CONF_OPT := \
> + $(CROSS_AUTOCONF_USR) \
> + --enable-pic \
> + --enable-kernel-linux \
> + --$(call ptx/endis, PTXCONF_LIBSRTP_DEBUG)-debug \
> + --enable-generic-aesicm \
> + --$(call ptx/endis, PTXCONF_LIBSRTP_DEBUG)-syslog \
> + --$(call ptx/endis, PTXCONF_LIBSRTP_DEBUG)-stdout \
> + --disable-console \
> + --disable-gdoi
> +
> +LIBSRTP_MAKE_OPT := libsrtp.a
No shared library? That sucks.
> +
> +# ----------------------------------------------------------------------------
> +# Target-Install (this package builds a static library only)
> +# ----------------------------------------------------------------------------
> +
> +$(STATEDIR)/libsrtp.targetinstall:
> + @$(call targetinfo)
> + @$(call touch)
just remove the whole stage.
Michael
> +
> +# vim: syntax=make
>
> --
> Pengutronix e.K. | Juergen Beisert |
> Linux Solutions for Science and Industry | http://www.pengutronix.de/ |
>
> --
> ptxdist mailing list
> ptxdist@pengutronix.de
>
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
--
ptxdist mailing list
ptxdist@pengutronix.de
prev parent reply other threads:[~2012-04-06 6:10 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-04-04 8:05 Juergen Beisert
2012-04-06 6:10 ` Michael Olbrich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120406061014.GA28453@pengutronix.de \
--to=m.olbrich@pengutronix.de \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox