Ignore:
Timestamp:
Dec 28, 2016 3:40:07 AM (7 years ago)
Author:
nanang
Message:

Re #1900: More merged from trunk (r5512 mistakenly contains merged changes in third-party dir only).

Location:
pjproject/branches/projects/uwp
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • pjproject/branches/projects/uwp

  • pjproject/branches/projects/uwp/pjmedia/src/pjmedia/transport_srtp.c

    r5136 r5513  
    4848#else 
    4949#  include <srtp.h> 
     50#  include <crypto_kernel.h> 
    5051#endif 
    5152 
     
    7172static const pj_str_t ID_INACTIVE = { "inactive", 8 }; 
    7273static const pj_str_t ID_CRYPTO   = { "crypto", 6 }; 
     74 
     75typedef void (*crypto_method_t)(crypto_policy_t *policy); 
    7376 
    7477typedef struct crypto_suite 
     
    8285    unsigned             srtcp_auth_tag_len; 
    8386    sec_serv_t           service; 
     87    /* This is an attempt to validate crypto support by libsrtp, i.e: it should 
     88     * raise linking error if the libsrtp does not support the crypto.  
     89     */ 
     90    cipher_type_t       *ext_cipher_type; 
     91    crypto_method_t      ext_crypto_method; 
    8492} crypto_suite; 
    8593 
    86 /* Crypto suites as defined on RFC 4568 */ 
     94extern cipher_type_t aes_gcm_256_openssl; 
     95extern cipher_type_t aes_gcm_128_openssl; 
     96extern cipher_type_t aes_icm_192; 
     97 
     98/* https://www.iana.org/assignments/sdp-security-descriptions/sdp-security-descriptions.xhtml */ 
    8799static crypto_suite crypto_suites[] = { 
    88100    /* plain RTP/RTCP (no cipher & no auth) */ 
    89101    {"NULL", NULL_CIPHER, 0, NULL_AUTH, 0, 0, 0, sec_serv_none}, 
    90  
    91     /* cipher AES_CM, auth HMAC_SHA1, auth tag len = 10 octets */ 
    92     {"AES_CM_128_HMAC_SHA1_80", AES_128_ICM, 30, HMAC_SHA1, 20, 10, 10, 
     102#if defined(PJMEDIA_SRTP_HAS_AES_GCM_256) && \ 
     103    (PJMEDIA_SRTP_HAS_AES_GCM_256 != 0) 
     104    /* cipher AES_GCM, NULL auth, auth tag len = 16 octets */ 
     105    {"AEAD_AES_256_GCM", AES_256_GCM, AES_256_GCM_KEYSIZE_WSALT, 
     106        NULL_AUTH, 0, 16, 16, sec_serv_conf_and_auth, &aes_gcm_256_openssl}, 
     107    /* cipher AES_GCM, NULL auth, auth tag len = 8 octets */ 
     108    {"AEAD_AES_256_GCM_8", AES_256_GCM, AES_256_GCM_KEYSIZE_WSALT, 
     109        NULL_AUTH, 0, 8, 8, sec_serv_conf_and_auth, &aes_gcm_256_openssl}, 
     110#endif 
     111#if defined(PJMEDIA_SRTP_HAS_AES_CM_256) && \ 
     112    (PJMEDIA_SRTP_HAS_AES_CM_256 != 0) 
     113    /* cipher AES_CM_256, auth HMAC_SHA1, auth tag len = 10 octets */ 
     114    {"AES_256_CM_HMAC_SHA1_80", AES_ICM, 46, HMAC_SHA1, 20, 10, 10, 
     115        sec_serv_conf_and_auth, NULL,  
     116        &crypto_policy_set_aes_cm_256_hmac_sha1_80}, 
     117    /* cipher AES_CM_256, auth HMAC_SHA1, auth tag len = 10 octets */ 
     118    {"AES_256_CM_HMAC_SHA1_32", AES_ICM, 46, HMAC_SHA1, 20, 4, 10, 
     119        sec_serv_conf_and_auth, NULL, 
     120        &crypto_policy_set_aes_cm_256_hmac_sha1_32}, 
     121#endif 
     122#if defined(PJMEDIA_SRTP_HAS_AES_CM_192) && \ 
     123    (PJMEDIA_SRTP_HAS_AES_CM_192 != 0) 
     124    /* cipher AES_CM_192, auth HMAC_SHA1, auth tag len = 10 octets */ 
     125    {"AES_192_CM_HMAC_SHA1_80", AES_ICM, 38, HMAC_SHA1, 20, 10, 10, 
     126        sec_serv_conf_and_auth, &aes_icm_192}, 
     127    /* cipher AES_CM_192, auth HMAC_SHA1, auth tag len = 4 octets */ 
     128    {"AES_192_CM_HMAC_SHA1_32", AES_ICM, 38, HMAC_SHA1, 20, 4, 10, 
     129        sec_serv_conf_and_auth, &aes_icm_192}, 
     130#endif 
     131#if defined(PJMEDIA_SRTP_HAS_AES_GCM_128) && \ 
     132    (PJMEDIA_SRTP_HAS_AES_GCM_128 != 0) 
     133    /* cipher AES_GCM, NULL auth, auth tag len = 16 octets */ 
     134    {"AEAD_AES_128_GCM", AES_128_GCM, AES_128_GCM_KEYSIZE_WSALT, 
     135        NULL_AUTH, 0, 16, 16, sec_serv_conf_and_auth, &aes_gcm_128_openssl}, 
     136 
     137    /* cipher AES_GCM, NULL auth, auth tag len = 8 octets */ 
     138    {"AEAD_AES_128_GCM_8", AES_128_GCM, AES_128_GCM_KEYSIZE_WSALT, 
     139        NULL_AUTH, 0, 8, 8, sec_serv_conf_and_auth, &aes_gcm_128_openssl}, 
     140#endif 
     141#if defined(PJMEDIA_SRTP_HAS_AES_CM_128) && \ 
     142    (PJMEDIA_SRTP_HAS_AES_CM_128 != 0) 
     143    /* cipher AES_CM_128, auth HMAC_SHA1, auth tag len = 10 octets */ 
     144    {"AES_CM_128_HMAC_SHA1_80", AES_ICM, 30, HMAC_SHA1, 20, 10, 10, 
    93145        sec_serv_conf_and_auth}, 
    94  
    95     /* cipher AES_CM, auth HMAC_SHA1, auth tag len = 4 octets */ 
    96     {"AES_CM_128_HMAC_SHA1_32", AES_128_ICM, 30, HMAC_SHA1, 20, 4, 10, 
     146    /* cipher AES_CM_128, auth HMAC_SHA1, auth tag len = 4 octets */ 
     147    {"AES_CM_128_HMAC_SHA1_32", AES_ICM, 30, HMAC_SHA1, 20, 4, 10, 
    97148        sec_serv_conf_and_auth}, 
    98  
     149#endif 
    99150    /* 
    100151     * F8_128_HMAC_SHA1_8 not supported by libsrtp? 
     
    337388    PJ_UNUSED_ARG(endpt); 
    338389 
    339 #if defined(PJMEDIA_EXTERNAL_SRTP) && (PJMEDIA_EXTERNAL_SRTP != 0) 
     390#if !defined(PJMEDIA_SRTP_HAS_DEINIT) && !defined(PJMEDIA_SRTP_HAS_SHUTDOWN) 
     391# define PJMEDIA_SRTP_HAS_SHUTDOWN 1 
     392#endif 
    340393 
    341394# if defined(PJMEDIA_SRTP_HAS_DEINIT) && PJMEDIA_SRTP_HAS_DEINIT!=0 
     
    346399    err = err_status_ok; 
    347400# endif 
    348  
    349 #else 
    350     err = srtp_deinit(); 
    351 #endif 
    352401    if (err != err_status_ok) { 
    353402        PJ_LOG(4, (THIS_FILE, "Failed to deinitialize libsrtp: %s", 
     
    11701219    pj_str_t input; 
    11711220    char *token; 
    1172     pj_size_t token_len; 
    11731221    pj_str_t tmp; 
    11741222    pj_status_t status; 
    1175     int itmp; 
     1223    int itmp, token_len; 
    11761224 
    11771225    pj_bzero(crypto, sizeof(*crypto)); 
     
    13711419        /* Generate crypto attribute if not yet */ 
    13721420        if (pjmedia_sdp_media_find_attr(m_loc, &ID_CRYPTO, NULL) == NULL) { 
     1421            int tag = 1; 
     1422 
    13731423            /* Offer only current active crypto if any, otherwise offer all 
    13741424             * crypto-suites in the setting. 
     
    13851435                status = generate_crypto_attr_value(srtp->pool, buffer, &buffer_len, 
    13861436                                                    &srtp->setting.crypto[i], 
    1387                                                     i+1); 
     1437                                                    tag); 
    13881438                if (status != PJ_SUCCESS) 
    13891439                    return status; 
     
    13951445                                                   &attr_value); 
    13961446                    m_loc->attr[m_loc->attr_count++] = attr; 
     1447                    ++tag; 
    13971448                } 
    13981449            } 
     
    14571508                        { 
    14581509                            int cs_idx = get_crypto_idx(&tmp_rx_crypto.name); 
     1510                             
     1511                            if (cs_idx == -1) 
     1512                                return PJMEDIA_SRTP_ENOTSUPCRYPTO; 
    14591513 
    14601514                            /* Force to use test key */ 
Note: See TracChangeset for help on using the changeset viewer.