Changeset 5614 for pjproject/trunk/pjmedia/src/pjmedia/transport_srtp.c

Timestamp:

Jul 4, 2017 5:22:51 AM (7 years ago)

Author:

nanang

Message:

Close #1993: Updated bundled libSRTP version to 2.1.0.

File:

• pjproject/trunk/pjmedia/src/pjmedia/transport_srtp.c (modified) (23 diffs)

pjproject/trunk/pjmedia/src/pjmedia/transport_srtp.c

@@ -75 +75 @@
 static const pj_str_t ID_CRYPTO   = { "crypto", 6 };
 
-typedef void (*crypto_method_t)(crypto_policy_t *policy);
+typedef void (*crypto_method_t)(srtp_crypto_policy_t *policy);
 
 typedef struct crypto_suite
 {
     char                *name;
-    cipher_type_id_t     cipher_type;
+    srtp_cipher_type_id_t cipher_type;
     unsigned             cipher_key_len;    /* key + salt length    */
     unsigned             cipher_salt_len;   /* salt only length     */
-    auth_type_id_t       auth_type;
+    srtp_auth_type_id_t  auth_type;
     unsigned             auth_key_len;
     unsigned             srtp_auth_tag_len;
     unsigned             srtcp_auth_tag_len;
-    sec_serv_t           service;
+    srtp_sec_serv_t      service;
     /* This is an attempt to validate crypto support by libsrtp, i.e: it should
      * raise linking error if the libsrtp does not support the crypto. 
      */
-    cipher_type_t       *ext_cipher_type;
+    srtp_cipher_type_t  *ext_cipher_type;
     crypto_method_t      ext_crypto_method;
 } crypto_suite;
 
-extern cipher_type_t aes_gcm_256_openssl;
-extern cipher_type_t aes_gcm_128_openssl;
-extern cipher_type_t aes_icm_192;
+extern srtp_cipher_type_t srtp_aes_gcm_256_openssl;
+extern srtp_cipher_type_t srtp_aes_gcm_128_openssl;
+extern srtp_cipher_type_t srtp_aes_icm_192;
 
 /* https://www.iana.org/assignments/sdp-security-descriptions/sdp-security-descriptions.xhtml */
 static crypto_suite crypto_suites[] = {
     /* plain RTP/RTCP (no cipher & no auth) */
-    {"NULL", NULL_CIPHER, 0, NULL_AUTH, 0, 0, 0, sec_serv_none},
+    {"NULL", SRTP_NULL_CIPHER, 0, SRTP_NULL_AUTH, 0, 0, 0, sec_serv_none},
 
 #if defined(PJMEDIA_SRTP_HAS_AES_GCM_256)&&(PJMEDIA_SRTP_HAS_AES_GCM_256!=0)
 
     /* cipher AES_GCM, NULL auth, auth tag len = 16 octets */
-    {"AEAD_AES_256_GCM", AES_256_GCM, 44, 12,
-        NULL_AUTH, 0, 16, 16, sec_serv_conf_and_auth, &aes_gcm_256_openssl},
+    {"AEAD_AES_256_GCM", SRTP_AES_GCM_256, 44, 12,
+        SRTP_NULL_AUTH, 0, 16, 16, sec_serv_conf_and_auth,
+        &srtp_aes_gcm_256_openssl},
 
     /* cipher AES_GCM, NULL auth, auth tag len = 8 octets */
-    {"AEAD_AES_256_GCM_8", AES_256_GCM, 44, 12,
-        NULL_AUTH, 0, 8, 8, sec_serv_conf_and_auth, &aes_gcm_256_openssl},
+    {"AEAD_AES_256_GCM_8", SRTP_AES_GCM_256, 44, 12,
+        SRTP_NULL_AUTH, 0, 8, 8, sec_serv_conf_and_auth,
+        &srtp_aes_gcm_256_openssl},
 #endif
 #if defined(PJMEDIA_SRTP_HAS_AES_CM_256)&&(PJMEDIA_SRTP_HAS_AES_CM_256!=0)
 
-    /* cipher AES_CM_256, auth HMAC_SHA1, auth tag len = 10 octets */
-    {"AES_256_CM_HMAC_SHA1_80", AES_ICM, 46, 14, HMAC_SHA1, 20, 10, 10,
-        sec_serv_conf_and_auth, NULL, 
-        &crypto_policy_set_aes_cm_256_hmac_sha1_80},
-
-    /* cipher AES_CM_256, auth HMAC_SHA1, auth tag len = 10 octets */
-    {"AES_256_CM_HMAC_SHA1_32", AES_ICM, 46, 14, HMAC_SHA1, 20, 4, 10,
-        sec_serv_conf_and_auth, NULL,
-        &crypto_policy_set_aes_cm_256_hmac_sha1_32},
+    /* cipher AES_CM_256, auth SRTP_HMAC_SHA1, auth tag len = 10 octets */
+    {"AES_256_CM_HMAC_SHA1_80", SRTP_AES_ICM_256, 46, 14,
+        SRTP_HMAC_SHA1, 20, 10, 10, sec_serv_conf_and_auth,
+        NULL, &srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80},
+
+    /* cipher AES_CM_256, auth SRTP_HMAC_SHA1, auth tag len = 10 octets */
+    {"AES_256_CM_HMAC_SHA1_32", SRTP_AES_ICM_256, 46, 14,
+        SRTP_HMAC_SHA1, 20, 4, 10, sec_serv_conf_and_auth,
+        NULL, &srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32},
 #endif
 #if defined(PJMEDIA_SRTP_HAS_AES_CM_192)&&(PJMEDIA_SRTP_HAS_AES_CM_192!=0)
 
-    /* cipher AES_CM_192, auth HMAC_SHA1, auth tag len = 10 octets */
-    {"AES_192_CM_HMAC_SHA1_80", AES_ICM, 38, 14, HMAC_SHA1, 20, 10, 10,
-        sec_serv_conf_and_auth, &aes_icm_192},
-
-    /* cipher AES_CM_192, auth HMAC_SHA1, auth tag len = 4 octets */
-    {"AES_192_CM_HMAC_SHA1_32", AES_ICM, 38, 14, HMAC_SHA1, 20, 4, 10,
-        sec_serv_conf_and_auth, &aes_icm_192},
+    /* cipher AES_CM_192, auth SRTP_HMAC_SHA1, auth tag len = 10 octets */
+    {"AES_192_CM_HMAC_SHA1_80", SRTP_AES_ICM_192, 38, 14,
+        SRTP_HMAC_SHA1, 20, 10, 10, sec_serv_conf_and_auth,
+        &srtp_aes_icm_192},
+
+    /* cipher AES_CM_192, auth SRTP_HMAC_SHA1, auth tag len = 4 octets */
+    {"AES_192_CM_HMAC_SHA1_32", SRTP_AES_ICM_192, 38, 14,
+        SRTP_HMAC_SHA1, 20, 4, 10, sec_serv_conf_and_auth,
+        &srtp_aes_icm_192},
 #endif
 #if defined(PJMEDIA_SRTP_HAS_AES_GCM_128)&&(PJMEDIA_SRTP_HAS_AES_GCM_128!=0)
 
     /* cipher AES_GCM, NULL auth, auth tag len = 16 octets */
-    {"AEAD_AES_128_GCM", AES_128_GCM, 28, 12,
-        NULL_AUTH, 0, 16, 16, sec_serv_conf_and_auth, &aes_gcm_128_openssl},
+    {"AEAD_AES_128_GCM", SRTP_AES_GCM_128, 28, 12,
+        SRTP_NULL_AUTH, 0, 16, 16, sec_serv_conf_and_auth,
+        &srtp_aes_gcm_128_openssl},
 
     /* cipher AES_GCM, NULL auth, auth tag len = 8 octets */
-    {"AEAD_AES_128_GCM_8", AES_128_GCM, 28, 12,
-        NULL_AUTH, 0, 8, 8, sec_serv_conf_and_auth, &aes_gcm_128_openssl},
+    {"AEAD_AES_128_GCM_8", SRTP_AES_GCM_128, 28, 12,
+        SRTP_NULL_AUTH, 0, 8, 8, sec_serv_conf_and_auth,
+        &srtp_aes_gcm_128_openssl},
 #endif
 #if defined(PJMEDIA_SRTP_HAS_AES_CM_128)&&(PJMEDIA_SRTP_HAS_AES_CM_128!=0)
 
-    /* cipher AES_CM_128, auth HMAC_SHA1, auth tag len = 10 octets */
-    {"AES_CM_128_HMAC_SHA1_80", AES_ICM, 30, 14, HMAC_SHA1, 20, 10, 10,
-        sec_serv_conf_and_auth},
-
-    /* cipher AES_CM_128, auth HMAC_SHA1, auth tag len = 4 octets */
-    {"AES_CM_128_HMAC_SHA1_32", AES_ICM, 30, 14, HMAC_SHA1, 20, 4, 10,
-        sec_serv_conf_and_auth},
+    /* cipher AES_CM_128, auth SRTP_HMAC_SHA1, auth tag len = 10 octets */
+    {"AES_CM_128_HMAC_SHA1_80", SRTP_AES_ICM_128, 30, 14,
+        SRTP_HMAC_SHA1, 20, 10, 10, sec_serv_conf_and_auth},
+
+    /* cipher AES_CM_128, auth SRTP_HMAC_SHA1, auth tag len = 4 octets */
+    {"AES_CM_128_HMAC_SHA1_32", SRTP_AES_ICM_128, 30, 14,
+        SRTP_HMAC_SHA1, 20, 4, 10, sec_serv_conf_and_auth},
 #endif
 
@@ -346 +352 @@
 #if defined(PJ_HAS_ERROR_STRING) && (PJ_HAS_ERROR_STRING != 0)
     static char *liberr[] = {
-        "ok",                               /* err_status_ok            = 0  */
+        "ok",                               /* srtp_err_status_ok       = 0  */
         "unspecified failure",              /* err_status_fail          = 1  */
         "unsupported parameter",            /* err_status_bad_param     = 2  */
@@ -413 +419 @@
     /* Init libsrtp */
     {
-        err_status_t err;
+        srtp_err_status_t err;
 
         err = srtp_init();
-        if (err != err_status_ok) {
+        if (err != srtp_err_status_ok) {
             PJ_LOG(4, (THIS_FILE, "Failed to initialize libsrtp: %s",
                        get_libsrtp_errstr(err)));
@@ -445 +451 @@
 static void pjmedia_srtp_deinit_lib(pjmedia_endpt *endpt)
 {
-    err_status_t err;
+    srtp_err_status_t err;
 
     /* Note that currently this SRTP init/deinit is not equipped with
@@ -467 +473 @@
     err = srtp_shutdown();
 # else
-    err = err_status_ok;
+    err = srtp_err_status_ok;
 # endif
-    if (err != err_status_ok) {
+    if (err != srtp_err_status_ok) {
         PJ_LOG(4, (THIS_FILE, "Failed to deinitialize libsrtp: %s",
                    get_libsrtp_errstr(err)));
@@ -680 +686 @@
     srtp_policy_t    tx_;
     srtp_policy_t    rx_;
-    err_status_t     err;
+    srtp_err_status_t err;
     int              cr_tx_idx = 0;
     int              au_tx_idx = 0;
@@ -753 +759 @@
     tx_.next                = NULL;
     err = srtp_create(&srtp->srtp_tx_ctx, &tx_);
-    if (err != err_status_ok) {
+    if (err != srtp_err_status_ok) {
         status = PJMEDIA_ERRNO_FROM_LIBSRTP(err);
         goto on_return;
@@ -786 +792 @@
     rx_.next                = NULL;
     err = srtp_create(&srtp->srtp_rx_ctx, &rx_);
-    if (err != err_status_ok) {
+    if (err != srtp_err_status_ok) {
         srtp_dealloc(srtp->srtp_tx_ctx);
         status = PJMEDIA_ERRNO_FROM_LIBSRTP(err);
@@ -851 +857 @@
 {
     transport_srtp *p_srtp = (transport_srtp*) srtp;
-    err_status_t err;
+    srtp_err_status_t err;
 
     PJ_ASSERT_RETURN(srtp, PJ_EINVAL);
@@ -863 +869 @@
 
     err = srtp_dealloc(p_srtp->srtp_rx_ctx);
-    if (err != err_status_ok) {
+    if (err != srtp_err_status_ok) {
         PJ_LOG(4, (p_srtp->pool->obj_name,
                    "Failed to dealloc RX SRTP context: %s",
@@ -869 +875 @@
     }
     err = srtp_dealloc(p_srtp->srtp_tx_ctx);
-    if (err != err_status_ok) {
+    if (err != srtp_err_status_ok) {
         PJ_LOG(4, (p_srtp->pool->obj_name,
                    "Failed to dealloc TX SRTP context: %s",
@@ -1032 +1038 @@
     transport_srtp *srtp = (transport_srtp*) tp;
     int len = (int)size;
-    err_status_t err;
+    srtp_err_status_t err;
 
     if (srtp->bypass_srtp)
@@ -1050 +1056 @@
     pj_lock_release(srtp->mutex);
 
-    if (err == err_status_ok) {
+    if (err == srtp_err_status_ok) {
         status = pjmedia_transport_send_rtp(srtp->member_tp,
                                             srtp->rtp_tx_buffer, len);
@@ -1076 +1082 @@
     transport_srtp *srtp = (transport_srtp*) tp;
     int len = (int)size;
-    err_status_t err;
+    srtp_err_status_t err;
 
     if (srtp->bypass_srtp) {
@@ -1096 +1102 @@
     pj_lock_release(srtp->mutex);
 
-    if (err == err_status_ok) {
+    if (err == srtp_err_status_ok) {
         status = pjmedia_transport_send_rtcp2(srtp->member_tp, addr, addr_len,
                                               srtp->rtcp_tx_buffer, len);
@@ -1154 +1160 @@
     transport_srtp *srtp = (transport_srtp *) user_data;
     int len = size;
-    err_status_t err;
+    srtp_err_status_t err;
     void (*cb)(void*, void*, pj_ssize_t) = NULL;
     void *cb_data = NULL;
@@ -1201 +1207 @@
     err = srtp_unprotect(srtp->srtp_rx_ctx, (pj_uint8_t*)pkt, &len);
     if (srtp->probation_cnt > 0 &&
-        (err == err_status_replay_old || err == err_status_replay_fail))
+        (err == srtp_err_status_replay_old ||
+         err == srtp_err_status_replay_fail))
     {
         /* Handle such condition that stream is updated (RTP seq is reinited
@@ -1224 +1231 @@
     }
 
-    if (err != err_status_ok) {
+    if (err != srtp_err_status_ok) {
         PJ_LOG(5,(srtp->pool->obj_name,
                   "Failed to unprotect SRTP, pkt size=%d, err=%s",
@@ -1247 +1254 @@
     transport_srtp *srtp = (transport_srtp *) user_data;
     int len = size;
-    err_status_t err;
+    srtp_err_status_t err;
     void (*cb)(void*, void*, pj_ssize_t) = NULL;
     void *cb_data = NULL;
@@ -1270 +1277 @@
     }
     err = srtp_unprotect_rtcp(srtp->srtp_rx_ctx, (pj_uint8_t*)pkt, &len);
-    if (err != err_status_ok) {
+    if (err != srtp_err_status_ok) {
         PJ_LOG(5,(srtp->pool->obj_name,
                   "Failed to unprotect SRTCP, pkt size=%d, err=%s",
@@ -1511 +1518 @@
 {
     transport_srtp *srtp = (transport_srtp *)tp;
-    err_status_t err;
+    srtp_err_status_t err;
 
     if (srtp->bypass_srtp)
@@ -1534 +1541 @@
         err = srtp_unprotect_rtcp(srtp->srtp_rx_ctx, pkt, pkt_len);
 
-    if (err != err_status_ok) {
+    if (err != srtp_err_status_ok) {
         PJ_LOG(5,(srtp->pool->obj_name,
                   "Failed to unprotect SRTP, pkt size=%d, err=%s",
@@ -1542 +1549 @@
     pj_lock_release(srtp->mutex);
 
-    return (err==err_status_ok) ? PJ_SUCCESS : PJMEDIA_ERRNO_FROM_LIBSRTP(err);
-}
-
-#endif
-
-
+    return (err==srtp_err_status_ok) ? PJ_SUCCESS :
+                                       PJMEDIA_ERRNO_FROM_LIBSRTP(err);
+}
+
+#endif
+
+