sipwise
/
rtpengine
mirror of https://github.com/sipwise/rtpengine.git
1
0
Fork 0
Code Issues Releases Wiki Activity

TT#49600 separate RTCP en/decryption into perl module

Browse Source 
Change-Id: Ibf1830c8fe2c9e01ae1bf93f4b62d7b62f1f88fb
changes/48/25948/2
Richard Fuchs 6 years ago
parent aaf8cbd525
commit 5de8229a17
2 changed files with 54 additions and 21 deletions
Show Stats Download Patch File Download Diff File

56
perl/NGCP/Rtpclient/SRTP.pm
Unescape View File

@ -231,11 +231,11 @@ sub aes_cm_iv_rtp {
}
sub aes_cm_iv_rtcp {
my ($ctx, $r) = @_;
my ($r, $ssalt, $idx) = @_;
my $idx = $$ctx{rtcp_index} || 0;
$idx ||= 0;
my ($hdr, $ssrc) = unpack('a4a4', $r);
my $iv = xor_128($$ctx{rtcp_session_salt} . "\0\0",
my $iv = xor_128($ssalt . "\0\0",
$ssrc . "\0\0\0\0\0\0\0\0", pack("Nn", $idx, 0));
return $iv;
}
@ -249,10 +249,10 @@ sub aes_f8_iv_rtp {
}
sub aes_f8_iv_rtcp {
my ($ctx, $r) = @_;
my ($r, $ssalt, $idx) = @_;
my ($fields) = unpack('a8', $r);
my $iv = pack('a*Na*', "\0\0\0\0", (($$ctx{rtcp_index} || 0) | 0x80000000), $fields);
my $iv = pack('a*Na*', "\0\0\0\0", (($idx || 0) | 0x80000000), $fields);
return $iv;
}
@ -313,6 +313,52 @@ sub decrypt_rtp {
return ($pkt, $roc, $auth_tag, $hmac);
}
sub encrypt_rtcp {
my ($suite, $skey, $ssalt, $sauth, $idx, $mki, $mki_len, $unenc_srtcp, $packet) = @_;
my $iv = $suite->{iv_rtcp}->($packet, $ssalt, $idx);
my ($hdr, $to_enc) = unpack('a8a*', $packet);
my $enc = $unenc_srtcp ? $to_enc :
$suite->{enc_func}->($to_enc, $skey,
$iv, $ssalt);
my $pkt = $hdr . $enc;
$pkt .= pack("N", (($idx || 0) | ($unenc_srtcp ? 0 : 0x80000000)));
my $hmac = hmac_sha1($pkt, $sauth);
append_mki(\$pkt, $mki_len, $mki);
#$pkt .= pack("N", 1); # mki
$pkt .= substr($hmac, 0, 10);
$idx++;
return ($pkt, $idx);
}
sub decrypt_rtcp {
my ($suite, $skey, $ssalt, $sauth, $packet) = @_;
# XXX MKI, session parameters
my $plen = length($packet);
my $auth_tag = substr($packet, $plen - 10, 10);
my $idx_raw = substr($packet, $plen - 4 - 10, 4);
my ($idx) = unpack('N', $idx_raw);
$idx &= 0x7fffffff;
$packet = substr($packet, 0, $plen - 10 - 4);
my $iv = $suite->{iv_rtcp}->($packet, $ssalt, $idx);
my ($hdr, $to_enc) = unpack('a8a*', $packet);
my $enc = $suite->{enc_func}->($to_enc, $skey,
$iv, $ssalt);
my $pkt = $hdr . $enc;
my $hmac = hmac_sha1($packet, $sauth);
return ($pkt, $idx, $auth_tag, $hmac);
}
sub append_mki {
my ($pack_r, $mki_len, $mki) = @_;

19
tests/simulator-ng.pl
Unescape View File

@ -130,22 +130,9 @@ sub rtcp_encrypt {
($NOENC && $NOENC{rtcp_packet}) and return $NOENC{rtcp_packet};
my $iv = $$dctx{crypto_suite}{iv_rtcp}->($dctx, $r);
my ($hdr, $to_enc) = unpack('a8a*', $r);
my $enc = $$dctx{unenc_srtcp} ? $to_enc :
$$dctx{crypto_suite}{enc_func}->($to_enc, $$dctx{rtcp_session_key},
$iv, $$dctx{rtcp_session_salt});
my $pkt = $hdr . $enc;
$pkt .= pack("N", (($$dctx{rtcp_index} || 0) | ($$dctx{unenc_srtcp} ? 0 : 0x80000000)));
my $hmac = hmac_sha1($pkt, $$dctx{rtcp_session_auth_key});
NGCP::Rtpclient::SRTP::append_mki(\$pkt, @$dctx{qw(rtp_mki_len rtp_mki)});
#$pkt .= pack("N", 1); # mki
$pkt .= substr($hmac, 0, 10);
$$dctx{rtcp_index}++;
my ($pkt, $idx) = NGCP::Rtpclient::SRTP::encrypt_rtcp(@$dctx{qw(crypto_suite rtcp_session_key
rtcp_session_salt rtcp_session_auth_key rtcp_index rtp_mki rtp_mki_len unenc_srtcp)}, $r);
$$dctx{rtcp_index} = $idx;
$NOENC{rtcp_packet} = $pkt;

Write Preview
Loading…
Cancel
Save