1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/calls.git synced 2024-11-15 12:55:36 +00:00

srtp-utils: Add skeleton code to ease adding crypto suites

With this in place enabling an additional crypto suite
would only require two changes:
- Adding GStreamer capability mapping
- Add case in calls_srtp_parse_sdp_crypto_attribute()
This commit is contained in:
Дилян Палаузов 2023-02-12 14:27:34 +02:00 committed by Evangelos Ribeiro Tzaras
parent 267eecf049
commit 378da62ccb
2 changed files with 52 additions and 0 deletions

View file

@ -58,9 +58,16 @@ get_key_size_for_suite (calls_srtp_crypto_suite suite)
case CALLS_SRTP_SUITE_AES_CM_128_SHA1_32: case CALLS_SRTP_SUITE_AES_CM_128_SHA1_32:
case CALLS_SRTP_SUITE_AES_CM_128_SHA1_80: case CALLS_SRTP_SUITE_AES_CM_128_SHA1_80:
return 30; return 30;
case CALLS_SRTP_SUITE_AES_192_CM_SHA1_32:
case CALLS_SRTP_SUITE_AES_192_CM_SHA1_80:
return 38;
case CALLS_SRTP_SUITE_AES_256_CM_SHA1_32: case CALLS_SRTP_SUITE_AES_256_CM_SHA1_32:
case CALLS_SRTP_SUITE_AES_256_CM_SHA1_80: case CALLS_SRTP_SUITE_AES_256_CM_SHA1_80:
return 46; return 46;
case CALLS_SRTP_SUITE_AEAD_AES_128_GCM:
return 28;
case CALLS_SRTP_SUITE_AEAD_AES_256_GCM:
return 44;
case CALLS_SRTP_SUITE_UNKNOWN: case CALLS_SRTP_SUITE_UNKNOWN:
default: default:
@ -586,10 +593,20 @@ calls_srtp_print_sdp_crypto_attribute (calls_srtp_crypto_attribute *attr,
crypto_suite = "AES_CM_128_HMAC_SHA1_32"; crypto_suite = "AES_CM_128_HMAC_SHA1_32";
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_80) else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_80)
crypto_suite = "AES_CM_128_HMAC_SHA1_80"; crypto_suite = "AES_CM_128_HMAC_SHA1_80";
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_192_CM_SHA1_32)
crypto_suite = "AES_196_CM_HMAC_SHA1_32";
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_192_CM_SHA1_80)
crypto_suite = "AES_196_CM_HMAC_SHA1_80";
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_256_CM_SHA1_32) else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_256_CM_SHA1_32)
crypto_suite = "AES_256_CM_HMAC_SHA1_32"; crypto_suite = "AES_256_CM_HMAC_SHA1_32";
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_256_CM_SHA1_80) else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_256_CM_SHA1_80)
crypto_suite = "AES_256_CM_HMAC_SHA1_80"; crypto_suite = "AES_256_CM_HMAC_SHA1_80";
else if (attr->crypto_suite == CALLS_SRTP_SUITE_F8_128_HMAC_SHA1_32)
crypto_suite = "F8_128_HMAC_SHA1_80";
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AEAD_AES_128_GCM)
crypto_suite = "AEAD_AES_128_GCM";
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AEAD_AES_256_GCM)
crypto_suite = "AEAD_AES_256_GCM";
else else
return NULL; return NULL;
@ -744,6 +761,24 @@ calls_srtp_crypto_get_srtpdec_params (calls_srtp_crypto_attribute *attr,
return TRUE; return TRUE;
} }
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_192_CM_SHA1_32) {
/* NOT OFFERED BY GSTREAMER
*srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-192-icm";
*srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-32";
*srtcp_cipher = attr->unencrypted_srtcp ? "null" : "aes-192-icm";
*srtcp_auth = attr->unencrypted_srtcp ? "null" : "hmac-sha1-32";
*/
return FALSE;
}
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_192_CM_SHA1_80) {
/* NOT OFFERED BY GSTREAMER
*srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-192-icm";
*srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-80";
*srtcp_cipher = attr->unencrypted_srtcp ? "null" : "aes-192-icm";
*srtcp_auth = attr->unencrypted_srtcp ? "null" : "hmac-sha1-80";
*/
return FALSE;
}
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_256_CM_SHA1_32) { if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_256_CM_SHA1_32) {
*srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-256-icm"; *srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-256-icm";
*srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-32"; *srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-32";
@ -760,6 +795,18 @@ calls_srtp_crypto_get_srtpdec_params (calls_srtp_crypto_attribute *attr,
return TRUE; return TRUE;
} }
if (attr->crypto_suite == CALLS_SRTP_SUITE_F8_128_HMAC_SHA1_32) {
// F8 IS NOT OFFERED BY GSTREAMER
return FALSE;
}
if (attr->crypto_suite == CALLS_SRTP_SUITE_AEAD_AES_128_GCM) {
return FALSE;
}
if (attr->crypto_suite == CALLS_SRTP_SUITE_AEAD_AES_256_GCM) {
return FALSE;
}
return FALSE; return FALSE;
} }

View file

@ -32,8 +32,13 @@ typedef enum {
CALLS_SRTP_SUITE_UNKNOWN = 0, CALLS_SRTP_SUITE_UNKNOWN = 0,
CALLS_SRTP_SUITE_AES_CM_128_SHA1_32, /* RFC 4568 */ CALLS_SRTP_SUITE_AES_CM_128_SHA1_32, /* RFC 4568 */
CALLS_SRTP_SUITE_AES_CM_128_SHA1_80, /* RFC 4568 */ CALLS_SRTP_SUITE_AES_CM_128_SHA1_80, /* RFC 4568 */
CALLS_SRTP_SUITE_AES_192_CM_SHA1_32, /* RFC 6188 not supperted by Gst */
CALLS_SRTP_SUITE_AES_192_CM_SHA1_80, /* RFC 6188 not supperted by Gst */
CALLS_SRTP_SUITE_AES_256_CM_SHA1_32, /* RFC 6188 */ CALLS_SRTP_SUITE_AES_256_CM_SHA1_32, /* RFC 6188 */
CALLS_SRTP_SUITE_AES_256_CM_SHA1_80, /* RFC 6188 */ CALLS_SRTP_SUITE_AES_256_CM_SHA1_80, /* RFC 6188 */
CALLS_SRTP_SUITE_F8_128_HMAC_SHA1_32, /* RFC 4568 but not supported by GstSrtpEnc/GstSrtpDec */
CALLS_SRTP_SUITE_AEAD_AES_128_GCM, /* RFC 7714 TODO support in the future */
CALLS_SRTP_SUITE_AEAD_AES_256_GCM /* RFC 7714 TODO support in the future */
} calls_srtp_crypto_suite; } calls_srtp_crypto_suite;