depau/Purism-Calls
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/calls.git synced 2024-06-25 21:29:32 +00:00
Code Issues Releases Wiki Activity

sdp-crypto: Include "ICM" in crypto suite enums

Browse source 
This indicates integer counter mode being used and
helps disambiguate additional crypto suites in the future.

Renamed CALLS_SRTP_SUITE_AES_128_SHA1_80 → CALLS_SRTP_SUITE_AES_128_ICM_SHA1_80
and CALLS_SRTP_SUITE_AES_128_SHA1_32 → CALLS_SRTP_SUITE_AES_128_ICM_SHA1_32
This commit is contained in:
Дилян Палаузов 2023-02-12 14:12:47 +02:00 committed by Evangelos Ribeiro Tzaras
parent e6bfa6d933
commit 8ca3597646
5 changed files with 27 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
plugins/provider/sip/calls-sdp-crypto-context.c
View file

@ -435,14 +435,14 @@ calls_sdp_crypto_context_generate_offer (CallsSdpCryptoContext *self)
attr = calls_srtp_crypto_attribute_new (1);
attr->tag = 1;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
calls_srtp_crypto_attribute_init_keys (attr);
self->local_crypto_attributes = g_list_append (NULL, attr);
attr = calls_srtp_crypto_attribute_new (1);
attr->tag = 2;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
calls_srtp_crypto_attribute_init_keys (attr);
self->local_crypto_attributes = g_list_append (self->local_crypto_attributes, attr);

21
plugins/provider/sip/calls-srtp-utils.c
View file

@ -55,8 +55,8 @@ static gsize
get_key_size_for_suite (calls_srtp_crypto_suite suite)
{
switch (suite) {
case CALLS_SRTP_SUITE_AES_128_SHA1_32:
case CALLS_SRTP_SUITE_AES_128_SHA1_80:
case CALLS_SRTP_SUITE_AES_CM_128_SHA1_32:
case CALLS_SRTP_SUITE_AES_CM_128_SHA1_80:
return 30;
case CALLS_SRTP_SUITE_UNKNOWN:
@ -353,11 +353,10 @@ calls_srtp_parse_sdp_crypto_attribute (const char *attribute,
return NULL;
}
/* f.e. attr_fields[1] = "AES_CM_128_HMAC_SHA1_32" */
if (g_strcmp0 (attr_fields[1], "AES_CM_128_HMAC_SHA1_32") == 0)
crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
else if (g_strcmp0 (attr_fields[1], "AES_CM_128_HMAC_SHA1_80") == 0)
crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
else
crypto_suite = CALLS_SRTP_SUITE_UNKNOWN; /* error */
@ -576,9 +575,9 @@ calls_srtp_print_sdp_crypto_attribute (calls_srtp_crypto_attribute *attr,
if (!validate_crypto_attribute (attr, error))
return NULL;
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_32)
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_32)
crypto_suite = "AES_CM_128_HMAC_SHA1_32";
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_80)
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_80)
crypto_suite = "AES_CM_128_HMAC_SHA1_80";
else
return NULL;
@ -719,14 +718,14 @@ calls_srtp_crypto_get_srtpdec_params (calls_srtp_crypto_attribute *attr,
{
g_return_val_if_fail (attr, FALSE);
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_32) {
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_32) {
*srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-128-icm";
*srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-32";
*srtcp_cipher = attr->unencrypted_srtcp ? "null" : "aes-128-icm";
*srtcp_auth = attr->unencrypted_srtcp ? "null" : "hmac-sha1-32";
return TRUE;
} else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_80) {
} else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_80) {
*srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-128-icm";
*srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-80";
*srtcp_cipher = attr->unencrypted_srtcp ? "null" : "aes-128-icm";
@ -758,14 +757,14 @@ calls_srtp_crypto_get_srtpenc_params (calls_srtp_crypto_attribute *attr,
{
g_return_val_if_fail (attr, FALSE);
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_32) {
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_32) {
*srtp_cipher = attr->unencrypted_srtp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
*srtp_auth = attr->unauthenticated_srtp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_32;
*srtcp_cipher = attr->unencrypted_srtcp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
*srtcp_auth = attr->unencrypted_srtcp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_32;
return TRUE;
} else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_80) {
} else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_80) {
*srtp_cipher = attr->unencrypted_srtp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
*srtp_auth = attr->unauthenticated_srtp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_80;

4
plugins/provider/sip/calls-srtp-utils.h
View file

@ -30,8 +30,8 @@ G_BEGIN_DECLS
typedef enum {
CALLS_SRTP_SUITE_UNKNOWN = 0,
CALLS_SRTP_SUITE_AES_128_SHA1_32,
CALLS_SRTP_SUITE_AES_128_SHA1_80,
CALLS_SRTP_SUITE_AES_CM_128_SHA1_32, /* RFC 4568 */
CALLS_SRTP_SUITE_AES_CM_128_SHA1_80, /* RFC 4568 */
} calls_srtp_crypto_suite;

2
plugins/provider/tests/test-media.c
View file

@ -47,7 +47,7 @@ test_sip_media_manager_caps (void)
attr = calls_srtp_crypto_attribute_new (1);
attr->tag = 1;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
calls_srtp_crypto_attribute_init_keys (attr);
crypto_attributes = g_list_append (NULL, attr);

24
plugins/provider/tests/test-srtp.c
View file

@ -55,7 +55,7 @@ test_crypto_attribute_validity (void)
g_assert_null (calls_srtp_print_sdp_crypto_attribute (attr, NULL));
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
key_salt = calls_srtp_generate_key_salt (30);
attr->key_params[0].b64_keysalt = g_base64_encode (key_salt, 30);
g_free (key_salt);
@ -122,7 +122,7 @@ test_crypto_attribute_validity (void)
attr = calls_srtp_crypto_attribute_new (4);
attr->tag = 12;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
calls_srtp_crypto_attribute_init_keys (attr);
attr->key_params[0].lifetime = 31;
@ -182,7 +182,7 @@ test_parse (void)
attr_simple = calls_srtp_crypto_attribute_new (1);
key_salt = calls_srtp_generate_key_salt (30);
attr_simple->tag = 1;
attr_simple->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
attr_simple->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
attr_simple->key_params[0].b64_keysalt = g_base64_encode (key_salt, 30);
attr_simple_str = calls_srtp_print_sdp_crypto_attribute (attr_simple, NULL);
@ -200,7 +200,7 @@ test_parse (void)
attr_multi = calls_srtp_crypto_attribute_new (2);
attr_multi->tag = 42;
attr_multi->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
attr_multi->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
calls_srtp_crypto_attribute_init_keys (attr_multi);
attr_multi_str = calls_srtp_print_sdp_crypto_attribute (attr_multi, NULL);
@ -236,7 +236,7 @@ test_srtp_params (void)
GstSrtpCipherType srtcp_cipher_enum;
GstSrtpAuthType srtcp_auth_enum;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
attr->unencrypted_srtp = FALSE;
attr->unauthenticated_srtp = FALSE;
attr->unencrypted_srtcp = FALSE;
@ -263,7 +263,7 @@ test_srtp_params (void)
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
attr->unencrypted_srtp = TRUE;
attr->unauthenticated_srtp = FALSE;
attr->unencrypted_srtcp = FALSE;
@ -290,7 +290,7 @@ test_srtp_params (void)
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
attr->unencrypted_srtp = FALSE;
attr->unauthenticated_srtp = TRUE;
attr->unencrypted_srtcp = FALSE;
@ -317,7 +317,7 @@ test_srtp_params (void)
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
attr->unencrypted_srtp = FALSE;
attr->unauthenticated_srtp = FALSE;
attr->unencrypted_srtcp = TRUE;
@ -344,7 +344,7 @@ test_srtp_params (void)
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_NULL);
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
attr->unencrypted_srtp = FALSE;
attr->unauthenticated_srtp = FALSE;
attr->unencrypted_srtcp = FALSE;
@ -371,7 +371,7 @@ test_srtp_params (void)
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
attr->unencrypted_srtp = TRUE;
attr->unauthenticated_srtp = FALSE;
attr->unencrypted_srtcp = FALSE;
@ -398,7 +398,7 @@ test_srtp_params (void)
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
attr->unencrypted_srtp = FALSE;
attr->unauthenticated_srtp = TRUE;
attr->unencrypted_srtcp = FALSE;
@ -425,7 +425,7 @@ test_srtp_params (void)
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
attr->unencrypted_srtp = FALSE;
attr->unauthenticated_srtp = FALSE;
attr->unencrypted_srtcp = TRUE;