rtpw.c (21815B)
1 /* 2 * rtpw.c 3 * 4 * rtp word sender/receiver 5 * 6 * David A. McGrew 7 * Cisco Systems, Inc. 8 * 9 * This app is a simple RTP application intended only for testing 10 * libsrtp. It reads one word at a time from words.txt (or 11 * whatever file is specified as DICT_FILE or with -w), and sends one word out 12 * each USEC_RATE microseconds. Secure RTP protections can be 13 * applied. See the usage() function for more details. 14 * 15 */ 16 17 /* 18 * 19 * Copyright (c) 2001-2017, Cisco Systems, Inc. 20 * All rights reserved. 21 * 22 * Redistribution and use in source and binary forms, with or without 23 * modification, are permitted provided that the following conditions 24 * are met: 25 * 26 * Redistributions of source code must retain the above copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 29 * Redistributions in binary form must reproduce the above 30 * copyright notice, this list of conditions and the following 31 * disclaimer in the documentation and/or other materials provided 32 * with the distribution. 33 * 34 * Neither the name of the Cisco Systems, Inc. nor the names of its 35 * contributors may be used to endorse or promote products derived 36 * from this software without specific prior written permission. 37 * 38 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 39 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 40 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 41 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 42 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 43 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 44 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 45 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49 * OF THE POSSIBILITY OF SUCH DAMAGE. 50 * 51 */ 52 53 #ifdef HAVE_CONFIG_H 54 #include <config.h> 55 #endif 56 57 #include "getopt_s.h" /* for local getopt() */ 58 59 #include <stdio.h> /* for printf, fprintf */ 60 #include <stdlib.h> /* for atoi() */ 61 #include <errno.h> 62 #include <signal.h> /* for signal() */ 63 64 #include <string.h> /* for strncpy() */ 65 #include <time.h> /* for usleep() */ 66 67 #ifdef HAVE_UNISTD_H 68 #include <unistd.h> /* for close() */ 69 #elif defined(_MSC_VER) 70 #include <io.h> /* for _close() */ 71 #define close _close 72 #endif 73 #ifdef HAVE_SYS_SOCKET_H 74 #include <sys/socket.h> 75 #endif 76 #ifdef HAVE_NETINET_IN_H 77 #include <netinet/in.h> 78 #elif defined HAVE_WINSOCK2_H 79 #include <winsock2.h> 80 #include <ws2tcpip.h> 81 #define RTPW_USE_WINSOCK2 1 82 #endif 83 #ifdef HAVE_ARPA_INET_H 84 #include <arpa/inet.h> 85 #endif 86 87 #include "srtp.h" 88 #include "rtp.h" 89 #include "util.h" 90 91 #define DICT_FILE "words.txt" 92 #define USEC_RATE (5e5) 93 #define MAX_WORD_LEN 128 94 #define ADDR_IS_MULTICAST(a) IN_MULTICAST(htonl(a)) 95 #define MAX_KEY_LEN 96 96 97 #ifndef HAVE_USLEEP 98 #ifdef HAVE_WINDOWS_H 99 #define usleep(us) Sleep(((DWORD)us) / 1000) 100 #else 101 #define usleep(us) sleep((us) / 1000000) 102 #endif 103 #endif 104 105 /* 106 * the function usage() prints an error message describing how this 107 * program should be called, then calls exit() 108 */ 109 110 void usage(char *prog_name); 111 112 /* 113 * leave_group(...) de-registers from a multicast group 114 */ 115 116 void leave_group(int sock, struct ip_mreq mreq, char *name); 117 118 /* 119 * setup_signal_handler() sets up a signal handler to trigger 120 * cleanups after an interrupt 121 */ 122 int setup_signal_handler(char *name); 123 124 /* 125 * handle_signal(...) handles interrupt signal to trigger cleanups 126 */ 127 128 volatile int interrupted = 0; 129 130 /* 131 * program_type distinguishes the [s]rtp sender and receiver cases 132 */ 133 134 typedef enum { sender, receiver, unknown } program_type; 135 136 int main(int argc, char *argv[]) 137 { 138 char *dictfile = DICT_FILE; 139 FILE *dict; 140 char word[MAX_WORD_LEN]; 141 int sock, ret; 142 struct in_addr rcvr_addr; 143 struct sockaddr_in name; 144 struct ip_mreq mreq; 145 #if BEW 146 struct sockaddr_in local; 147 #endif 148 program_type prog_type = unknown; 149 srtp_sec_serv_t sec_servs = sec_serv_none; 150 unsigned char ttl = 5; 151 int c; 152 int key_size = 128; 153 int tag_size = 8; 154 int gcm_on = 0; 155 char *input_key = NULL; 156 int b64_input = 0; 157 char *address = NULL; 158 char key[MAX_KEY_LEN]; 159 unsigned short port = 0; 160 rtp_sender_t snd; 161 srtp_policy_t policy; 162 srtp_err_status_t status; 163 int len; 164 int expected_len; 165 int do_list_mods = 0; 166 uint32_t ssrc = 0xdeadbeef; /* ssrc value hardcoded for now */ 167 #ifdef RTPW_USE_WINSOCK2 168 WORD wVersionRequested = MAKEWORD(2, 0); 169 WSADATA wsaData; 170 171 ret = WSAStartup(wVersionRequested, &wsaData); 172 if (ret != 0) { 173 fprintf(stderr, "error: WSAStartup() failed: %d\n", ret); 174 exit(1); 175 } 176 #endif 177 178 memset(&policy, 0x0, sizeof(srtp_policy_t)); 179 180 printf("Using %s [0x%x]\n", srtp_get_version_string(), srtp_get_version()); 181 182 if (setup_signal_handler(argv[0]) != 0) { 183 exit(1); 184 } 185 186 /* initialize srtp library */ 187 status = srtp_init(); 188 if (status) { 189 printf("error: srtp initialization failed with error code %d\n", 190 status); 191 exit(1); 192 } 193 194 /* check args */ 195 while (1) { 196 c = getopt_s(argc, argv, "b:k:rsgt:ae:ld:w:"); 197 if (c == -1) { 198 break; 199 } 200 switch (c) { 201 case 'b': 202 b64_input = 1; 203 /* fall thru */ 204 case 'k': 205 input_key = optarg_s; 206 break; 207 case 'e': 208 key_size = atoi(optarg_s); 209 if (key_size != 128 && key_size != 256) { 210 printf("error: encryption key size must be 128 or 256 (%d)\n", 211 key_size); 212 exit(1); 213 } 214 sec_servs |= sec_serv_conf; 215 break; 216 case 't': 217 tag_size = atoi(optarg_s); 218 if (tag_size != 8 && tag_size != 16) { 219 printf("error: GCM tag size must be 8 or 16 (%d)\n", tag_size); 220 exit(1); 221 } 222 break; 223 case 'a': 224 sec_servs |= sec_serv_auth; 225 break; 226 case 'g': 227 gcm_on = 1; 228 sec_servs |= sec_serv_auth; 229 break; 230 case 'r': 231 prog_type = receiver; 232 break; 233 case 's': 234 prog_type = sender; 235 break; 236 case 'd': 237 status = srtp_set_debug_module(optarg_s, 1); 238 if (status) { 239 printf("error: set debug module (%s) failed\n", optarg_s); 240 exit(1); 241 } 242 break; 243 case 'l': 244 do_list_mods = 1; 245 break; 246 case 'w': 247 dictfile = optarg_s; 248 break; 249 default: 250 usage(argv[0]); 251 } 252 } 253 254 if (prog_type == unknown) { 255 if (do_list_mods) { 256 status = srtp_list_debug_modules(); 257 if (status) { 258 printf("error: list of debug modules failed\n"); 259 exit(1); 260 } 261 return 0; 262 } else { 263 printf("error: neither sender [-s] nor receiver [-r] specified\n"); 264 usage(argv[0]); 265 } 266 } 267 268 if ((sec_servs && !input_key) || (!sec_servs && input_key)) { 269 /* 270 * a key must be provided if and only if security services have 271 * been requested 272 */ 273 usage(argv[0]); 274 } 275 276 if (argc != optind_s + 2) { 277 /* wrong number of arguments */ 278 usage(argv[0]); 279 } 280 281 /* get address from arg */ 282 address = argv[optind_s++]; 283 284 /* get port from arg */ 285 port = atoi(argv[optind_s++]); 286 287 /* set address */ 288 #ifdef HAVE_INET_PTON 289 if (0 == inet_pton(AF_INET, address, &rcvr_addr)) { 290 fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], 291 address); 292 exit(1); 293 } 294 if (rcvr_addr.s_addr == INADDR_NONE) { 295 fprintf(stderr, "%s: address error", argv[0]); 296 exit(1); 297 } 298 #elif HAVE_INET_ATON 299 if (0 == inet_aton(address, &rcvr_addr)) { 300 fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], 301 address); 302 exit(1); 303 } 304 if (rcvr_addr.s_addr == INADDR_NONE) { 305 fprintf(stderr, "%s: address error", argv[0]); 306 exit(1); 307 } 308 #else 309 rcvr_addr.s_addr = inet_addr(address); 310 if (0xffffffff == rcvr_addr.s_addr) { 311 fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], 312 address); 313 exit(1); 314 } 315 #endif 316 317 /* open socket */ 318 sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP); 319 if (sock < 0) { 320 int err; 321 #ifdef RTPW_USE_WINSOCK2 322 err = WSAGetLastError(); 323 #else 324 err = errno; 325 #endif 326 fprintf(stderr, "%s: couldn't open socket: %d\n", argv[0], err); 327 exit(1); 328 } 329 330 memset(&name, 0, sizeof(struct sockaddr_in)); 331 name.sin_addr = rcvr_addr; 332 name.sin_family = PF_INET; 333 name.sin_port = htons(port); 334 335 if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { 336 if (prog_type == sender) { 337 ret = setsockopt(sock, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, 338 sizeof(ttl)); 339 if (ret < 0) { 340 fprintf(stderr, "%s: Failed to set TTL for multicast group", 341 argv[0]); 342 perror(""); 343 exit(1); 344 } 345 } 346 347 mreq.imr_multiaddr.s_addr = rcvr_addr.s_addr; 348 mreq.imr_interface.s_addr = htonl(INADDR_ANY); 349 ret = setsockopt(sock, IPPROTO_IP, IP_ADD_MEMBERSHIP, (void *)&mreq, 350 sizeof(mreq)); 351 if (ret < 0) { 352 fprintf(stderr, "%s: Failed to join multicast group", argv[0]); 353 perror(""); 354 exit(1); 355 } 356 } 357 358 /* report security services selected on the command line */ 359 printf("security services: "); 360 if (sec_servs & sec_serv_conf) 361 printf("confidentiality "); 362 if (sec_servs & sec_serv_auth) 363 printf("message authentication"); 364 if (sec_servs == sec_serv_none) 365 printf("none"); 366 printf("\n"); 367 368 /* set up the srtp policy and master key */ 369 if (sec_servs) { 370 /* 371 * create policy structure, using the default mechanisms but 372 * with only the security services requested on the command line, 373 * using the right SSRC value 374 */ 375 switch (sec_servs) { 376 case sec_serv_conf_and_auth: 377 if (gcm_on) { 378 #ifdef GCM 379 switch (key_size) { 380 case 128: 381 srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp); 382 srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp); 383 break; 384 case 256: 385 srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtp); 386 srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtcp); 387 break; 388 } 389 #else 390 printf("error: GCM mode only supported when using the OpenSSL " 391 "or NSS crypto engine.\n"); 392 return 0; 393 #endif 394 } else { 395 switch (key_size) { 396 case 128: 397 srtp_crypto_policy_set_rtp_default(&policy.rtp); 398 srtp_crypto_policy_set_rtcp_default(&policy.rtcp); 399 break; 400 case 256: 401 srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtp); 402 srtp_crypto_policy_set_rtcp_default(&policy.rtcp); 403 break; 404 } 405 } 406 break; 407 case sec_serv_conf: 408 if (gcm_on) { 409 printf( 410 "error: GCM mode must always be used with auth enabled\n"); 411 return -1; 412 } else { 413 switch (key_size) { 414 case 128: 415 srtp_crypto_policy_set_aes_cm_128_null_auth(&policy.rtp); 416 srtp_crypto_policy_set_rtcp_default(&policy.rtcp); 417 break; 418 case 256: 419 srtp_crypto_policy_set_aes_cm_256_null_auth(&policy.rtp); 420 srtp_crypto_policy_set_rtcp_default(&policy.rtcp); 421 break; 422 } 423 } 424 break; 425 case sec_serv_auth: 426 if (gcm_on) { 427 #ifdef GCM 428 switch (key_size) { 429 case 128: 430 srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtp); 431 srtp_crypto_policy_set_aes_gcm_128_8_only_auth( 432 &policy.rtcp); 433 break; 434 case 256: 435 srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtp); 436 srtp_crypto_policy_set_aes_gcm_256_8_only_auth( 437 &policy.rtcp); 438 break; 439 } 440 #else 441 printf("error: GCM mode only supported when using the OpenSSL " 442 "crypto engine.\n"); 443 return 0; 444 #endif 445 } else { 446 srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&policy.rtp); 447 srtp_crypto_policy_set_rtcp_default(&policy.rtcp); 448 } 449 break; 450 default: 451 printf("error: unknown security service requested\n"); 452 return -1; 453 } 454 policy.ssrc.type = ssrc_specific; 455 policy.ssrc.value = ssrc; 456 policy.key = (uint8_t *)key; 457 policy.next = NULL; 458 policy.window_size = 128; 459 policy.allow_repeat_tx = 0; 460 policy.rtp.sec_serv = sec_servs; 461 policy.rtcp.sec_serv = sec_serv_none; /* we don't do RTCP anyway */ 462 463 if (gcm_on && tag_size != 8) { 464 policy.rtp.auth_tag_len = tag_size; 465 } 466 467 /* 468 * read key from hexadecimal or base64 on command line into an octet 469 * string 470 */ 471 if (b64_input) { 472 int pad; 473 expected_len = (policy.rtp.cipher_key_len * 4) / 3; 474 len = base64_string_to_octet_string(key, &pad, input_key, 475 expected_len); 476 if (pad != 0) { 477 fprintf(stderr, "error: padding in base64 unexpected\n"); 478 exit(1); 479 } 480 } else { 481 expected_len = policy.rtp.cipher_key_len * 2; 482 len = hex_string_to_octet_string(key, input_key, expected_len); 483 } 484 /* check that hex string is the right length */ 485 if (len < expected_len) { 486 fprintf(stderr, 487 "error: too few digits in key/salt " 488 "(should be %d digits, found %d)\n", 489 expected_len, len); 490 exit(1); 491 } 492 if ((int)strlen(input_key) > policy.rtp.cipher_key_len * 2) { 493 fprintf(stderr, 494 "error: too many digits in key/salt " 495 "(should be %d hexadecimal digits, found %u)\n", 496 policy.rtp.cipher_key_len * 2, (unsigned)strlen(input_key)); 497 exit(1); 498 } 499 500 printf("set master key/salt to %s/", octet_string_hex_string(key, 16)); 501 printf("%s\n", octet_string_hex_string(key + 16, 14)); 502 503 } else { 504 /* 505 * we're not providing security services, so set the policy to the 506 * null policy 507 * 508 * Note that this policy does not conform to the SRTP 509 * specification, since RTCP authentication is required. However, 510 * the effect of this policy is to turn off SRTP, so that this 511 * application is now a vanilla-flavored RTP application. 512 */ 513 srtp_crypto_policy_set_null_cipher_hmac_null(&policy.rtp); 514 srtp_crypto_policy_set_null_cipher_hmac_null(&policy.rtcp); 515 policy.key = (uint8_t *)key; 516 policy.ssrc.type = ssrc_specific; 517 policy.ssrc.value = ssrc; 518 policy.window_size = 0; 519 policy.allow_repeat_tx = 0; 520 policy.next = NULL; 521 } 522 523 if (prog_type == sender) { 524 #if BEW 525 /* bind to local socket (to match crypto policy, if need be) */ 526 memset(&local, 0, sizeof(struct sockaddr_in)); 527 local.sin_addr.s_addr = htonl(INADDR_ANY); 528 local.sin_port = htons(port); 529 ret = bind(sock, (struct sockaddr *)&local, sizeof(struct sockaddr_in)); 530 if (ret < 0) { 531 fprintf(stderr, "%s: bind failed\n", argv[0]); 532 perror(""); 533 exit(1); 534 } 535 #endif /* BEW */ 536 537 /* initialize sender's rtp and srtp contexts */ 538 snd = rtp_sender_alloc(); 539 if (snd == NULL) { 540 fprintf(stderr, "error: malloc() failed\n"); 541 exit(1); 542 } 543 rtp_sender_init(snd, sock, name, ssrc); 544 status = rtp_sender_init_srtp(snd, &policy); 545 if (status) { 546 fprintf(stderr, "error: srtp_create() failed with code %d\n", 547 status); 548 exit(1); 549 } 550 551 /* open dictionary */ 552 dict = fopen(dictfile, "r"); 553 if (dict == NULL) { 554 fprintf(stderr, "%s: couldn't open file %s\n", argv[0], dictfile); 555 if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { 556 leave_group(sock, mreq, argv[0]); 557 } 558 exit(1); 559 } 560 561 /* read words from dictionary, then send them off */ 562 while (!interrupted && fgets(word, MAX_WORD_LEN, dict) != NULL) { 563 len = strlen(word) + 1; /* plus one for null */ 564 565 if (len > MAX_WORD_LEN) 566 printf("error: word %s too large to send\n", word); 567 else { 568 rtp_sendto(snd, word, len); 569 printf("sending word: %s", word); 570 } 571 usleep(USEC_RATE); 572 } 573 574 rtp_sender_deinit_srtp(snd); 575 rtp_sender_dealloc(snd); 576 577 fclose(dict); 578 } else { /* prog_type == receiver */ 579 rtp_receiver_t rcvr; 580 581 if (bind(sock, (struct sockaddr *)&name, sizeof(name)) < 0) { 582 close(sock); 583 fprintf(stderr, "%s: socket bind error\n", argv[0]); 584 perror(NULL); 585 if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { 586 leave_group(sock, mreq, argv[0]); 587 } 588 exit(1); 589 } 590 591 rcvr = rtp_receiver_alloc(); 592 if (rcvr == NULL) { 593 fprintf(stderr, "error: malloc() failed\n"); 594 exit(1); 595 } 596 rtp_receiver_init(rcvr, sock, name, ssrc); 597 status = rtp_receiver_init_srtp(rcvr, &policy); 598 if (status) { 599 fprintf(stderr, "error: srtp_create() failed with code %d\n", 600 status); 601 exit(1); 602 } 603 604 /* get next word and loop */ 605 while (!interrupted) { 606 len = MAX_WORD_LEN; 607 if (rtp_recvfrom(rcvr, word, &len) > -1) 608 printf("\tword: %s\n", word); 609 } 610 611 rtp_receiver_deinit_srtp(rcvr); 612 rtp_receiver_dealloc(rcvr); 613 } 614 615 if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { 616 leave_group(sock, mreq, argv[0]); 617 } 618 619 #ifdef RTPW_USE_WINSOCK2 620 ret = closesocket(sock); 621 #else 622 ret = close(sock); 623 #endif 624 if (ret < 0) { 625 fprintf(stderr, "%s: Failed to close socket", argv[0]); 626 perror(""); 627 } 628 629 status = srtp_shutdown(); 630 if (status) { 631 printf("error: srtp shutdown failed with error code %d\n", status); 632 exit(1); 633 } 634 635 #ifdef RTPW_USE_WINSOCK2 636 WSACleanup(); 637 #endif 638 639 return 0; 640 } 641 642 void usage(char *string) 643 { 644 printf("usage: %s [-d <debug>]* [-k <key> [-a][-e]] " 645 "[-s | -r] dest_ip dest_port\n" 646 "or %s -l\n" 647 "where -a use message authentication\n" 648 " -e <key size> use encryption (use 128 or 256 for key size)\n" 649 " -g Use AES-GCM mode (must be used with -e)\n" 650 " -t <tag size> Tag size to use in GCM mode (use 8 or 16)\n" 651 " -k <key> sets the srtp master key given in hexadecimal\n" 652 " -b <key> sets the srtp master key given in base64\n" 653 " -s act as rtp sender\n" 654 " -r act as rtp receiver\n" 655 " -l list debug modules\n" 656 " -d <debug> turn on debugging for module <debug>\n" 657 " -w <wordsfile> use <wordsfile> for input, rather than %s\n", 658 string, string, DICT_FILE); 659 exit(1); 660 } 661 662 void leave_group(int sock, struct ip_mreq mreq, char *name) 663 { 664 int ret; 665 666 ret = setsockopt(sock, IPPROTO_IP, IP_DROP_MEMBERSHIP, (void *)&mreq, 667 sizeof(mreq)); 668 if (ret < 0) { 669 fprintf(stderr, "%s: Failed to leave multicast group", name); 670 perror(""); 671 } 672 } 673 674 void handle_signal(int signum) 675 { 676 interrupted = 1; 677 /* Reset handler explicitly, in case we don't have sigaction() (and signal() 678 has BSD semantics), or we don't have SA_RESETHAND */ 679 signal(signum, SIG_DFL); 680 } 681 682 int setup_signal_handler(char *name) 683 { 684 #ifdef HAVE_SIGACTION 685 struct sigaction act; 686 memset(&act, 0, sizeof(act)); 687 688 act.sa_handler = handle_signal; 689 sigemptyset(&act.sa_mask); 690 #if defined(SA_RESETHAND) 691 act.sa_flags = SA_RESETHAND; 692 #else 693 act.sa_flags = 0; 694 #endif 695 /* Note that we're not setting SA_RESTART; we want recvfrom to return 696 * EINTR when we signal the receiver. */ 697 698 if (sigaction(SIGTERM, &act, NULL) != 0) { 699 fprintf(stderr, "%s: error setting up signal handler", name); 700 perror(""); 701 return -1; 702 } 703 #else 704 if (signal(SIGTERM, handle_signal) == SIG_ERR) { 705 fprintf(stderr, "%s: error setting up signal handler", name); 706 perror(""); 707 return -1; 708 } 709 #endif 710 return 0; 711 }