[libsrtp/f19] rename internal functions to avoid conflicts (bz 956340)
Tom Callaway
spot at fedoraproject.org
Mon Feb 10 19:54:21 UTC 2014
commit 27326d31574056c0209830f507b33d712e0aed05
Author: Tom Callaway <spot at fedoraproject.org>
Date: Mon Feb 10 14:54:59 2014 -0500
rename internal functions to avoid conflicts (bz 956340)
libsrtp-sha1-name-fix.patch | 170 ++++++++++++++++++++++++++++++++++++++++
libsrtp-srtp_aes_encrypt.patch | 122 ++++++++++++++++++++++++++++
libsrtp.spec | 9 ++-
3 files changed, 300 insertions(+), 1 deletions(-)
---
diff --git a/libsrtp-sha1-name-fix.patch b/libsrtp-sha1-name-fix.patch
new file mode 100644
index 0000000..12b1da6
--- /dev/null
+++ b/libsrtp-sha1-name-fix.patch
@@ -0,0 +1,170 @@
+--- a/crypto/hash/hmac.c
++++ a/crypto/hash/hmac.c
+@@ -137,10 +137,10 @@ hmac_init(hmac_ctx_t *state, const uint8_t *key, int key_len) {
+ debug_print(mod_hmac, "ipad: %s", octet_string_hex_string(ipad, 64));
+
+ /* initialize sha1 context */
+- sha1_init(&state->init_ctx);
++ crypto_sha1_init(&state->init_ctx);
+
+ /* hash ipad ^ key */
+- sha1_update(&state->init_ctx, ipad, 64);
++ crypto_sha1_update(&state->init_ctx, ipad, 64);
+ memcpy(&state->ctx, &state->init_ctx, sizeof(sha1_ctx_t));
+
+ return err_status_ok;
+@@ -161,7 +161,7 @@ hmac_update(hmac_ctx_t *state, const uint8_t *message, int msg_octets) {
+ octet_string_hex_string(message, msg_octets));
+
+ /* hash message into sha1 context */
+- sha1_update(&state->ctx, message, msg_octets);
++ crypto_sha1_update(&state->ctx, message, msg_octets);
+
+ return err_status_ok;
+ }
+@@ -179,7 +179,7 @@ hmac_compute(hmac_ctx_t *state, const void *message,
+
+ /* hash message, copy output into H */
+ hmac_update(state, (const uint8_t*)message, msg_octets);
+- sha1_final(&state->ctx, H);
++ crypto_sha1_final(&state->ctx, H);
+
+ /*
+ * note that we don't need to debug_print() the input, since the
+@@ -189,16 +189,16 @@ hmac_compute(hmac_ctx_t *state, const void *message,
+ octet_string_hex_string((uint8_t *)H, 20));
+
+ /* re-initialize hash context */
+- sha1_init(&state->ctx);
++ crypto_sha1_init(&state->ctx);
+
+ /* hash opad ^ key */
+- sha1_update(&state->ctx, (uint8_t *)state->opad, 64);
++ crypto_sha1_update(&state->ctx, (uint8_t *)state->opad, 64);
+
+ /* hash the result of the inner hash */
+- sha1_update(&state->ctx, (uint8_t *)H, 20);
++ crypto_sha1_update(&state->ctx, (uint8_t *)H, 20);
+
+ /* the result is returned in the array hash_value[] */
+- sha1_final(&state->ctx, hash_value);
++ crypto_sha1_final(&state->ctx, hash_value);
+
+ /* copy hash_value to *result */
+ for (i=0; i < tag_len; i++)
+--- a/crypto/hash/sha1.c
++++ a/crypto/hash/sha1.c
+@@ -74,12 +74,12 @@ uint32_t SHA_K2 = 0x8F1BBCDC; /* Kt for 40 <= t <= 59 */
+ uint32_t SHA_K3 = 0xCA62C1D6; /* Kt for 60 <= t <= 79 */
+
+ void
+-sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) {
++crypto_sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) {
+ sha1_ctx_t ctx;
+
+- sha1_init(&ctx);
+- sha1_update(&ctx, msg, octets_in_msg);
+- sha1_final(&ctx, hash_value);
++ crypto_sha1_init(&ctx);
++ crypto_sha1_update(&ctx, msg, octets_in_msg);
++ crypto_sha1_final(&ctx, hash_value);
+
+ }
+
+@@ -96,7 +96,7 @@ sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) {
+ */
+
+ void
+-sha1_core(const uint32_t M[16], uint32_t hash_value[5]) {
++crypto_sha1_core(const uint32_t M[16], uint32_t hash_value[5]) {
+ uint32_t H0;
+ uint32_t H1;
+ uint32_t H2;
+@@ -183,7 +183,7 @@ sha1_core(const uint32_t M[16], uint32_t hash_value[5]) {
+ }
+
+ void
+-sha1_init(sha1_ctx_t *ctx) {
++crypto_sha1_init(sha1_ctx_t *ctx) {
+
+ /* initialize state vector */
+ ctx->H[0] = 0x67452301;
+@@ -201,7 +201,7 @@ sha1_init(sha1_ctx_t *ctx) {
+ }
+
+ void
+-sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) {
++crypto_sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) {
+ int i;
+ uint8_t *buf = (uint8_t *)ctx->M;
+
+@@ -226,7 +226,7 @@ sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) {
+
+ debug_print(mod_sha1, "(update) running sha1_core()", NULL);
+
+- sha1_core(ctx->M, ctx->H);
++ crypto_sha1_core(ctx->M, ctx->H);
+
+ } else {
+
+@@ -249,7 +249,7 @@ sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) {
+ */
+
+ void
+-sha1_final(sha1_ctx_t *ctx, uint32_t *output) {
++crypto_sha1_final(sha1_ctx_t *ctx, uint32_t *output) {
+ uint32_t A, B, C, D, E, TEMP;
+ uint32_t W[80];
+ int i, t;
+--- a/crypto/include/sha1.h
++++ a/crypto/include/sha1.h
+@@ -65,7 +65,7 @@ typedef struct {
+ */
+
+ void
+-sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]);
++crypto_sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]);
+
+ /*
+ * sha1_init(&ctx) initializes the SHA1 context ctx
+@@ -79,13 +79,13 @@ sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]);
+ */
+
+ void
+-sha1_init(sha1_ctx_t *ctx);
++crypto_sha1_init(sha1_ctx_t *ctx);
+
+ void
+-sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg);
++crypto_sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg);
+
+ void
+-sha1_final(sha1_ctx_t *ctx, uint32_t output[5]);
++crypto_sha1_final(sha1_ctx_t *ctx, uint32_t output[5]);
+
+ /*
+ * The sha1_core function is INTERNAL to SHA-1, but it is declared
+@@ -103,6 +103,6 @@ sha1_final(sha1_ctx_t *ctx, uint32_t output[5]);
+ */
+
+ void
+-sha1_core(const uint32_t M[16], uint32_t hash_value[5]);
++crypto_sha1_core(const uint32_t M[16], uint32_t hash_value[5]);
+
+ #endif /* SHA1_H */
+--- a/crypto/test/sha1_driver.c
++++ a/crypto/test/sha1_driver.c
+@@ -107,9 +107,9 @@ sha1_test_case_validate(const hash_test_case_t *test_case) {
+ if (test_case->data_len > MAX_HASH_DATA_LEN)
+ return err_status_bad_param;
+
+- sha1_init(&ctx);
+- sha1_update(&ctx, test_case->data, test_case->data_len);
+- sha1_final(&ctx, hash_value);
++ crypto_sha1_init(&ctx);
++ crypto_sha1_update(&ctx, test_case->data, test_case->data_len);
++ crypto_sha1_final(&ctx, hash_value);
+ if (0 == memcmp(test_case->hash, hash_value, 20)) {
+ #if VERBOSE
+ printf("PASSED: reference value: %s\n",
+
diff --git a/libsrtp-srtp_aes_encrypt.patch b/libsrtp-srtp_aes_encrypt.patch
new file mode 100644
index 0000000..389ce9a
--- /dev/null
+++ b/libsrtp-srtp_aes_encrypt.patch
@@ -0,0 +1,122 @@
+--- a/crypto/cipher/aes.c
++++ a/crypto/cipher/aes.c
+@@ -1999,7 +1999,7 @@ aes_inv_final_round(v128_t *state, const v128_t *round_key) {
+
+
+ void
+-aes_encrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key) {
++srtp_aes_encrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key) {
+
+ /* add in the subkey */
+ v128_xor_eq(plaintext, &exp_key->round[0]);
+--- a/crypto/cipher/aes_cbc.c
++++ a/crypto/cipher/aes_cbc.c
+@@ -182,7 +182,7 @@ aes_cbc_encrypt(aes_cbc_ctx_t *c,
+ debug_print(mod_aes_cbc, "inblock: %s",
+ v128_hex_string(&c->state));
+
+- aes_encrypt(&c->state, &c->expanded_key);
++ srtp_aes_encrypt(&c->state, &c->expanded_key);
+
+ debug_print(mod_aes_cbc, "outblock: %s",
+ v128_hex_string(&c->state));
+--- a/crypto/cipher/aes_icm.c
++++ a/crypto/cipher/aes_icm.c
+@@ -240,7 +240,7 @@ aes_icm_set_octet(aes_icm_ctx_t *c,
+ /* fill keystream buffer, if needed */
+ if (tail_num) {
+ v128_copy(&c->keystream_buffer, &c->counter);
+- aes_encrypt(&c->keystream_buffer, &c->expanded_key);
++ srtp_aes_encrypt(&c->keystream_buffer, &c->expanded_key);
+ c->bytes_in_buffer = sizeof(v128_t);
+
+ debug_print(mod_aes_icm, "counter: %s",
+@@ -296,7 +296,7 @@ static inline void
+ aes_icm_advance_ismacryp(aes_icm_ctx_t *c, uint8_t forIsmacryp) {
+ /* fill buffer with new keystream */
+ v128_copy(&c->keystream_buffer, &c->counter);
+- aes_encrypt(&c->keystream_buffer, &c->expanded_key);
++ srtp_aes_encrypt(&c->keystream_buffer, &c->expanded_key);
+ c->bytes_in_buffer = sizeof(v128_t);
+
+ debug_print(mod_aes_icm, "counter: %s",
+--- a/crypto/include/aes.h
++++ a/crypto/include/aes.h
+@@ -70,7 +70,7 @@ aes_expand_decryption_key(const uint8_t *key,
+ aes_expanded_key_t *expanded_key);
+
+ void
+-aes_encrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key);
++srtp_aes_encrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key);
+
+ void
+ aes_decrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key);
+--- a/crypto/rng/prng.c
++++ a/crypto/rng/prng.c
+@@ -108,7 +108,7 @@ x917_prng_get_octet_string(uint8_t *dest, uint32_t len) {
+ v128_copy(&buffer, &x917_prng.state);
+
+ /* apply aes to buffer */
+- aes_encrypt(&buffer, &x917_prng.key);
++ srtp_aes_encrypt(&buffer, &x917_prng.key);
+
+ /* write data to output */
+ *dest++ = buffer.v8[0];
+@@ -132,7 +132,7 @@ x917_prng_get_octet_string(uint8_t *dest, uint32_t len) {
+ buffer.v32[0] ^= t;
+
+ /* encrypt buffer */
+- aes_encrypt(&buffer, &x917_prng.key);
++ srtp_aes_encrypt(&buffer, &x917_prng.key);
+
+ /* copy buffer into state */
+ v128_copy(&x917_prng.state, &buffer);
+@@ -150,7 +150,7 @@ x917_prng_get_octet_string(uint8_t *dest, uint32_t len) {
+ v128_copy(&buffer, &x917_prng.state);
+
+ /* apply aes to buffer */
+- aes_encrypt(&buffer, &x917_prng.key);
++ srtp_aes_encrypt(&buffer, &x917_prng.key);
+
+ /* write data to output */
+ for (i=0; i < tail_len; i++) {
+@@ -163,7 +163,7 @@ x917_prng_get_octet_string(uint8_t *dest, uint32_t len) {
+ buffer.v32[0] ^= t;
+
+ /* encrypt buffer */
+- aes_encrypt(&buffer, &x917_prng.key);
++ srtp_aes_encrypt(&buffer, &x917_prng.key);
+
+ /* copy buffer into state */
+ v128_copy(&x917_prng.state, &buffer);
+--- a/crypto/test/aes_calc.c
++++ a/crypto/test/aes_calc.c
+@@ -105,7 +105,7 @@ main (int argc, char *argv[]) {
+ exit(1);
+ }
+
+- aes_encrypt(&data, &exp_key);
++ srtp_aes_encrypt(&data, &exp_key);
+
+ /* write ciphertext to output */
+ if (verbose) {
+--- a/tables/aes_tables.c
++++ a/tables/aes_tables.c
+@@ -294,7 +294,7 @@ main(void) {
+
+ #if AES_INVERSE_TEST
+ /*
+- * test that aes_encrypt and aes_decrypt are actually
++ * test that srtp_aes_encrypt and aes_decrypt are actually
+ * inverses of each other
+ */
+
+@@ -331,7 +331,7 @@ aes_test_inverse(void) {
+ v128_copy_octet_string(&x, plaintext);
+ aes_expand_encryption_key(k, expanded_key);
+ aes_expand_decryption_key(k, decrypt_key);
+- aes_encrypt(&x, expanded_key);
++ srtp_aes_encrypt(&x, expanded_key);
+ aes_decrypt(&x, decrypt_key);
+
+ /* compare to expected value then report */
diff --git a/libsrtp.spec b/libsrtp.spec
index a84c4c9..f868c3e 100644
--- a/libsrtp.spec
+++ b/libsrtp.spec
@@ -3,7 +3,7 @@
Name: lib%{shortname}
Version: 1.4.4
-Release: 9.%{cvsver}%{?dist}
+Release: 10.%{cvsver}%{?dist}
Summary: An implementation of the Secure Real-time Transport Protocol (SRTP)
Group: System Environment/Libraries
License: BSD
@@ -21,6 +21,8 @@ Source2: config.h
# And how does Chromium always manage to find these projects and use them?
Patch0: libsrtp-1.4.4-shared.patch
Patch1: libsrtp-1.4.4-CVE20132139.patch
+Patch2: libsrtp-srtp_aes_encrypt.patch
+Patch3: libsrtp-sha1-name-fix.patch
%description
This package provides an implementation of the Secure Real-time
@@ -41,6 +43,8 @@ developing applications that use %{name}.
%setup -q -n %{shortname}
%patch0 -p1 -b .shared
%patch1 -p1 -b .CVE20132139
+%patch2 -p1 -b .srtp_aes_encrypt
+%patch3 -p1 -b .sha1-name-fix
# Fix end-of-line encoding
sed -i 's/\r//g' doc/draft-irtf-cfrg-icm-00.txt
@@ -91,6 +95,9 @@ cp -a %{SOURCE2} %{buildroot}%{_includedir}/%{shortname}/config.h
%{_libdir}/*.so
%changelog
+* Mon Feb 10 2014 Tom Callaway <spot at fedoraproject.org> - 1.4.4-10.20101004cvs
+- rename internal functions to avoid conflicts (bz 956340)
+
* Mon Dec 30 2013 Tom Callaway <spot at fedoraproject.org> - 1.4.4-9.20101004cvs
- apply fix for CVE-2013-2139 from https://github.com/cisco/libsrtp/pull/27
More information about the scm-commits
mailing list