Commit 7e742958 authored by johan's avatar johan

Fix compilation when LIME is disabled

- enabled by default switch using --enable-lime
- check for polarssl gcm.h presence (version >=1.3)
parent 4855be3d
......@@ -639,6 +639,58 @@ AC_ARG_ENABLE(g729bCN,
[g729bCN=false]
)
dnl Polarssl lib is requested for Lime
AC_ARG_WITH( polarssl,
[ --with-polarssl Set prefix where polarssl can be found (ex:/usr, /usr/local)[[default=PREFIX or /usr if NONE]] ],
[ polarssl_prefix=${withval}],[ if test "$prefix" != "NONE"; then
polarssl_prefix=${prefix}
else
polarssl_prefix="/usr"
fi ])
found_polarssl=no
if test "$polarssl_prefix" != "none" ; then
if test "$polarssl_prefix" != "/usr" ; then
POLARSSL_CFLAGS="-I${polarssl_prefix}/include"
POLARSSL_LIBS="-L${polarssl_prefix}/lib"
fi
POLARSSL_LIBS="$POLARSSL_LIBS -lpolarssl"
CPPFLAGS_save=$CPPFLAGS
LIBS_save=$LIBS
CPPFLAGS="$CPPFLAGS $POLARSSL_CFLAGS"
LIBS="$LIBS $POLARSSL_LIBS"
AC_CHECK_HEADERS(polarssl/gcm.h,
[found_polarssl=yes; AC_MSG_NOTICE([polarssl usable])],
[POLARSSL_CFLAGS=""
POLARSSL_LIBS=""])
CPPFLAGS=$CPPFLAGS_save
LIBS=$LIBS_save
fi
dnl check for Lime support, need polarssl version >= 1.3 (with gcm.h)
AC_ARG_ENABLE(lime,
[AS_HELP_STRING([--enable-lime], [Turn on or off compilation of Instant Messaging Encryption (default=yes)])],
[case "${enableval}" in
yes) lime=true ;;
no) lime=false ;;
*) AC_MSG_ERROR(bad value ${enableval} for --enable-lime) ;;
esac],
[lime=true]
)
if test "$lime" = "true" ; then
if test "x$found_polarssl" != "xyes" ; then
AC_MSG_ERROR("LIME requires POLARSSL in version >= 1.3")
else
AC_DEFINE(HAVE_LIME, 1, [Defined when LIME support is compiled])
fi
else
echo "LIME compilation is disabled."
fi
dnl build console if required
AM_CONDITIONAL(BUILD_CONSOLE, test x$console_ui = xtrue)
......@@ -1001,6 +1053,7 @@ printf "* %-30s %s\n" "Tools" $build_tools
printf "* %-30s %s\n" "Message storage" $enable_msg_storage
printf "* %-30s %s\n" "zRTP encryption" $zrtp
printf "* %-30s %s\n" "DTLS encryption" $dtls
printf "* %-30s %s\n" "IM encryption" $lime
printf "* %-30s %s\n" "uPnP support" $build_upnp
printf "* %-30s %s\n" "LDAP support" $enable_ldap
printf "* %-30s %s\n" "ZLIB support" $found_zlib
......
#include "lime.h"
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#ifdef HAVE_LIME
#include "linphonecore.h"
#include "ortp/b64.h"
#include "polarssl/gcm.h"
......@@ -11,6 +17,14 @@
#else /* for Polarssl version 1.2 */
#include "polarssl/sha2.h"
#endif
/**
* @brief check at runtime if LIME is available
*
* @return TRUE when Lime was fully compiled, FALSE when it wasn't
*/
bool_t lime_is_available() { return TRUE; }
/**
* @brief convert an hexa char [0-9a-fA-F] into the corresponding unsigned integer value
* Any invalid char will be converted to zero without any warning
......@@ -89,7 +103,15 @@ void lime_int8ToStr(uint8_t *outputString, uint8_t *inputBytes, uint16_t inputBy
int lime_getSelfZid(xmlDocPtr cacheBuffer, uint8_t selfZid[25]) {
/**
* @brief Retrieve selfZID from cache
*
* @param[in] cacheBuffer The xmlDoc containing current cache
* @param[out] selfZid The ZID found as a 24 hexa char string null terminated
*
* @return 0 on success, error code otherwise
*/
static int lime_getSelfZid(xmlDocPtr cacheBuffer, uint8_t selfZid[25]) {
xmlNodePtr cur;
xmlChar *selfZidHex;
......@@ -379,7 +401,15 @@ int lime_setCachedKey(xmlDocPtr cacheBuffer, limeKey_t *associatedKey, uint8_t r
return 0;
}
int lime_deriveKey(limeKey_t *key) {
/**
* @brief Derive in place the key given in parameter and increment session index
* Derivation is made derived Key = HMAC_SHA256(Key, 0x0000001||"MessageKey"||0x00||SessionId||SessionIndex||256)
*
* @param[in/out] key The structure containing the original key which will be overwritten, the sessionId and SessionIndex
*
* @return 0 on success, error code otherwise
*/
static int lime_deriveKey(limeKey_t *key) {
uint8_t inputData[55];
uint8_t derivedKey[32];
......@@ -779,6 +809,18 @@ int lime_decryptMultipartMessage(xmlDocPtr cacheBuffer, uint8_t *message, uint8_
return 0;
}
#else /* HAVE_LIME */
bool_t lime_is_available() { return FALSE; }
int lime_decryptFile(void **cryptoContext, unsigned char *key, size_t length, char *plain, char *cipher) { return LIME_NOT_ENABLED;}
int lime_decryptMultipartMessage(xmlDocPtr cacheBuffer, uint8_t *message, uint8_t **output) { return LIME_NOT_ENABLED;}
int lime_createMultipartMessage(xmlDocPtr cacheBuffer, uint8_t *message, uint8_t *peerURI, uint8_t **output) { return LIME_NOT_ENABLED;}
int lime_encryptFile(void **cryptoContext, unsigned char *key, size_t length, char *plain, char *cipher) {return LIME_NOT_ENABLED;}
#endif /* HAVE_LIME */
char *lime_error_code_to_string(int errorCode) {
switch (errorCode) {
case LIME_INVALID_CACHE: return "Invalid ZRTP cache";
......@@ -787,6 +829,7 @@ char *lime_error_code_to_string(int errorCode) {
case LIME_UNABLE_TO_DECRYPT_MESSAGE: return "Unable to decrypt message";
case LIME_NO_VALID_KEY_FOUND_FOR_PEER: return "No valid key found";
case LIME_INVALID_ENCRYPTED_MESSAGE: return "Invalid encrypted message";
case LIME_NOT_ENABLED: return "Lime not enabled at build";
}
return "Unknow error";
......
......@@ -7,6 +7,7 @@
#define LIME_UNABLE_TO_DECRYPT_MESSAGE 0x1008
#define LIME_NO_VALID_KEY_FOUND_FOR_PEER 0x1010
#define LIME_INVALID_ENCRYPTED_MESSAGE 0x1020
#define LIME_NOT_ENABLED 0x1100
/* this define the maximum key derivation number allowed to get the caches back in sync in case of missed messages */
#define MAX_DERIVATION_NUMBER 100
......@@ -41,16 +42,6 @@ typedef struct limeURIKeys_struct {
uint8_t *peerURI; /**< the sip URI associated to all the keys, must be a null terminated string */
} limeURIKeys_t;
/**
* @brief Retrieve selfZID from cache
*
* @param[in] cacheBuffer The xmlDoc containing current cache
* @param[out] selfZid The ZID found as a 24 hexa char string null terminated
*
* @return 0 on success, error code otherwise
*/
LINPHONE_PUBLIC int lime_getSelfZid(xmlDocPtr cacheBuffer, uint8_t selfZid[25]);
/**
* @brief Get from cache all the senders keys associated to the given URI
* peerKeys field from associatedKeys param must be NULL when calling this function.
......@@ -94,16 +85,6 @@ LINPHONE_PUBLIC int lime_setCachedKey(xmlDocPtr cacheBuffer, limeKey_t *associat
*/
LINPHONE_PUBLIC void lime_freeKeys(limeURIKeys_t associatedKeys);
/**
* @brief Derive in place the key given in parameter and increment session index
* Derivation is made derived Key = HMAC_SHA256(Key, 0x0000001||"MessageKey"||0x00||SessionId||SessionIndex||256)
*
* @param[in/out] key The structure containing the original key which will be overwritten, the sessionId and SessionIndex
*
* @return 0 on success, error code otherwise
*/
LINPHONE_PUBLIC int lime_deriveKey(limeKey_t *key);
/**
* @brief encrypt a message with the given key
*
......@@ -196,4 +177,10 @@ LINPHONE_PUBLIC int lime_decryptMultipartMessage(xmlDocPtr cacheBuffer, uint8_t
*/
LINPHONE_PUBLIC char *lime_error_code_to_string(int errorCode);
/**
* @brief Check if Lime was enabled at build time
*
* @return TRUE if Lime is available, FALSE if not
*/
LINPHONE_PUBLIC bool_t lime_is_available();
#endif /* LIME_H */
......@@ -23,6 +23,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#include "lpconfig.h"
#include "private.h"
#include "quality_reporting.h"
#include "lime.h"
#include <math.h>
#include <sys/types.h>
......@@ -1841,7 +1842,7 @@ void linphone_core_enable_lime(LinphoneCore *lc, bool_t val){
}
bool_t linphone_core_lime_enabled(const LinphoneCore *lc){
return lp_config_get_int(lc->config,"sip", "lime", FALSE);
return (lp_config_get_int(lc->config,"sip", "lime", FALSE) && lime_is_available());
}
/**
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment