sipwise
/
rtpengine
mirror of https://github.com/sipwise/rtpengine.git
1
0
Fork 0
Code Issues Releases Wiki Activity

MT#63317 remove duplicate header parsing

Browse Source 
Pass down RTP/RTCP header to crypto functions so that they don't need to
parse it out again.

Change-Id: I551ab6a668cc99c903cde8807f6f9c10fc0cf6d5
pull/2008/head
Richard Fuchs 6 months ago
parent 2f52fb2511
commit c525cb9e09
9 changed files with 124 additions and 84 deletions
Show Stats Download Patch File Download Diff File

40
daemon/crypto.c
Unescape View File

@ -18,22 +18,22 @@
#include "xt_RTPENGINE.h" #include "xt_RTPENGINE.h"
static int aes_cm_encrypt_rtp(struct crypto_context *, struct rtp_header *, str *, uint32_t); static int aes_cm_encrypt_rtp(struct crypto_context *, const struct rtp_header *, str *, uint32_t);
static int aes_cm_encrypt_rtcp(struct crypto_context *, struct rtcp_packet *, str *, uint32_t); static int aes_cm_encrypt_rtcp(struct crypto_context *, const struct rtcp_packet *, str *, uint32_t);
static int aes_gcm_encrypt_rtp(struct crypto_context *, struct rtp_header *, str *, uint32_t); static int aes_gcm_encrypt_rtp(struct crypto_context *, const struct rtp_header *, str *, uint32_t);
static int aes_gcm_decrypt_rtp(struct crypto_context *, struct rtp_header *, str *, uint32_t); static int aes_gcm_decrypt_rtp(struct crypto_context *, const struct rtp_header *, str *, uint32_t);
static int aes_gcm_encrypt_rtcp(struct crypto_context *, struct rtcp_packet *, str *, uint32_t); static int aes_gcm_encrypt_rtcp(struct crypto_context *, const struct rtcp_packet *, str *, uint32_t);
static int aes_gcm_decrypt_rtcp(struct crypto_context *, struct rtcp_packet *, str *, uint32_t); static int aes_gcm_decrypt_rtcp(struct crypto_context *, const struct rtcp_packet *, str *, uint32_t);
static int hmac_sha1_rtp(struct crypto_context *, char *out, str *in, uint32_t); static int hmac_sha1_rtp(struct crypto_context *, char *out, str *in, uint32_t);
static int hmac_sha1_rtcp(struct crypto_context *, char *out, str *in); static int hmac_sha1_rtcp(struct crypto_context *, char *out, str *in);
static int aes_f8_encrypt_rtp(struct crypto_context *c, struct rtp_header *r, str *s, uint32_t idx); static int aes_f8_encrypt_rtp(struct crypto_context *c, const struct rtp_header *r, str *s, uint32_t idx);
static int aes_f8_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx); static int aes_f8_encrypt_rtcp(struct crypto_context *c, const struct rtcp_packet *r, str *s, uint32_t idx);
static int aes_cm_session_key_init(struct crypto_context *c); static int aes_cm_session_key_init(struct crypto_context *c);
static int aes_gcm_session_key_init(struct crypto_context *c); static int aes_gcm_session_key_init(struct crypto_context *c);
static int aes_f8_session_key_init(struct crypto_context *c); static int aes_f8_session_key_init(struct crypto_context *c);
static int evp_session_key_cleanup(struct crypto_context *c); static int evp_session_key_cleanup(struct crypto_context *c);
static int null_crypt_rtp(struct crypto_context *c, struct rtp_header *r, str *s, uint32_t idx); static int null_crypt_rtp(struct crypto_context *c, const struct rtp_header *r, str *s, uint32_t idx);
static int null_crypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx); static int null_crypt_rtcp(struct crypto_context *c, const struct rtcp_packet *r, str *s, uint32_t idx);
/* all lengths are in bytes */ /* all lengths are in bytes */
struct crypto_suite __crypto_suites[] = { struct crypto_suite __crypto_suites[] = {
@ -534,12 +534,12 @@ static int aes_cm_encrypt(struct crypto_context *c, uint32_t ssrc, str *s, uint3
} }
/* rfc 3711 section 4.1 */ /* rfc 3711 section 4.1 */
static int aes_cm_encrypt_rtp(struct crypto_context *c, struct rtp_header *r, str *s, uint32_t idx) { static int aes_cm_encrypt_rtp(struct crypto_context *c, const struct rtp_header *r, str *s, uint32_t idx) {
return aes_cm_encrypt(c, r->ssrc, s, idx); return aes_cm_encrypt(c, r->ssrc, s, idx);
} }
/* rfc 3711 sections 3.4 and 4.1 */ /* rfc 3711 sections 3.4 and 4.1 */
static int aes_cm_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx) { static int aes_cm_encrypt_rtcp(struct crypto_context *c, const struct rtcp_packet *r, str *s, uint32_t idx) {
return aes_cm_encrypt(c, r->ssrc, s, idx); return aes_cm_encrypt(c, r->ssrc, s, idx);
} }
@ -558,7 +558,7 @@ union aes_gcm_rtp_iv {
_Static_assert(offsetof(union aes_gcm_rtp_iv, seq) == 10, _Static_assert(offsetof(union aes_gcm_rtp_iv, seq) == 10,
"union aes_gcm_rtp_iv not packed"); "union aes_gcm_rtp_iv not packed");
static int aes_gcm_encrypt_rtp(struct crypto_context *c, struct rtp_header *r, str *s, uint32_t idx) { static int aes_gcm_encrypt_rtp(struct crypto_context *c, const struct rtp_header *r, str *s, uint32_t idx) {
union aes_gcm_rtp_iv iv; union aes_gcm_rtp_iv iv;
int len, ciphertext_len; int len, ciphertext_len;
@ -587,7 +587,7 @@ static int aes_gcm_encrypt_rtp(struct crypto_context *c, struct rtp_header *r, s
return 0; return 0;
} }
static int aes_gcm_decrypt_rtp(struct crypto_context *c, struct rtp_header *r, str *s, uint32_t idx) { static int aes_gcm_decrypt_rtp(struct crypto_context *c, const struct rtp_header *r, str *s, uint32_t idx) {
union aes_gcm_rtp_iv iv; union aes_gcm_rtp_iv iv;
int len, plaintext_len; int len, plaintext_len;
@ -634,7 +634,7 @@ union aes_gcm_rtcp_iv {
_Static_assert(offsetof(union aes_gcm_rtcp_iv, srtcp) == 8, _Static_assert(offsetof(union aes_gcm_rtcp_iv, srtcp) == 8,
"union aes_gcm_rtcp_iv not packed"); "union aes_gcm_rtcp_iv not packed");
static int aes_gcm_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx) { static int aes_gcm_encrypt_rtcp(struct crypto_context *c, const struct rtcp_packet *r, str *s, uint32_t idx) {
union aes_gcm_rtcp_iv iv; union aes_gcm_rtcp_iv iv;
uint32_t e_idx; uint32_t e_idx;
int len, ciphertext_len; int len, ciphertext_len;
@ -665,7 +665,7 @@ static int aes_gcm_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r,
return 0; return 0;
} }
static int aes_gcm_decrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx) { static int aes_gcm_decrypt_rtcp(struct crypto_context *c, const struct rtcp_packet *r, str *s, uint32_t idx) {
union aes_gcm_rtcp_iv iv; union aes_gcm_rtcp_iv iv;
uint32_t e_idx; uint32_t e_idx;
int len, plaintext_len; int len, plaintext_len;
@ -761,7 +761,7 @@ done:
} }
/* rfc 3711 section 4.1.2.2 */ /* rfc 3711 section 4.1.2.2 */
static int aes_f8_encrypt_rtp(struct crypto_context *c, struct rtp_header *r, str *s, uint32_t idx) { static int aes_f8_encrypt_rtp(struct crypto_context *c, const struct rtp_header *r, str *s, uint32_t idx) {
unsigned char iv[16]; unsigned char iv[16];
uint32_t roc; uint32_t roc;
@ -776,7 +776,7 @@ static int aes_f8_encrypt_rtp(struct crypto_context *c, struct rtp_header *r, st
} }
/* rfc 3711 section 4.1.2.3 */ /* rfc 3711 section 4.1.2.3 */
static int aes_f8_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx) { static int aes_f8_encrypt_rtcp(struct crypto_context *c, const struct rtcp_packet *r, str *s, uint32_t idx) {
unsigned char iv[16]; unsigned char iv[16];
uint32_t i; uint32_t i;
@ -930,10 +930,10 @@ static int evp_session_key_cleanup(struct crypto_context *c) {
return 0; return 0;
} }
static int null_crypt_rtp(struct crypto_context *c, struct rtp_header *r, str *s, uint32_t idx) { static int null_crypt_rtp(struct crypto_context *c, const struct rtp_header *r, str *s, uint32_t idx) {
return 0; return 0;
} }
static int null_crypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx) { static int null_crypt_rtcp(struct crypto_context *c, const struct rtcp_packet *r, str *s, uint32_t idx) {
return 0; return 0;
} }

55
daemon/media_socket.c
Unescape View File

@ -112,10 +112,14 @@ static int __k_null(struct rtpengine_srtp *s, struct packet_stream *);
static int __k_srtp_encrypt(struct rtpengine_srtp *s, struct packet_stream *); static int __k_srtp_encrypt(struct rtpengine_srtp *s, struct packet_stream *);
static int __k_srtp_decrypt(struct rtpengine_srtp *s, struct packet_stream *); static int __k_srtp_decrypt(struct rtpengine_srtp *s, struct packet_stream *);
static int call_avp2savp_rtp(str *s, struct packet_stream *, struct ssrc_entry_call *); static int call_avp2savp_rtp(const struct rtp_header *, str *s, str *payload, struct packet_stream *,
static int call_savp2avp_rtp(str *s, struct packet_stream *, struct ssrc_entry_call *); struct ssrc_entry_call *);
static int call_avp2savp_rtcp(str *s, struct packet_stream *, struct ssrc_entry_call *); static int call_savp2avp_rtp(const struct rtp_header *, str *s, str *payload, struct packet_stream *,
static int call_savp2avp_rtcp(str *s, struct packet_stream *, struct ssrc_entry_call *); struct ssrc_entry_call *);
static int call_avp2savp_rtcp(const struct rtcp_packet *, str *s, str *payload, struct packet_stream *,
struct ssrc_entry_call *);
static int call_savp2avp_rtcp(const struct rtcp_packet *, str *s, str *payload, struct packet_stream *,
struct ssrc_entry_call *);
static struct logical_intf *__get_logical_interface(const str *name, sockfamily_t *fam); static struct logical_intf *__get_logical_interface(const str *name, sockfamily_t *fam);
@ -1470,21 +1474,25 @@ static void stream_fd_closed(int fd, void *p) {
static int call_avp2savp_rtp(str *s, struct packet_stream *stream, struct ssrc_entry_call *ssrc_ctx) static int call_avp2savp_rtp(const struct rtp_header *rtp, str *s, str *payload, struct packet_stream *stream,
struct ssrc_entry_call *ssrc_ctx)
{ {
return rtp_avp2savp(s, &stream->crypto, ssrc_ctx); return rtp_avp2savp(rtp, s, payload, &stream->crypto, ssrc_ctx);
} }
static int call_avp2savp_rtcp(str *s, struct packet_stream *stream, struct ssrc_entry_call *ssrc_ctx) static int call_avp2savp_rtcp(const struct rtcp_packet *rtcp, str *s, str *payload, struct packet_stream *stream,
struct ssrc_entry_call *ssrc_ctx)
{ {
return rtcp_avp2savp(s, &stream->crypto, ssrc_ctx); return rtcp_avp2savp(rtcp, s, payload, &stream->crypto, ssrc_ctx);
} }
static int call_savp2avp_rtp(str *s, struct packet_stream *stream, struct ssrc_entry_call *ssrc_ctx) static int call_savp2avp_rtp(const struct rtp_header *rtp, str *s, str *payload, struct packet_stream *stream,
struct ssrc_entry_call *ssrc_ctx)
{ {
return rtp_savp2avp(s, &stream->selected_sfd->crypto, ssrc_ctx); return rtp_savp2avp(rtp, s, payload, &stream->selected_sfd->crypto, ssrc_ctx);
} }
static int call_savp2avp_rtcp(str *s, struct packet_stream *stream, struct ssrc_entry_call *ssrc_ctx) static int call_savp2avp_rtcp(const struct rtcp_packet *rtcp, str *s, str *payload, struct packet_stream *stream,
struct ssrc_entry_call *ssrc_ctx)
{ {
return rtcp_savp2avp(s, &stream->selected_sfd->crypto, ssrc_ctx); return rtcp_savp2avp(rtcp, s, payload, &stream->selected_sfd->crypto, ssrc_ctx);
} }
@ -2411,18 +2419,22 @@ static int media_packet_decrypt(struct packet_handler_ctx *phc)
struct sink_handler *first_sh = phc->sinks->length ? phc->sinks->head->data : NULL; struct sink_handler *first_sh = phc->sinks->length ? phc->sinks->head->data : NULL;
const struct streamhandler *sh = __determine_handler(phc->in_srtp, first_sh); const struct streamhandler *sh = __determine_handler(phc->in_srtp, first_sh);
// XXX use an array with index instead of if/else rewrite_arg header;
if (G_LIKELY(!phc->rtcp)) if (G_LIKELY(!phc->rtcp)) {
phc->decrypt_func = sh->in->rtp_crypt; phc->decrypt_func = sh->in->rtp_crypt;
else header.rtp = phc->mp.rtp;
}
else {
phc->decrypt_func = sh->in->rtcp_crypt; phc->decrypt_func = sh->in->rtcp_crypt;
header.rtcp = phc->mp.rtcp;
}
/* return values are: 0 = forward packet, -1 = error/don't forward, /* return values are: 0 = forward packet, -1 = error/don't forward,
* 1 = forward and push update to redis */ * 1 = forward and push update to redis */
int ret = 0; int ret = 0;
if (phc->decrypt_func) { if (phc->decrypt_func) {
str ori_s = phc->s; str ori_s = phc->s;
ret = phc->decrypt_func(&phc->s, phc->in_srtp, phc->mp.ssrc_in); ret = phc->decrypt_func(header, &phc->s, &phc->mp.payload, phc->in_srtp, phc->mp.ssrc_in);
// XXX for stripped auth tag and duplicate invocations of rtp_payload // XXX for stripped auth tag and duplicate invocations of rtp_payload
// XXX transcoder uses phc->mp.payload // XXX transcoder uses phc->mp.payload
phc->mp.payload.len -= ori_s.len - phc->s.len; phc->mp.payload.len -= ori_s.len - phc->s.len;
@ -2463,7 +2475,16 @@ int media_packet_encrypt(rewrite_func encrypt_func, struct packet_stream *out, s
memcpy(p->plain.s, p->s.s, p->s.len); memcpy(p->plain.s, p->s.s, p->s.len);
p->plain_free_func = bufferpool_unref; p->plain_free_func = bufferpool_unref;
} }
int encret = encrypt_func(&p->s, out, mp->ssrc_out);
rewrite_arg header = {};
str payload = STR_NULL;
if (mp->rtp)
header.rtp = rtp_payload(&payload, &p->s, NULL);
else if (mp->rtcp)
header.rtcp = rtcp_payload(&payload, &p->s);
int encret = encrypt_func(header, &p->s, &payload, out, mp->ssrc_out);
if (encret == 1) if (encret == 1)
ret |= 0x02; ret |= 0x02;
else if (encret != 0) else if (encret != 0)

34
daemon/rtcp.c
Unescape View File

@ -842,15 +842,16 @@ error:
} }
/* rfc 3711 section 3.4 */ /* rfc 3711 section 3.4 */
int rtcp_avp2savp(str *s, struct crypto_context *c, struct ssrc_entry_call *ssrc_ctx) { int rtcp_avp2savp(const struct rtcp_packet *rtcp, str *s, str *payload, struct crypto_context *c,
struct rtcp_packet *rtcp; struct ssrc_entry_call *ssrc_ctx)
{
unsigned int i; unsigned int i;
uint32_t *idx; uint32_t *idx;
str to_auth, payload; str to_auth;
if (G_UNLIKELY(!ssrc_ctx)) if (G_UNLIKELY(!ssrc_ctx))
return -1; return -1;
if (!(rtcp = rtcp_payload(&payload, s))) if (G_UNLIKELY(!rtcp))
return -1; return -1;
if (check_session_keys(c)) if (check_session_keys(c))
return -1; return -1;
@ -859,15 +860,15 @@ int rtcp_avp2savp(str *s, struct crypto_context *c, struct ssrc_entry_call *ssrc
g_autoptr(crypto_debug_string) cds = crypto_debug_init(true); g_autoptr(crypto_debug_string) cds = crypto_debug_init(true);
crypto_debug_printf(cds, "RTCP SSRC %" PRIx32 ", idx %u, plain pl: ", crypto_debug_printf(cds, "RTCP SSRC %" PRIx32 ", idx %u, plain pl: ",
rtcp->ssrc, i); rtcp->ssrc, i);
crypto_debug_dump(cds, &payload); crypto_debug_dump(cds, payload);
int prev_len = payload.len; size_t prev_len = payload->len;
if (!c->params.session_params.unencrypted_srtcp && crypto_encrypt_rtcp(c, rtcp, &payload, i)) if (!c->params.session_params.unencrypted_srtcp && crypto_encrypt_rtcp(c, rtcp, payload, i))
return -1; return -1;
s->len += payload.len - prev_len; s->len += payload->len - prev_len;
crypto_debug_printf(cds, ", enc pl: "); crypto_debug_printf(cds, ", enc pl: ");
crypto_debug_dump(cds, &payload); crypto_debug_dump(cds, payload);
idx = (void *) s->s + s->len; idx = (void *) s->s + s->len;
*idx = htonl((c->params.session_params.unencrypted_srtcp ? 0ULL : 0x80000000ULL) | i); *idx = htonl((c->params.session_params.unencrypted_srtcp ? 0ULL : 0x80000000ULL) | i);
@ -890,16 +891,17 @@ int rtcp_avp2savp(str *s, struct crypto_context *c, struct ssrc_entry_call *ssrc
/* rfc 3711 section 3.4 */ /* rfc 3711 section 3.4 */
int rtcp_savp2avp(str *s, struct crypto_context *c, struct ssrc_entry_call *ssrc_ctx) { int rtcp_savp2avp(const struct rtcp_packet *rtcp, str *s, str *payload, struct crypto_context *c,
struct rtcp_packet *rtcp; struct ssrc_entry_call *ssrc_ctx)
str payload, to_auth, to_decrypt, auth_tag; {
str to_auth, to_decrypt, auth_tag;
uint32_t idx; uint32_t idx;
char hmac[20]; char hmac[20];
const char *err; const char *err;
if (G_UNLIKELY(!ssrc_ctx)) if (G_UNLIKELY(!ssrc_ctx))
return -1; return -1;
if (!(rtcp = rtcp_payload(&payload, s))) if (G_UNLIKELY(!rtcp))
return -1; return -1;
if (check_session_keys(c)) if (check_session_keys(c))
return -1; return -1;
@ -908,7 +910,7 @@ int rtcp_savp2avp(str *s, struct crypto_context *c, struct ssrc_entry_call *ssrc
if (srtp_payloads(&to_auth, &to_decrypt, &auth_tag, NULL, if (srtp_payloads(&to_auth, &to_decrypt, &auth_tag, NULL,
c->params.crypto_suite->srtcp_auth_tag, c->params.mki_len, c->params.crypto_suite->srtcp_auth_tag, c->params.mki_len,
s, &payload)) s, payload))
return -1; return -1;
crypto_debug_printf(cds, "RTCP SSRC %" PRIx32 ", enc pl: ", crypto_debug_printf(cds, "RTCP SSRC %" PRIx32 ", enc pl: ",
@ -1601,7 +1603,9 @@ void rtcp_send_report(struct call_media *media, struct ssrc_entry_call *ssrc_out
if (crypt_handler && crypt_handler->out->rtcp_crypt) { if (crypt_handler && crypt_handler->out->rtcp_crypt) {
g_string_set_size(sr, sr->len + RTP_BUFFER_TAIL_ROOM); g_string_set_size(sr, sr->len + RTP_BUFFER_TAIL_ROOM);
rtcp_packet = STR_LEN(sr->str, sr->len - RTP_BUFFER_TAIL_ROOM); rtcp_packet = STR_LEN(sr->str, sr->len - RTP_BUFFER_TAIL_ROOM);
crypt_handler->out->rtcp_crypt(&rtcp_packet, ps, ssrc_out); str payload;
struct rtcp_packet *header = rtcp_payload(&payload, &rtcp_packet);
crypt_handler->out->rtcp_crypt(header, &rtcp_packet, &payload, ps, ssrc_out);
} }
socket_sendto(&ps->selected_sfd->socket, rtcp_packet.s, rtcp_packet.len, &ps->endpoint); socket_sendto(&ps->selected_sfd->socket, rtcp_packet.s, rtcp_packet.len, &ps->endpoint);

40
daemon/rtp.c
Unescape View File

@ -43,7 +43,7 @@ error:
return -1; return -1;
} }
static unsigned int packet_index(struct ssrc_entry_call *ssrc_ctx, struct rtp_header *rtp, static unsigned int packet_index(struct ssrc_entry_call *ssrc_ctx, const struct rtp_header *rtp,
crypto_debug_string **cds) crypto_debug_string **cds)
{ {
uint16_t seq; uint16_t seq;
@ -102,14 +102,15 @@ void rtp_append_mki(str *s, struct crypto_context *c, crypto_debug_string *cds)
} }
/* rfc 3711, section 3.3 */ /* rfc 3711, section 3.3 */
int rtp_avp2savp(str *s, struct crypto_context *c, struct ssrc_entry_call *ssrc_ctx) { int rtp_avp2savp(const struct rtp_header *rtp, str *s, str *payload, struct crypto_context *c,
struct rtp_header *rtp; struct ssrc_entry_call *ssrc_ctx)
str payload, to_auth; {
str to_auth;
unsigned int index; unsigned int index;
if (G_UNLIKELY(!ssrc_ctx)) if (G_UNLIKELY(!ssrc_ctx))
return -1; return -1;
if (!(rtp = rtp_payload(&payload, s, NULL))) if (G_UNLIKELY(!rtp))
return -1; return -1;
if (check_session_keys(c)) if (check_session_keys(c))
return -1; return -1;
@ -118,16 +119,16 @@ int rtp_avp2savp(str *s, struct crypto_context *c, struct ssrc_entry_call *ssrc_
index = packet_index(ssrc_ctx, rtp, &cds); index = packet_index(ssrc_ctx, rtp, &cds);
crypto_debug_printf(cds, ", plain pl: "); crypto_debug_printf(cds, ", plain pl: ");
crypto_debug_dump(cds, &payload); crypto_debug_dump(cds, payload);
/* rfc 3711 section 3.1 */ /* rfc 3711 section 3.1 */
int prev_len = payload.len; size_t prev_len = payload->len;
if (!c->params.session_params.unencrypted_srtp && crypto_encrypt_rtp(c, rtp, &payload, index)) if (!c->params.session_params.unencrypted_srtp && crypto_encrypt_rtp(c, rtp, payload, index))
return -1; return -1;
s->len += payload.len - prev_len; s->len += payload->len - prev_len;
crypto_debug_printf(cds, ", enc pl: "); crypto_debug_printf(cds, ", enc pl: ");
crypto_debug_dump(cds, &payload); crypto_debug_dump(cds, payload);
to_auth = *s; to_auth = *s;
@ -144,12 +145,12 @@ int rtp_avp2savp(str *s, struct crypto_context *c, struct ssrc_entry_call *ssrc_
} }
// just updates the ext_seq in ssrc // just updates the ext_seq in ssrc
int rtp_update_index(str *s, struct packet_stream *ps, struct ssrc_entry_call *ssrc) { int rtp_update_index(const struct rtp_header *rtp, str *s, str *payload, struct packet_stream *ps,
struct rtp_header *rtp; struct ssrc_entry_call *ssrc)
{
if (G_UNLIKELY(!ssrc)) if (G_UNLIKELY(!ssrc))
return -1; return -1;
if (!(rtp = rtp_payload(NULL, s, NULL))) if (G_UNLIKELY(!rtp))
return -1; return -1;
g_autoptr(crypto_debug_string) cds = NULL; g_autoptr(crypto_debug_string) cds = NULL;
packet_index(ssrc, rtp, &cds); packet_index(ssrc, rtp, &cds);
@ -157,15 +158,16 @@ int rtp_update_index(str *s, struct packet_stream *ps, struct ssrc_entry_call *s
} }
/* rfc 3711, section 3.3 */ /* rfc 3711, section 3.3 */
int rtp_savp2avp(str *s, struct crypto_context *c, struct ssrc_entry_call *ssrc_ctx) { int rtp_savp2avp(const struct rtp_header *rtp, str *s, str *payload, struct crypto_context *c,
struct rtp_header *rtp; struct ssrc_entry_call *ssrc_ctx)
{
unsigned int index; unsigned int index;
str payload, to_auth, to_decrypt, auth_tag; str to_auth, to_decrypt, auth_tag;
char hmac[20]; char hmac[20];
if (G_UNLIKELY(!ssrc_ctx)) if (G_UNLIKELY(!ssrc_ctx))
return -1; return -1;
if (!(rtp = rtp_payload(&payload, s, NULL))) if (G_UNLIKELY(!rtp))
return -1; return -1;
if (check_session_keys(c)) if (check_session_keys(c))
return -1; return -1;
@ -175,7 +177,7 @@ int rtp_savp2avp(str *s, struct crypto_context *c, struct ssrc_entry_call *ssrc_
if (srtp_payloads(&to_auth, &to_decrypt, &auth_tag, NULL, if (srtp_payloads(&to_auth, &to_decrypt, &auth_tag, NULL,
c->params.session_params.unauthenticated_srtp ? 0 : c->params.crypto_suite->srtp_auth_tag, c->params.session_params.unauthenticated_srtp ? 0 : c->params.crypto_suite->srtp_auth_tag,
c->params.mki_len, c->params.mki_len,
s, &payload)) s, payload))
return -1; return -1;
crypto_debug_printf(cds, ", enc pl: "); crypto_debug_printf(cds, ", enc pl: ");

12
include/crypto.h
Unescape View File

@ -19,8 +19,8 @@ struct crypto_context;
struct rtp_header; struct rtp_header;
struct rtcp_packet; struct rtcp_packet;
typedef int (*crypto_func_rtp)(struct crypto_context *, struct rtp_header *, str *, uint32_t); typedef int (*crypto_func_rtp)(struct crypto_context *, const struct rtp_header *, str *, uint32_t);
typedef int (*crypto_func_rtcp)(struct crypto_context *, struct rtcp_packet *, str *, uint32_t); typedef int (*crypto_func_rtcp)(struct crypto_context *, const struct rtcp_packet *, str *, uint32_t);
typedef int (*hash_func_rtp)(struct crypto_context *, char *out, str *in, uint32_t); typedef int (*hash_func_rtp)(struct crypto_context *, char *out, str *in, uint32_t);
typedef int (*hash_func_rtcp)(struct crypto_context *, char *out, str *in); typedef int (*hash_func_rtcp)(struct crypto_context *, char *out, str *in);
typedef int (*session_key_init_func)(struct crypto_context *); typedef int (*session_key_init_func)(struct crypto_context *);
@ -119,22 +119,22 @@ INLINE int crypto_params_sdes_cmp(const struct crypto_params_sdes *cs, gconstpoi
} }
INLINE int crypto_encrypt_rtp(struct crypto_context *c, struct rtp_header *rtp, INLINE int crypto_encrypt_rtp(struct crypto_context *c, const struct rtp_header *rtp,
str *payload, uint32_t index) str *payload, uint32_t index)
{ {
return c->params.crypto_suite->encrypt_rtp(c, rtp, payload, index); return c->params.crypto_suite->encrypt_rtp(c, rtp, payload, index);
} }
INLINE int crypto_decrypt_rtp(struct crypto_context *c, struct rtp_header *rtp, INLINE int crypto_decrypt_rtp(struct crypto_context *c, const struct rtp_header *rtp,
str *payload, uint32_t index) str *payload, uint32_t index)
{ {
return c->params.crypto_suite->decrypt_rtp(c, rtp, payload, index); return c->params.crypto_suite->decrypt_rtp(c, rtp, payload, index);
} }
INLINE int crypto_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *rtcp, INLINE int crypto_encrypt_rtcp(struct crypto_context *c, const struct rtcp_packet *rtcp,
str *payload, uint32_t index) str *payload, uint32_t index)
{ {
return c->params.crypto_suite->encrypt_rtcp(c, rtcp, payload, index); return c->params.crypto_suite->encrypt_rtcp(c, rtcp, payload, index);
} }
INLINE int crypto_decrypt_rtcp(struct crypto_context *c, struct rtcp_packet *rtcp, INLINE int crypto_decrypt_rtcp(struct crypto_context *c, const struct rtcp_packet *rtcp,
str *payload, uint32_t index) str *payload, uint32_t index)
{ {
return c->params.crypto_suite->decrypt_rtcp(c, rtcp, payload, index); return c->params.crypto_suite->decrypt_rtcp(c, rtcp, payload, index);

8
include/media_socket.h
Unescape View File

@ -29,7 +29,13 @@ TYPED_GQUEUE(stream_fd, stream_fd)
typedef int rtcp_filter_func(struct media_packet *, GQueue *); typedef int rtcp_filter_func(struct media_packet *, GQueue *);
typedef int (*rewrite_func)(str *, struct packet_stream *, struct ssrc_entry_call *);
typedef union {
const struct rtp_header *rtp;
const struct rtcp_packet *rtcp;
} rewrite_arg __attribute__ ((__transparent_union__));
typedef int (*rewrite_func)(rewrite_arg header, str *packet, str *payload, struct packet_stream *,
struct ssrc_entry_call *);
enum transport_protocol_index { enum transport_protocol_index {

6
include/rtcp.h
Unescape View File

@ -17,8 +17,10 @@ extern struct rtcp_handler *rtcp_transcode_handler;
extern struct rtcp_handler *rtcp_sink_handler; extern struct rtcp_handler *rtcp_sink_handler;
int rtcp_avp2savp(str *, struct crypto_context *, struct ssrc_entry_call *); int rtcp_avp2savp(const struct rtcp_packet *, str *packet, str *payload, struct crypto_context *,
int rtcp_savp2avp(str *, struct crypto_context *, struct ssrc_entry_call *); struct ssrc_entry_call *);
int rtcp_savp2avp(const struct rtcp_packet *, str *packet, str *payload, struct crypto_context *,
struct ssrc_entry_call *);
__attribute__((nonnull(2))) __attribute__((nonnull(2)))
struct rtcp_packet *rtcp_payload(str *p, const str *s); struct rtcp_packet *rtcp_payload(str *p, const str *s);

9
include/rtp.h
Unescape View File

@ -16,10 +16,13 @@ typedef GString crypto_debug_string;
const rtp_payload_type *get_rtp_payload_type(unsigned int, struct codec_store *); const rtp_payload_type *get_rtp_payload_type(unsigned int, struct codec_store *);
int rtp_avp2savp(str *, struct crypto_context *, struct ssrc_entry_call *); int rtp_avp2savp(const struct rtp_header *, str *packet, str *payload, struct crypto_context *,
int rtp_savp2avp(str *, struct crypto_context *, struct ssrc_entry_call *); struct ssrc_entry_call *);
int rtp_savp2avp(const struct rtp_header *, str *packet, str *payload, struct crypto_context *,
struct ssrc_entry_call *);
int rtp_update_index(str *, struct packet_stream *, struct ssrc_entry_call *); int rtp_update_index(const struct rtp_header *, str *packet, str *payload, struct packet_stream *,
struct ssrc_entry_call *);
void rtp_append_mki(str *s, struct crypto_context *c, crypto_debug_string *); void rtp_append_mki(str *s, struct crypto_context *c, crypto_debug_string *);
int srtp_payloads(str *to_auth, str *to_decrypt, str *auth_tag, str *mki, int srtp_payloads(str *to_auth, str *to_decrypt, str *auth_tag, str *mki,

4
t/aead-decrypt.c
Unescape View File

@ -61,7 +61,9 @@ int main(int argc, char **argv) {
.stats = &stats, .stats = &stats,
}; };
int ret = rtp_savp2avp(&s, &cc, &se); str payload;
struct rtp_header *rtp = rtp_payload(&payload, &s, NULL);
int ret = rtp_savp2avp(rtp, &s, &payload, &cc, &se);
assert(ret == 0); assert(ret == 0);
printf("idx %d ROC %d\n", se.stats->ext_seq, se.stats->ext_seq >> 16); printf("idx %d ROC %d\n", se.stats->ext_seq, se.stats->ext_seq >> 16);
return 0; return 0;

Write Preview
Loading…
Cancel
Save