chacha20 poly1305

.gitignore

@@ -23,6 +23,7 @@ old?
 *.app
 
 # srtp things
+build
 Debug
 Makefile
 Root

.travis.yml

@@ -1,4 +1,4 @@
-dist: trusty
+dist: xenial
 sudo: false
 language: c
 
@@ -25,6 +25,11 @@ matrix:
         - make
         - make runtest
         - make runtest-valgrind
+        - make distclean
+        - mkdir build && cd build
+        - cmake ..
+        - make
+        - make test
 
     # linux build with openssl
     - os: linux
@@ -42,6 +47,16 @@ matrix:
         - make
         - make runtest
         - make runtest-valgrind
+        - make distclean
+        - mkdir build && cd build
+        - cmake -DENABLE_OPENSSL=ON ..
+        - make
+        - make test
+        - cd ..
+        - mkdir build_shared && cd build_shared
+        - cmake -DENABLE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON ..
+        - make
+        - make test
 
     # linux build with openssl and clang
     - os: linux
@@ -82,26 +97,36 @@ matrix:
         - EXTRA_CFLAGS=-Werror ./configure
         - make
         - make runtest
+        - make distclean
+        - mkdir build && cd build
+        - cmake ..
+        - make
+        - make test
 
     # osx build with openssl
     - os: osx
+      osx_image: xcode11.2
       env:
         - TEST="osx openssl"
       before_install:
-            - brew install openssl
+            - brew install openssl@1.1
       script:
-        - PKG_CONFIG_PATH=/usr/local/opt/openssl/lib/pkgconfig EXTRA_CFLAGS=-Werror ./configure --enable-openssl
+        - PKG_CONFIG_PATH=$(brew --prefix openssl@1.1)/lib/pkgconfig EXTRA_CFLAGS=-Werror ./configure --enable-openssl
         - make
         - make runtest
+        - make distclean
+        - mkdir build && cd build
+        - cmake -DOPENSSL_ROOT_DIR=$(brew --prefix [email protected]) -DENABLE_OPENSSL=ON ..
+        - make
+        - make test
 
     # osx build with nss
     - os: osx
+      osx_image: xcode11.2
       env:
         - TEST="osx nss"
-      before_install:
-            - brew install nss
       script:
-        - PKG_CONFIG_PATH=/usr/local/opt/nss/lib/pkgconfig EXTRA_CFLAGS=-Werror ./configure --enable-nss
+        - PKG_CONFIG_PATH=$(brew --prefix nss)/lib/pkgconfig EXTRA_CFLAGS=-Werror ./configure --enable-nss
         - make
         - make runtest
 
@@ -140,6 +165,18 @@ matrix:
         - file test/srtp_driver
         - make runtest
 
+    # linux build of fuzzer
+    - os: linux
+      env:
+        - TEST="fuzzer (build only)"
+      addons:
+        apt:
+          packages:
+            - clang
+      script:
+        - CC=clang CXX=clang++ CXXFLAGS="-fsanitize=fuzzer-no-link,address,undefined -g -O3" CFLAGS="-fsanitize=fuzzer-no-link,address,undefined -g -O3" LDFLAGS="-fsanitize=fuzzer-no-link,address,undefined" ./configure
+        - LIBFUZZER="-fsanitize=fuzzer" make srtp-fuzzer
+
     # coverity scan
     - os: linux
       env:
@@ -156,3 +193,67 @@ matrix:
           branch_pattern: master
       script:
         - echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca-
+
+    # windows build
+    - os: windows
+      env:
+        - TEST="windows"
+      script:
+        - export PATH="c:\Program Files (x86)\Microsoft Visual Studio\2017\BuildTools\MSBuild\15.0\Bin":$PATH
+        - mkdir build && cd build
+        - cmake -G "Visual Studio 15 2017" ..
+        - msbuild.exe libsrtp2.sln -p:Configuration=Release
+        - msbuild.exe RUN_TESTS.vcxproj -p:Configuration=Release
+        - cd ..
+        - mkdir build_shared && cd build_shared
+        - cmake -G "Visual Studio 15 2017" -DBUILD_SHARED_LIBS=ON ..
+        - msbuild.exe libsrtp2.sln -p:Configuration=Release
+        - msbuild.exe RUN_TESTS.vcxproj -p:Configuration=Release
+
+    # android build
+    - os: linux
+      env:
+        - TEST="android"
+      script:
+        - wget -q https://dl.google.com/android/repository/android-ndk-r20b-linux-x86_64.zip
+        - unzip -qq android-ndk-r20b-linux-x86_64.zip
+        - ANDROID_NDK=`pwd`/android-ndk-r20b
+        - mkdir build_android
+        - cd build_android
+        - cmake -DCMAKE_TOOLCHAIN_FILE=$ANDROID_NDK/build/cmake/android.toolchain.cmake -DANDROID_ABI=arm64-v8a ..
+        - make
+        - cd ..
+        - TOOLCHAIN=$ANDROID_NDK/toolchains/llvm/prebuilt/linux-x86_64
+          AR=$TOOLCHAIN/bin/aarch64-linux-android-ar
+          AS=$TOOLCHAIN/bin/aarch64-linux-android-as
+          CC=$TOOLCHAIN/bin/aarch64-linux-android21-clang
+          CXX=$TOOLCHAIN/bin/aarch64-linux-android21-clang++
+          LD=$TOOLCHAIN/bin/aarch64-linux-android-ld
+          RANLIB=$TOOLCHAIN/bin/aarch64-linux-android-ranlib
+          STRIP=$TOOLCHAIN/bin/aarch64-linux-android-strip
+          ./configure --host aarch64-linux-android
+        - make
+
+    # ios build with openssl
+    - os: osx
+      osx_image: xcode11.2
+      env:
+        - TEST="ios"
+      script:
+        - wget -q https://raw.githubusercontent.com/leetal/ios-cmake/master/ios.toolchain.cmake
+        - mkdir build && cd build
+        - cmake -DCMAKE_TOOLCHAIN_FILE=../ios.toolchain.cmake  -DPLATFORM=OS64 ..
+        - make
+        - cd ..
+        - CFLAGS="-arch arm64 --sysroot=$(xcrun --sdk iphoneos --show-sdk-path) -miphoneos-version-min=8.0 -fembed-bitcode"
+          LDFLAGS="-arch arm64 --sysroot=$(xcrun --sdk iphoneos --show-sdk-path) -miphoneos-version-min=8.0 -fembed-bitcode"
+          AR="$(xcrun --find --sdk iphoneos ar)"
+          AS="$(xcrun --find --sdk iphoneos as)"
+          CC="$(xcrun --find --sdk iphoneos clang)"
+          CXX="$(xcrun --find --sdk iphoneos clang++)"
+          LD="$(xcrun --find --sdk iphoneos ld)"
+          RANLIB="$(xcrun --find --sdk iphoneos ranlib)"
+          STRIP="$(xcrun --find --sdk iphoneos strip)"
+          ./configure --host arm-apple-darwin
+        - make
+        - make shared_library

CHANGES

@@ -1,6 +1,42 @@
 Changelog
 
-2.2.0-pre (This version)
+2.4.0-pre (This version)
+
+2.3.0
+
+Major changes
+
+A fuzzer was added to the project based on libFuzzer. This is run as part of Google oss-fuzz, the current status can be found at https://oss-fuzz-build-logs.storage.googleapis.com/index.html#libsrtp . Details available in PR #442 and issue #393.
+
+CMake support was added as an alternative build system. This was primarily added to replace the Visual Studio project files currently checked in but has been extend to support building on all platforms. Initial PR #449 and #455 but has been support has been continuously improved. 
+
+NSS support for crypto backend was added. This is can be used as an alternative to openssl. Initial PR #413 but there has been numerous improvements.
+
+PR #474 - Add flag to disable pcap dependency when build test apps.
+
+PR #472 - Add ci builds for ios and android.
+
+PR #463 - problem on srtp_aes_icm_openssl_encrypt.
+
+PR #471 - Allow the pcap file to be read from a physical file.
+
+PR #457 - Fix docs crypto_policy_* -> srtp_crypto_policy_* .
+
+PR #452 - crypto/cipher: Reset the EVP_CIPHER_CTX structure before each test.
+
+PR #444 - Extend rtp_ecoder to support RTCP and multiplexed SSRC's.
+
+PR #443 - rtp_decoder avoid crash when no packets found.
+
+PR #429 - Rand for test only.
+
+PR #421 - Fix GCM IV logging.
+
+PR #415 - Fixes unaligned trailer access.
+
+PR #414 - Detect and handle broken "OPENSSL_cleanse".
+
+2.2.0
 
 Major changes