From 1c80e4fad04638b4e6f141f49d27a0caf915d624 Mon Sep 17 00:00:00 2001 From: Chris Hiszpanski Date: Tue, 4 May 2021 00:49:02 -0700 Subject: Adds ice-pwd and ice-ufrag to sdp answer Adds simple base64 encoder as pwd and ufrag are expected to be base64 encoded. Uses prng to generate random data. Is this secure? --- src/Makefile.am | 4 ++-- src/b64.c | 67 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ src/b64.h | 34 +++++++++++++++++++++++++++++ src/urtc.c | 12 +++++++++++ 4 files changed, 115 insertions(+), 2 deletions(-) create mode 100644 src/b64.c create mode 100644 src/b64.h diff --git a/src/Makefile.am b/src/Makefile.am index 5855857..beeb2b3 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,7 +1,7 @@ lib_LTLIBRARIES = liburtc.la -liburtc_la_SOURCES = g711.c g711_tables.c mdns.c prng.c sdp.c urtc.c \ +liburtc_la_SOURCES = b64.c g711.c g711_tables.c mdns.c prng.c sdp.c urtc.c \ uuid.c -include_HEADERS = err.h g711.h mdns.h prng.h sdp.h urtc.h uuid.h +include_HEADERS = urtc.h # for pthreads support on linux liburtc_la_CFLAGS = $(PTHREAD_CFLAGS) diff --git a/src/b64.c b/src/b64.c new file mode 100644 index 0000000..4c1fe20 --- /dev/null +++ b/src/b64.c @@ -0,0 +1,67 @@ +/** + * Copyright (c) 2021 Chris Hiszpanski. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * 3. The name of the author(s) may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO + * EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "b64.h" + +void b64_encode(char *dst, const char *src, size_t size) { + const char lut[64] = + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + + char spare = 0; + char state = 0; + + while (size || spare) { + switch (state) { + case 0: + *dst++ = lut[((*src) >> 2) & 0x3F]; + spare = (*src) & 0x3; + state = 1; + src++; + size--; + break; + case 1: + *dst++ = lut[(spare << 4) | (((*src) >> 4) & 0x0F)]; + spare = (*src) & 0x0F; + state = 2; + src++; + size--; + break; + case 2: + *dst++ = lut[(spare << 2) | (((*src) >> 6) & 0x03)]; + spare = (*src) & 0x3F; + state = 3; + size--; + break; + case 3: + *dst++ = lut[spare]; + spare = 0; + state = 0; + break; + } + } + *dst = '\0'; +} + diff --git a/src/b64.h b/src/b64.h new file mode 100644 index 0000000..fde7fc3 --- /dev/null +++ b/src/b64.h @@ -0,0 +1,34 @@ +/** + * Copyright (c) 2021 Chris Hiszpanski. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * 3. The name of the author(s) may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO + * EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef URTC_B64_H +#define URTC_B64_H + +#include + +void b64_encode(char *dst, const char *src, size_t size); + +#endif // URTC_B64_H diff --git a/src/urtc.c b/src/urtc.c index f3ffa99..47c32b8 100644 --- a/src/urtc.c +++ b/src/urtc.c @@ -39,6 +39,7 @@ #include // socket #include +#include "b64.h" // b64_encode #include "err.h" #include "log.h" #include "mdns.h" // mdns_subscribe, mdns_unsubscribe @@ -426,6 +427,17 @@ int urtc_add_ice_candidate(struct peerconn *pc, const char *cand) { } int urtc_create_answer(struct peerconn *pc, char *answer, size_t size) { + char pwd[18]; // 24 base64 characters + char ufrag[3]; // 4 base64 characters + + prng(pwd, sizeof(pwd)); + prng(ufrag, sizeof(ufrag)); + + b64_encode(pc->ldesc.pwd, pwd, sizeof(pwd)); + b64_encode(pc->ldesc.ufrag, ufrag, sizeof(ufrag)); + + pc->ldesc.mode = SDP_MODE_SEND_ONLY; + return sdp_serialize(answer, size, &pc->ldesc); } -- cgit v1.2.3