• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1Changelog
2
31.3.20
4
5  Lots of changes.  Thanks to Jeff Chan for catching a memory leak and
6  helping track down the endian issues with the SSRCs.
7
81.3.8
9
10  This is an interim release.  Several little-endian bugs were identified
11  and fixed; this means that we can use intel/linux for development again.
12
13  Cleaned up sha1 and hmac code significantly, got rid of some excess
14  functions and properly documented the fuctions in the .h files.
15
16  Eliminated some vestigial files.
17
18  There is a SIGBUS error in the AES encrypt function on sparc
19  (observed on both solaris and openbsd) with gcc 2.95.  Was unable to
20  find bad pointer anywhere, so I'm wondering if it isn't a compiler
21  problem (there's a known problem whose profile it fits).  It doesn't
22  appear on any other platform, even in the cipher_driver stress
23  tests.
24
25  Planned changes
26
27  Change interface to nonces (xtd_seq_num_t) so that it uses
28  network byte ordering, and is consistent with other arguments.
29
30
311.3.6
32
33  Changed /dev/random (in configure.in and crypto/rng/rand_source.c) to
34  /dev/urandom; the latter is non-blocking on all known platforms (which
35  corrects some programs that seem to hang) and is actually present on
36  Open BSD (unlike /dev/random, which only works in the presence of
37  hardware supported random number generation).
38
39  Added machine/types.h case in include/integers.h.
40
411.3.5
42
43  Removing srtp_t::template and stream_clone().
44
45  Adding a new policy structure, which will reflect a complete SRTP
46  policy (including SRTCP).
47
48  This version is *incomplete* and will undergo more changes.  It is
49  provided only as a basis for discussion.
50
511.3.4
52
53   Removed tmmh.c and tmmh.h, which implemented version one of TMMH.
54
55   Changed srtp_get_trailer_length() to act on streams rather than
56   sessions, and documented the macro SRTP_MAX_TRAILER_LEN, which should
57   usually be used rather than that function.
58
59   Removed 'salt' from cipher input.
60
61   Changed rdbx to use err.h error codes.
62
63   Changed malloc() and free() to xalloc() and xfree; these functions
64   are defined in crypto/kernel/alloc.c and declared in
65   include/alloc.h.
66
67   Added 'output' functions to cipher, in addition to 'encrypt'
68   functions.  It is no longer necessary to zeroize a buffer before
69   encrypting in order to get keystream.
70
71   Changed octet_string_hex_string() so that "times two" isn't needed
72   in its input.
73
74   Added crypto_kernel_init() prior to command-line parsing, so that
75   kernel can be passed command-line arguments, such as "-d
76   debug_module".  This was done to for the applications
77   test/srtp-driver, test/kernel-driver, and test/ust-driver.
78
79   Improved srtp_init_aes_128_prf - wrote key derivation function
80   (srtp_kdf_t).
81
82   Add the tag_len as an argument to the auth_compute() function, but
83   not the corresponding macro.  This change allows the tag length for
84   a given auth func to be set to different values at initialization
85   time.  Previously, the structure auth_t contained the
86   output_length, but that value was inaccessible from hmac_compute()
87   and other functions.
88
89   Re-named files from a-b.c to a_b.c. in order to help portability.
90
91   Re-named rijndael to aes (or aes_128 as appropriate).
92
93
941.2.1
95
96  Changes so that 1.2.0 compiles on cygwin-win2k.
97
98  Added better error reporting system.  If syslog is present on the
99  OS, then it is used.
100
101
1021.2.0 Many improvements and additions, and a fex fixes
103
104   Fixed endian issues in RTP header construction in the function
105   rtp_sendto() in srtp/rtp.c.
106
107   Implemented RIJNDAEL decryption operation, adding the functions
108   rijndael_decrypt() and rijndael_expand_decryption_key().  Also
109   re-named rijndael_expand_key() to rijndael_expand_encryption_key()
110   for consistency.
111
112   Implemented random number source using /dev/random, in the files
113   crypto/rng/rand_source.c and include/rand_source.h.
114
115   Added index check to SEAL cipher (only values less than 2^32 are
116   allowed)
117
118   Added test case for null_auth authentication function.
119
120   Added a timing test which tests the effect of CPU cache thrash on
121   cipher throughput.  The test is done by the function
122   cipher_test_throughput_array(); the function
123   cipher_array_alloc_init() creates an array of ciphers for use in
124   this test.  This test can be accessed by using the -a flag to
125   the application cipher-driver in the test subdirectory.
126
127   Added argument processing to ust-driver.c, and added that app to
128   the 'runtest' target in Makefile.in.
129
130   A minor auth_t API change: last argument of auth_init() eliminated.
131
132
1331.0.6 A small but important fix
134
135   Fixed srtp_init_aes_128_prf() by adding octet_string_set_to_zero()
136   after buffer allocation.
137
138   Eliminated references to no-longer-existing variables in debugging
139   code in srtp/srtp.c.  This fixes the compilation failure that
140   occured when using PRINT_DEBUG in that file.
141
142   Corrected spelling of Richard Priestley's name in credits.  Sorry
143   Richard!
144
145
1461.0.5 Many little fixes
147
148   Fixed octet_string_set_to_zero(), which was writing one
149   more zero octet than it should.  This bug caused srtp_protect()
150   and srtp_unprotect() to overwrite the byte that followed the
151   srtp packet.
152
153   Changed sizeof(uint32_t) to srtp_get_trailer_length() in
154   srtp-driver.c.  This is just defensive coding.
155
156   Added NULL check to malloc in srtp_alloc().
157
158
1591.0.4 Many minor fixes and two big ones (thanks for the bug reports!)
160
161   Removed 'ssrc' from the srtp_init_aes_128_prf() function argument
162   list.  This is so that applications which do not a priori know the
163   ssrc which they will be receiving can still use libsrtp.  Now the
164   SSRC value is gleaned from the rtp header and exored into the
165   counter mode offset in the srtp_protect() and srtp_unprotect()
166   functions, if that cipher is used.  This change cascaed through
167   many other functions, including srtp_init_from_hex(),
168   srtp_sender_init() and srtp_receiver_init() in rtp.c, and also
169   changing the CLI to test/rtpw.  In the future, another function
170   call will be added to the library that enables multiple ssrc/key
171   pairs to be installed into the same srtp session, so that libsrtp
172   works with multiple srtp senders.  For now, this functionality is
173   lacking.
174
175   Removed the GDOI interface to the rtpw demo program.  This will be
176   added again at a later date, after the SRTP and GDOI distributions
177   stabilize.  For now, I've left in the GDOI #defines and autoconf
178   definitions so that they'll be in place when needed.
179
180   Updated tmmhv2_compute() so that it didn't assume any particular
181   alginment of the output tag.
182
183   Changed bit field variables in srtp.h to unsigned char from
184   unsigned int in order to avoid a potential endianness issue.
185
186   Fixed rdbx_estimate_index() to handle all input cases.  This solves
187   the now notorious "abaft" bug in the rtpw demo app on linux/intel,
188   in which spurious replay protection failures happen after that word
189   is received.
190
191   Added ntohs(hdr->seq) to srtp_protect and srtp_unprotect, removed
192   from rijndael_icm_set_segment().
193
194   Added error checking and handling to srtp_sender_init() and
195   srtp_receiver_init().
196
197   Changed srtp_alloc() so that it does what you'd expect: allocate an
198   srtp_ctx_t structure.  This hides the library internals.
199
200
2011.0.1   Many minor fixes
202
203   Added cipher_driver_buffer_test(...) to test/cipher-driver.c.  This
204   function checks that the byte-buffering functions used by a cipher
205   are correct.
206
207   Fixed SunOS/Solaris build problems: added HAVE_SYS_INT_TYPES_H and
208   changed index_t to xtd_seq_num_t (see include/rdbx.h).
209
210   Fixed SEAL3.0 output byte buffering, added byte-buffering test to
211   cipher/cipher-driver.c.
212
213   Fixed roc-driver so that the non-sequential insertion test
214   automatically recovers from bad estimates.  This was required to
215   prevent spurious failures.
216
217   Made rdbx_estimate_index(...) function smarter, so that initial RTP
218   sequence numbers greater than 32,768 don't cause it to estimate the
219   rollover counter of 0xffffffff.
220
221
2221.0.0   Initial release
223
224