mirror of
https://gitlab.gnome.org/GNOME/calls.git
synced 2024-11-12 19:41:18 +00:00
srtp-utils: Add support for AES 256 bit crypto suites
As specified by RFC 6188.
This commit is contained in:
parent
8ca3597646
commit
267eecf049
3 changed files with 60 additions and 1 deletions
|
@ -435,13 +435,27 @@ calls_sdp_crypto_context_generate_offer (CallsSdpCryptoContext *self)
|
|||
|
||||
attr = calls_srtp_crypto_attribute_new (1);
|
||||
attr->tag = 1;
|
||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
|
||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_256_CM_SHA1_80;
|
||||
calls_srtp_crypto_attribute_init_keys (attr);
|
||||
|
||||
self->local_crypto_attributes = g_list_append (NULL, attr);
|
||||
|
||||
attr = calls_srtp_crypto_attribute_new (1);
|
||||
attr->tag = 2;
|
||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_256_CM_SHA1_32;
|
||||
calls_srtp_crypto_attribute_init_keys (attr);
|
||||
|
||||
self->local_crypto_attributes = g_list_append (self->local_crypto_attributes, attr);
|
||||
|
||||
attr = calls_srtp_crypto_attribute_new (1);
|
||||
attr->tag = 3;
|
||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
|
||||
calls_srtp_crypto_attribute_init_keys (attr);
|
||||
|
||||
self->local_crypto_attributes = g_list_append (self->local_crypto_attributes, attr);
|
||||
|
||||
attr = calls_srtp_crypto_attribute_new (1);
|
||||
attr->tag = 4;
|
||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
|
||||
calls_srtp_crypto_attribute_init_keys (attr);
|
||||
|
||||
|
|
|
@ -58,6 +58,9 @@ get_key_size_for_suite (calls_srtp_crypto_suite suite)
|
|||
case CALLS_SRTP_SUITE_AES_CM_128_SHA1_32:
|
||||
case CALLS_SRTP_SUITE_AES_CM_128_SHA1_80:
|
||||
return 30;
|
||||
case CALLS_SRTP_SUITE_AES_256_CM_SHA1_32:
|
||||
case CALLS_SRTP_SUITE_AES_256_CM_SHA1_80:
|
||||
return 46;
|
||||
|
||||
case CALLS_SRTP_SUITE_UNKNOWN:
|
||||
default:
|
||||
|
@ -357,6 +360,10 @@ calls_srtp_parse_sdp_crypto_attribute (const char *attribute,
|
|||
crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
|
||||
else if (g_strcmp0 (attr_fields[1], "AES_CM_128_HMAC_SHA1_80") == 0)
|
||||
crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
|
||||
else if (g_strcmp0 (attr_fields[1], "AES_256_CM_HMAC_SHA1_32") == 0)
|
||||
crypto_suite = CALLS_SRTP_SUITE_AES_256_CM_SHA1_32;
|
||||
else if (g_strcmp0 (attr_fields[1], "AES_256_CM_HMAC_SHA1_80") == 0)
|
||||
crypto_suite = CALLS_SRTP_SUITE_AES_256_CM_SHA1_80;
|
||||
else
|
||||
crypto_suite = CALLS_SRTP_SUITE_UNKNOWN; /* error */
|
||||
|
||||
|
@ -579,6 +586,10 @@ calls_srtp_print_sdp_crypto_attribute (calls_srtp_crypto_attribute *attr,
|
|||
crypto_suite = "AES_CM_128_HMAC_SHA1_32";
|
||||
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_80)
|
||||
crypto_suite = "AES_CM_128_HMAC_SHA1_80";
|
||||
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_256_CM_SHA1_32)
|
||||
crypto_suite = "AES_256_CM_HMAC_SHA1_32";
|
||||
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_256_CM_SHA1_80)
|
||||
crypto_suite = "AES_256_CM_HMAC_SHA1_80";
|
||||
else
|
||||
return NULL;
|
||||
|
||||
|
@ -733,6 +744,22 @@ calls_srtp_crypto_get_srtpdec_params (calls_srtp_crypto_attribute *attr,
|
|||
|
||||
return TRUE;
|
||||
}
|
||||
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_256_CM_SHA1_32) {
|
||||
*srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-256-icm";
|
||||
*srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-32";
|
||||
*srtcp_cipher = attr->unencrypted_srtcp ? "null" : "aes-256-icm";
|
||||
*srtcp_auth = attr->unencrypted_srtcp ? "null" : "hmac-sha1-32";
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_256_CM_SHA1_80) {
|
||||
*srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-256-icm";
|
||||
*srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-80";
|
||||
*srtcp_cipher = attr->unencrypted_srtcp ? "null" : "aes-256-icm";
|
||||
*srtcp_auth = attr->unencrypted_srtcp ? "null" : "hmac-sha1-80";
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -773,6 +800,22 @@ calls_srtp_crypto_get_srtpenc_params (calls_srtp_crypto_attribute *attr,
|
|||
|
||||
return TRUE;
|
||||
}
|
||||
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_256_CM_SHA1_32) {
|
||||
*srtp_cipher = attr->unencrypted_srtp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_256_ICM;
|
||||
*srtp_auth = attr->unauthenticated_srtp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_32;
|
||||
*srtcp_cipher = attr->unencrypted_srtcp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_256_ICM;
|
||||
*srtcp_auth = attr->unencrypted_srtcp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_32;
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_256_CM_SHA1_80) {
|
||||
*srtp_cipher = attr->unencrypted_srtp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_256_ICM;
|
||||
*srtp_auth = attr->unauthenticated_srtp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_80;
|
||||
*srtcp_cipher = attr->unencrypted_srtcp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_256_ICM;
|
||||
*srtcp_auth = attr->unencrypted_srtcp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_80;
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
|
|
@ -32,6 +32,8 @@ typedef enum {
|
|||
CALLS_SRTP_SUITE_UNKNOWN = 0,
|
||||
CALLS_SRTP_SUITE_AES_CM_128_SHA1_32, /* RFC 4568 */
|
||||
CALLS_SRTP_SUITE_AES_CM_128_SHA1_80, /* RFC 4568 */
|
||||
CALLS_SRTP_SUITE_AES_256_CM_SHA1_32, /* RFC 6188 */
|
||||
CALLS_SRTP_SUITE_AES_256_CM_SHA1_80, /* RFC 6188 */
|
||||
} calls_srtp_crypto_suite;
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue