Changeset 5412
- Timestamp:
- Aug 8, 2016 9:09:29 AM (8 years ago)
- Location:
- pjproject/trunk
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
pjproject/trunk/aconfigure
r5403 r5412 641 641 libssl_present 642 642 openssl_h_present 643 ac_ssl_has_aes_gcm 643 644 ac_no_ssl 644 645 ac_webrtc_ldflags … … 7838 7839 7839 7840 7841 ac_ssl_has_aes_gcm=0 7842 7840 7843 # Check whether --enable-ssl was given. 7841 7844 if test "${enable_ssl+set}" = set; then : … … 7949 7952 { $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL library found, SSL support enabled" >&5 7950 7953 $as_echo "OpenSSL library found, SSL support enabled" >&6; } 7954 7955 # Check if SRTP should be compiled with OpenSSL 7956 # support, to enable cryptos such as AES GCM AC_CHECK_LIB(crypto,EVP_aes_128_gcm,[ac_ssl_has_aes_gcm=1]) 7957 if test "x$ac_ssl_has_aes_gcm" = "x1"; then 7958 { $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL has AES GCM support, SRTP will use OpenSSl version" >&5 7959 $as_echo "OpenSSL has AES GCM support, SRTP will use OpenSSl version" >&6; } 7960 else 7961 { $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL AES GCM support not found, SRTP will only support AES CM cryptos" >&5 7962 $as_echo "OpenSSL AES GCM support not found, SRTP will only support AES CM cryptos" >&6; } 7963 fi 7964 7951 7965 # PJSIP_HAS_TLS_TRANSPORT setting follows PJ_HAS_SSL_SOCK 7952 7966 #AC_DEFINE(PJSIP_HAS_TLS_TRANSPORT, 1) -
pjproject/trunk/aconfigure.ac
r5403 r5412 1576 1576 dnl # Include SSL support 1577 1577 AC_SUBST(ac_no_ssl) 1578 AC_SUBST(ac_ssl_has_aes_gcm,0) 1578 1579 AC_ARG_ENABLE(ssl, 1579 1580 AS_HELP_STRING([--disable-ssl], … … 1601 1602 if test "x$openssl_h_present" = "x1" -a "x$libssl_present" = "x1" -a "x$libcrypto_present" = "x1"; then 1602 1603 AC_MSG_RESULT([OpenSSL library found, SSL support enabled]) 1604 1605 # Check if SRTP should be compiled with OpenSSL 1606 # support, to enable cryptos such as AES GCM AC_CHECK_LIB(crypto,EVP_aes_128_gcm,[ac_ssl_has_aes_gcm=1]) 1607 if test "x$ac_ssl_has_aes_gcm" = "x1"; then 1608 AC_MSG_RESULT([OpenSSL has AES GCM support, SRTP will use OpenSSl version]) 1609 else 1610 AC_MSG_RESULT([OpenSSL AES GCM support not found, SRTP will only support AES CM cryptos]) 1611 fi 1612 1603 1613 # PJSIP_HAS_TLS_TRANSPORT setting follows PJ_HAS_SSL_SOCK 1604 1614 #AC_DEFINE(PJSIP_HAS_TLS_TRANSPORT, 1) -
pjproject/trunk/pjmedia/include/pjmedia/config.h
r5410 r5412 954 954 955 955 /** 956 * Maximum number of SRTP cryptos. 957 * 958 * Default: 16 959 */ 960 #ifndef PJMEDIA_SRTP_MAX_CRYPTOS 961 # define PJMEDIA_SRTP_MAX_CRYPTOS 16 962 #endif 963 964 965 /** 966 * Enable AES_CM_256 cryptos in SRTP. 967 * Default: enabled. 968 */ 969 #ifndef PJMEDIA_SRTP_HAS_AES_CM_256 970 # define PJMEDIA_SRTP_HAS_AES_CM_256 1 971 #endif 972 973 974 /** 975 * Enable AES_CM_192 cryptos in SRTP 976 * Default: disabled. 977 */ 978 #ifndef PJMEDIA_SRTP_HAS_AES_CM_192 979 # define PJMEDIA_SRTP_HAS_AES_CM_192 0 980 #endif 981 982 983 /** 984 * Enable AES_CM_128 cryptos in SRTP. 985 * Default: enabled. 986 */ 987 #ifndef PJMEDIA_SRTP_HAS_AES_CM_128 988 # define PJMEDIA_SRTP_HAS_AES_CM_128 1 989 #endif 990 991 992 /** 993 * Enable AES_GCM_256 cryptos in SRTP. 994 * Default: disabled. 995 */ 996 #ifndef PJMEDIA_SRTP_HAS_AES_GCM_256 997 # define PJMEDIA_SRTP_HAS_AES_GCM_256 0 998 #endif 999 1000 1001 /** 1002 * Enable AES_GCM_128 cryptos in SRTP. 1003 * Default: disabled. 1004 */ 1005 #ifndef PJMEDIA_SRTP_HAS_AES_GCM_128 1006 # define PJMEDIA_SRTP_HAS_AES_GCM_128 0 1007 #endif 1008 1009 1010 /** 956 1011 * Let the library handle libsrtp initialization and deinitialization. 957 1012 * Application may want to disable this and manually perform libsrtp -
pjproject/trunk/pjmedia/include/pjmedia/transport_srtp.h
r3999 r5412 156 156 * Specify individual crypto suite setting. 157 157 */ 158 pjmedia_srtp_crypto crypto[ 8];158 pjmedia_srtp_crypto crypto[PJMEDIA_SRTP_MAX_CRYPTOS]; 159 159 160 160 } pjmedia_srtp_setting; -
pjproject/trunk/pjmedia/src/pjmedia/transport_srtp.c
r5408 r5412 85 85 } crypto_suite; 86 86 87 /* Crypto suites as defined on RFC 4568*/87 /* https://www.iana.org/assignments/sdp-security-descriptions/sdp-security-descriptions.xhtml */ 88 88 static crypto_suite crypto_suites[] = { 89 89 /* plain RTP/RTCP (no cipher & no auth) */ 90 90 {"NULL", NULL_CIPHER, 0, NULL_AUTH, 0, 0, 0, sec_serv_none}, 91 91 #if defined(PJMEDIA_SRTP_HAS_AES_GCM_256) && \ 92 (PJMEDIA_SRTP_HAS_AES_GCM_256 != 0) 93 /* cipher AES_GCM, NULL auth, auth tag len = 16 octets */ 94 {"AEAD_AES_256_GCM", AES_256_GCM, AES_256_GCM_KEYSIZE_WSALT, 95 NULL_AUTH, 0, 16, 16, sec_serv_conf_and_auth}, 96 /* cipher AES_GCM, NULL auth, auth tag len = 8 octets */ 97 {"AEAD_AES_256_GCM_8", AES_256_GCM, AES_256_GCM_KEYSIZE_WSALT, 98 NULL_AUTH, 0, 8, 8, sec_serv_conf_and_auth}, 99 #endif 100 #if defined(PJMEDIA_SRTP_HAS_AES_CM_256) && \ 101 (PJMEDIA_SRTP_HAS_AES_CM_256 != 0) 92 102 /* cipher AES_CM_256, auth HMAC_SHA1, auth tag len = 10 octets */ 93 103 {"AES_256_CM_HMAC_SHA1_80", AES_ICM, 46, HMAC_SHA1, 20, 10, 10, 94 104 sec_serv_conf_and_auth}, 95 96 105 /* cipher AES_CM_256, auth HMAC_SHA1, auth tag len = 10 octets */ 97 106 {"AES_256_CM_HMAC_SHA1_32", AES_ICM, 46, HMAC_SHA1, 20, 4, 10, 98 sec_serv_conf_and_auth},99 100 /* cipher AES_192_CM, auth HMAC_SHA1, auth tag len = 10 octets */101 //{"AES_192_CM_HMAC_SHA1_80", AES_ICM, 38, HMAC_SHA1, 20, 10, 10,102 //sec_serv_conf_and_auth},103 104 /* cipher AES_192_CM, auth HMAC_SHA1, auth tag len = 4 octets */105 //{"AES_192_CM_HMAC_SHA1_32", AES_ICM, 38, HMAC_SHA1, 20, 4, 10,106 //sec_serv_conf_and_auth},107 108 /* cipher AES_CM, auth HMAC_SHA1, auth tag len = 10 octets */109 {"AES_CM_128_HMAC_SHA1_80", AES_128_ICM, 30, HMAC_SHA1, 20, 10, 10,110 107 sec_serv_conf_and_auth}, 111 112 /* cipher AES_CM, auth HMAC_SHA1, auth tag len = 4 octets */ 113 {"AES_CM_128_HMAC_SHA1_32", AES_128_ICM, 30, HMAC_SHA1, 20, 4, 10, 108 #endif 109 #if defined(PJMEDIA_SRTP_HAS_AES_CM_192) && \ 110 (PJMEDIA_SRTP_HAS_AES_CM_192 != 0) 111 /* cipher AES_CM_192, auth HMAC_SHA1, auth tag len = 10 octets */ 112 {"AES_192_CM_HMAC_SHA1_80", AES_ICM, 38, HMAC_SHA1, 20, 10, 10, 114 113 sec_serv_conf_and_auth}, 115 114 /* cipher AES_CM_192, auth HMAC_SHA1, auth tag len = 4 octets */ 115 {"AES_192_CM_HMAC_SHA1_32", AES_ICM, 38, HMAC_SHA1, 20, 4, 10, 116 sec_serv_conf_and_auth}, 117 #endif 118 #if defined(PJMEDIA_SRTP_HAS_AES_GCM_128) && \ 119 (PJMEDIA_SRTP_HAS_AES_GCM_128 != 0) 120 /* cipher AES_GCM, NULL auth, auth tag len = 16 octets */ 121 {"AEAD_AES_128_GCM", AES_128_GCM, AES_128_GCM_KEYSIZE_WSALT, 122 NULL_AUTH, 0, 16, 16, sec_serv_conf_and_auth}, 123 124 /* cipher AES_GCM, NULL auth, auth tag len = 8 octets */ 125 {"AEAD_AES_128_GCM_8", AES_128_GCM, AES_128_GCM_KEYSIZE_WSALT, 126 NULL_AUTH, 0, 8, 8, sec_serv_conf_and_auth}, 127 #endif 128 #if defined(PJMEDIA_SRTP_HAS_AES_CM_128) && \ 129 (PJMEDIA_SRTP_HAS_AES_CM_128 != 0) 130 /* cipher AES_CM_128, auth HMAC_SHA1, auth tag len = 10 octets */ 131 {"AES_CM_128_HMAC_SHA1_80", AES_ICM, 30, HMAC_SHA1, 20, 10, 10, 132 sec_serv_conf_and_auth}, 133 /* cipher AES_CM_128, auth HMAC_SHA1, auth tag len = 4 octets */ 134 {"AES_CM_128_HMAC_SHA1_32", AES_ICM, 30, HMAC_SHA1, 20, 4, 10, 135 sec_serv_conf_and_auth}, 136 #endif 116 137 /* 117 138 * F8_128_HMAC_SHA1_8 not supported by libsrtp? -
pjproject/trunk/third_party/build/os-auto.mak.in
r5361 r5412 36 36 else 37 37 DIRS += srtp 38 39 ifeq (@ac_ssl_has_aes_gcm@,0) 40 CIPHERS_SRC = crypto/cipher/aes.o crypto/cipher/aes_icm.o \ 41 crypto/cipher/aes_cbc.o 42 HASHES_SRC = crypto/hash/sha1.o crypto/hash/hmac.o \ 43 # crypto/hash/tmmhv2.o 44 RNG_SRC = crypto/rng/rand_source.o crypto/rng/prng.o \ 45 crypto/rng/ctr_prng.o 46 else 47 CIPHERS_SRC = crypto/cipher/aes_icm_ossl.o crypto/cipher/aes_gcm_ossl.o 48 HASHES_SRC = crypto/hash/hmac_ossl.o 49 RNG_SRC = crypto/rng/rand_source_ossl.o 50 SRTP_OTHER_CFLAGS = -DOPENSSL 51 endif 52 53 38 54 endif 39 55 -
pjproject/trunk/third_party/build/srtp/Makefile
r5261 r5412 1 1 include ../../../build.mak 2 2 include ../../../build/common.mak 3 include ../os-$(OS_NAME).mak 3 4 4 5 export LIBDIR := ../../lib … … 29 30 # libcrypt.a (the crypto engine) 30 31 ciphers = crypto/cipher/cipher.o crypto/cipher/null_cipher.o \ 31 crypto/cipher/aes.o crypto/cipher/aes_icm.o \ 32 crypto/cipher/aes_cbc.o 32 $(CIPHERS_SRC) 33 33 34 hashes = crypto/hash/null_auth.o crypto/hash/sha1.o \ 35 crypto/hash/hmac.o crypto/hash/auth.o # crypto/hash/tmmhv2.o 34 hashes = crypto/hash/null_auth.o crypto/hash/auth.o $(HASHES_SRC) 36 35 37 36 replay = crypto/replay/rdb.o crypto/replay/rdbx.o \ … … 42 41 ust = crypto/ust/ust.o 43 42 44 rng = crypto/rng/rand_source.o crypto/rng/prng.o crypto/rng/ctr_prng.o43 rng = $(RNG_SRC) 45 44 46 45 err = pjlib/srtp_err.o … … 55 54 export SRTP_SRCDIR = ../../srtp 56 55 export SRTP_OBJS = $(cryptobj) $(srtpobj) 57 export SRTP_CFLAGS = -DHAVE_CONFIG_H $(_CFLAGS) 56 export SRTP_CFLAGS = -DHAVE_CONFIG_H $(_CFLAGS) $(SRTP_OTHER_CFLAGS) 58 57 export SRTP_LDFLAGS = $(PJLIB_LDLIB) $(_LDFLAGS) 59 58
Note: See TracChangeset
for help on using the changeset viewer.