Changeset 5614 for pjproject/trunk/pjmedia/src/pjmedia/transport_srtp.c
- Timestamp:
- Jul 4, 2017 5:22:51 AM (7 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
pjproject/trunk/pjmedia/src/pjmedia/transport_srtp.c
r5602 r5614 75 75 static const pj_str_t ID_CRYPTO = { "crypto", 6 }; 76 76 77 typedef void (*crypto_method_t)( crypto_policy_t *policy);77 typedef void (*crypto_method_t)(srtp_crypto_policy_t *policy); 78 78 79 79 typedef struct crypto_suite 80 80 { 81 81 char *name; 82 cipher_type_id_tcipher_type;82 srtp_cipher_type_id_t cipher_type; 83 83 unsigned cipher_key_len; /* key + salt length */ 84 84 unsigned cipher_salt_len; /* salt only length */ 85 auth_type_id_t auth_type;85 srtp_auth_type_id_t auth_type; 86 86 unsigned auth_key_len; 87 87 unsigned srtp_auth_tag_len; 88 88 unsigned srtcp_auth_tag_len; 89 s ec_serv_tservice;89 srtp_sec_serv_t service; 90 90 /* This is an attempt to validate crypto support by libsrtp, i.e: it should 91 91 * raise linking error if the libsrtp does not support the crypto. 92 92 */ 93 cipher_type_t*ext_cipher_type;93 srtp_cipher_type_t *ext_cipher_type; 94 94 crypto_method_t ext_crypto_method; 95 95 } crypto_suite; 96 96 97 extern cipher_type_taes_gcm_256_openssl;98 extern cipher_type_taes_gcm_128_openssl;99 extern cipher_type_taes_icm_192;97 extern srtp_cipher_type_t srtp_aes_gcm_256_openssl; 98 extern srtp_cipher_type_t srtp_aes_gcm_128_openssl; 99 extern srtp_cipher_type_t srtp_aes_icm_192; 100 100 101 101 /* https://www.iana.org/assignments/sdp-security-descriptions/sdp-security-descriptions.xhtml */ 102 102 static crypto_suite crypto_suites[] = { 103 103 /* plain RTP/RTCP (no cipher & no auth) */ 104 {"NULL", NULL_CIPHER, 0,NULL_AUTH, 0, 0, 0, sec_serv_none},104 {"NULL", SRTP_NULL_CIPHER, 0, SRTP_NULL_AUTH, 0, 0, 0, sec_serv_none}, 105 105 106 106 #if defined(PJMEDIA_SRTP_HAS_AES_GCM_256)&&(PJMEDIA_SRTP_HAS_AES_GCM_256!=0) 107 107 108 108 /* cipher AES_GCM, NULL auth, auth tag len = 16 octets */ 109 {"AEAD_AES_256_GCM", AES_256_GCM, 44, 12, 110 NULL_AUTH, 0, 16, 16, sec_serv_conf_and_auth, &aes_gcm_256_openssl}, 109 {"AEAD_AES_256_GCM", SRTP_AES_GCM_256, 44, 12, 110 SRTP_NULL_AUTH, 0, 16, 16, sec_serv_conf_and_auth, 111 &srtp_aes_gcm_256_openssl}, 111 112 112 113 /* cipher AES_GCM, NULL auth, auth tag len = 8 octets */ 113 {"AEAD_AES_256_GCM_8", AES_256_GCM, 44, 12, 114 NULL_AUTH, 0, 8, 8, sec_serv_conf_and_auth, &aes_gcm_256_openssl}, 114 {"AEAD_AES_256_GCM_8", SRTP_AES_GCM_256, 44, 12, 115 SRTP_NULL_AUTH, 0, 8, 8, sec_serv_conf_and_auth, 116 &srtp_aes_gcm_256_openssl}, 115 117 #endif 116 118 #if defined(PJMEDIA_SRTP_HAS_AES_CM_256)&&(PJMEDIA_SRTP_HAS_AES_CM_256!=0) 117 119 118 /* cipher AES_CM_256, auth HMAC_SHA1, auth tag len = 10 octets */119 {"AES_256_CM_HMAC_SHA1_80", AES_ICM, 46, 14, HMAC_SHA1, 20, 10, 10,120 sec_serv_conf_and_auth, NULL,121 &crypto_policy_set_aes_cm_256_hmac_sha1_80},122 123 /* cipher AES_CM_256, auth HMAC_SHA1, auth tag len = 10 octets */124 {"AES_256_CM_HMAC_SHA1_32", AES_ICM, 46, 14, HMAC_SHA1, 20, 4, 10,125 sec_serv_conf_and_auth, NULL,126 &crypto_policy_set_aes_cm_256_hmac_sha1_32},120 /* cipher AES_CM_256, auth SRTP_HMAC_SHA1, auth tag len = 10 octets */ 121 {"AES_256_CM_HMAC_SHA1_80", SRTP_AES_ICM_256, 46, 14, 122 SRTP_HMAC_SHA1, 20, 10, 10, sec_serv_conf_and_auth, 123 NULL, &srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80}, 124 125 /* cipher AES_CM_256, auth SRTP_HMAC_SHA1, auth tag len = 10 octets */ 126 {"AES_256_CM_HMAC_SHA1_32", SRTP_AES_ICM_256, 46, 14, 127 SRTP_HMAC_SHA1, 20, 4, 10, sec_serv_conf_and_auth, 128 NULL, &srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32}, 127 129 #endif 128 130 #if defined(PJMEDIA_SRTP_HAS_AES_CM_192)&&(PJMEDIA_SRTP_HAS_AES_CM_192!=0) 129 131 130 /* cipher AES_CM_192, auth HMAC_SHA1, auth tag len = 10 octets */ 131 {"AES_192_CM_HMAC_SHA1_80", AES_ICM, 38, 14, HMAC_SHA1, 20, 10, 10, 132 sec_serv_conf_and_auth, &aes_icm_192}, 133 134 /* cipher AES_CM_192, auth HMAC_SHA1, auth tag len = 4 octets */ 135 {"AES_192_CM_HMAC_SHA1_32", AES_ICM, 38, 14, HMAC_SHA1, 20, 4, 10, 136 sec_serv_conf_and_auth, &aes_icm_192}, 132 /* cipher AES_CM_192, auth SRTP_HMAC_SHA1, auth tag len = 10 octets */ 133 {"AES_192_CM_HMAC_SHA1_80", SRTP_AES_ICM_192, 38, 14, 134 SRTP_HMAC_SHA1, 20, 10, 10, sec_serv_conf_and_auth, 135 &srtp_aes_icm_192}, 136 137 /* cipher AES_CM_192, auth SRTP_HMAC_SHA1, auth tag len = 4 octets */ 138 {"AES_192_CM_HMAC_SHA1_32", SRTP_AES_ICM_192, 38, 14, 139 SRTP_HMAC_SHA1, 20, 4, 10, sec_serv_conf_and_auth, 140 &srtp_aes_icm_192}, 137 141 #endif 138 142 #if defined(PJMEDIA_SRTP_HAS_AES_GCM_128)&&(PJMEDIA_SRTP_HAS_AES_GCM_128!=0) 139 143 140 144 /* cipher AES_GCM, NULL auth, auth tag len = 16 octets */ 141 {"AEAD_AES_128_GCM", AES_128_GCM, 28, 12, 142 NULL_AUTH, 0, 16, 16, sec_serv_conf_and_auth, &aes_gcm_128_openssl}, 145 {"AEAD_AES_128_GCM", SRTP_AES_GCM_128, 28, 12, 146 SRTP_NULL_AUTH, 0, 16, 16, sec_serv_conf_and_auth, 147 &srtp_aes_gcm_128_openssl}, 143 148 144 149 /* cipher AES_GCM, NULL auth, auth tag len = 8 octets */ 145 {"AEAD_AES_128_GCM_8", AES_128_GCM, 28, 12, 146 NULL_AUTH, 0, 8, 8, sec_serv_conf_and_auth, &aes_gcm_128_openssl}, 150 {"AEAD_AES_128_GCM_8", SRTP_AES_GCM_128, 28, 12, 151 SRTP_NULL_AUTH, 0, 8, 8, sec_serv_conf_and_auth, 152 &srtp_aes_gcm_128_openssl}, 147 153 #endif 148 154 #if defined(PJMEDIA_SRTP_HAS_AES_CM_128)&&(PJMEDIA_SRTP_HAS_AES_CM_128!=0) 149 155 150 /* cipher AES_CM_128, auth HMAC_SHA1, auth tag len = 10 octets */151 {"AES_CM_128_HMAC_SHA1_80", AES_ICM, 30, 14, HMAC_SHA1, 20, 10, 10,152 sec_serv_conf_and_auth},153 154 /* cipher AES_CM_128, auth HMAC_SHA1, auth tag len = 4 octets */155 {"AES_CM_128_HMAC_SHA1_32", AES_ICM, 30, 14, HMAC_SHA1, 20, 4, 10,156 sec_serv_conf_and_auth},156 /* cipher AES_CM_128, auth SRTP_HMAC_SHA1, auth tag len = 10 octets */ 157 {"AES_CM_128_HMAC_SHA1_80", SRTP_AES_ICM_128, 30, 14, 158 SRTP_HMAC_SHA1, 20, 10, 10, sec_serv_conf_and_auth}, 159 160 /* cipher AES_CM_128, auth SRTP_HMAC_SHA1, auth tag len = 4 octets */ 161 {"AES_CM_128_HMAC_SHA1_32", SRTP_AES_ICM_128, 30, 14, 162 SRTP_HMAC_SHA1, 20, 4, 10, sec_serv_conf_and_auth}, 157 163 #endif 158 164 … … 346 352 #if defined(PJ_HAS_ERROR_STRING) && (PJ_HAS_ERROR_STRING != 0) 347 353 static char *liberr[] = { 348 "ok", /* err_status_ok= 0 */354 "ok", /* srtp_err_status_ok = 0 */ 349 355 "unspecified failure", /* err_status_fail = 1 */ 350 356 "unsupported parameter", /* err_status_bad_param = 2 */ … … 413 419 /* Init libsrtp */ 414 420 { 415 err_status_t err;421 srtp_err_status_t err; 416 422 417 423 err = srtp_init(); 418 if (err != err_status_ok) {424 if (err != srtp_err_status_ok) { 419 425 PJ_LOG(4, (THIS_FILE, "Failed to initialize libsrtp: %s", 420 426 get_libsrtp_errstr(err))); … … 445 451 static void pjmedia_srtp_deinit_lib(pjmedia_endpt *endpt) 446 452 { 447 err_status_t err;453 srtp_err_status_t err; 448 454 449 455 /* Note that currently this SRTP init/deinit is not equipped with … … 467 473 err = srtp_shutdown(); 468 474 # else 469 err = err_status_ok;475 err = srtp_err_status_ok; 470 476 # endif 471 if (err != err_status_ok) {477 if (err != srtp_err_status_ok) { 472 478 PJ_LOG(4, (THIS_FILE, "Failed to deinitialize libsrtp: %s", 473 479 get_libsrtp_errstr(err))); … … 680 686 srtp_policy_t tx_; 681 687 srtp_policy_t rx_; 682 err_status_terr;688 srtp_err_status_t err; 683 689 int cr_tx_idx = 0; 684 690 int au_tx_idx = 0; … … 753 759 tx_.next = NULL; 754 760 err = srtp_create(&srtp->srtp_tx_ctx, &tx_); 755 if (err != err_status_ok) {761 if (err != srtp_err_status_ok) { 756 762 status = PJMEDIA_ERRNO_FROM_LIBSRTP(err); 757 763 goto on_return; … … 786 792 rx_.next = NULL; 787 793 err = srtp_create(&srtp->srtp_rx_ctx, &rx_); 788 if (err != err_status_ok) {794 if (err != srtp_err_status_ok) { 789 795 srtp_dealloc(srtp->srtp_tx_ctx); 790 796 status = PJMEDIA_ERRNO_FROM_LIBSRTP(err); … … 851 857 { 852 858 transport_srtp *p_srtp = (transport_srtp*) srtp; 853 err_status_t err;859 srtp_err_status_t err; 854 860 855 861 PJ_ASSERT_RETURN(srtp, PJ_EINVAL); … … 863 869 864 870 err = srtp_dealloc(p_srtp->srtp_rx_ctx); 865 if (err != err_status_ok) {871 if (err != srtp_err_status_ok) { 866 872 PJ_LOG(4, (p_srtp->pool->obj_name, 867 873 "Failed to dealloc RX SRTP context: %s", … … 869 875 } 870 876 err = srtp_dealloc(p_srtp->srtp_tx_ctx); 871 if (err != err_status_ok) {877 if (err != srtp_err_status_ok) { 872 878 PJ_LOG(4, (p_srtp->pool->obj_name, 873 879 "Failed to dealloc TX SRTP context: %s", … … 1032 1038 transport_srtp *srtp = (transport_srtp*) tp; 1033 1039 int len = (int)size; 1034 err_status_t err;1040 srtp_err_status_t err; 1035 1041 1036 1042 if (srtp->bypass_srtp) … … 1050 1056 pj_lock_release(srtp->mutex); 1051 1057 1052 if (err == err_status_ok) {1058 if (err == srtp_err_status_ok) { 1053 1059 status = pjmedia_transport_send_rtp(srtp->member_tp, 1054 1060 srtp->rtp_tx_buffer, len); … … 1076 1082 transport_srtp *srtp = (transport_srtp*) tp; 1077 1083 int len = (int)size; 1078 err_status_t err;1084 srtp_err_status_t err; 1079 1085 1080 1086 if (srtp->bypass_srtp) { … … 1096 1102 pj_lock_release(srtp->mutex); 1097 1103 1098 if (err == err_status_ok) {1104 if (err == srtp_err_status_ok) { 1099 1105 status = pjmedia_transport_send_rtcp2(srtp->member_tp, addr, addr_len, 1100 1106 srtp->rtcp_tx_buffer, len); … … 1154 1160 transport_srtp *srtp = (transport_srtp *) user_data; 1155 1161 int len = size; 1156 err_status_t err;1162 srtp_err_status_t err; 1157 1163 void (*cb)(void*, void*, pj_ssize_t) = NULL; 1158 1164 void *cb_data = NULL; … … 1201 1207 err = srtp_unprotect(srtp->srtp_rx_ctx, (pj_uint8_t*)pkt, &len); 1202 1208 if (srtp->probation_cnt > 0 && 1203 (err == err_status_replay_old || err == err_status_replay_fail)) 1209 (err == srtp_err_status_replay_old || 1210 err == srtp_err_status_replay_fail)) 1204 1211 { 1205 1212 /* Handle such condition that stream is updated (RTP seq is reinited … … 1224 1231 } 1225 1232 1226 if (err != err_status_ok) {1233 if (err != srtp_err_status_ok) { 1227 1234 PJ_LOG(5,(srtp->pool->obj_name, 1228 1235 "Failed to unprotect SRTP, pkt size=%d, err=%s", … … 1247 1254 transport_srtp *srtp = (transport_srtp *) user_data; 1248 1255 int len = size; 1249 err_status_t err;1256 srtp_err_status_t err; 1250 1257 void (*cb)(void*, void*, pj_ssize_t) = NULL; 1251 1258 void *cb_data = NULL; … … 1270 1277 } 1271 1278 err = srtp_unprotect_rtcp(srtp->srtp_rx_ctx, (pj_uint8_t*)pkt, &len); 1272 if (err != err_status_ok) {1279 if (err != srtp_err_status_ok) { 1273 1280 PJ_LOG(5,(srtp->pool->obj_name, 1274 1281 "Failed to unprotect SRTCP, pkt size=%d, err=%s", … … 1511 1518 { 1512 1519 transport_srtp *srtp = (transport_srtp *)tp; 1513 err_status_t err;1520 srtp_err_status_t err; 1514 1521 1515 1522 if (srtp->bypass_srtp) … … 1534 1541 err = srtp_unprotect_rtcp(srtp->srtp_rx_ctx, pkt, pkt_len); 1535 1542 1536 if (err != err_status_ok) {1543 if (err != srtp_err_status_ok) { 1537 1544 PJ_LOG(5,(srtp->pool->obj_name, 1538 1545 "Failed to unprotect SRTP, pkt size=%d, err=%s", … … 1542 1549 pj_lock_release(srtp->mutex); 1543 1550 1544 return (err==err_status_ok) ? PJ_SUCCESS : PJMEDIA_ERRNO_FROM_LIBSRTP(err); 1545 } 1546 1547 #endif 1548 1549 1551 return (err==srtp_err_status_ok) ? PJ_SUCCESS : 1552 PJMEDIA_ERRNO_FROM_LIBSRTP(err); 1553 } 1554 1555 #endif 1556 1557
Note: See TracChangeset
for help on using the changeset viewer.