sdp-crypto: Include "ICM" in crypto suite enums
This indicates integer counter mode being used and helps disambiguate additional crypto suites in the future. Renamed CALLS_SRTP_SUITE_AES_128_SHA1_80 → CALLS_SRTP_SUITE_AES_128_ICM_SHA1_80 and CALLS_SRTP_SUITE_AES_128_SHA1_32 → CALLS_SRTP_SUITE_AES_128_ICM_SHA1_32
This commit is contained in:
Дилян Палаузов
committed by
Evangelos Ribeiro Tzaras
Evangelos Ribeiro Tzaras
parent
e6bfa6d933
commit
8ca3597646
@@ -435,14 +435,14 @@ calls_sdp_crypto_context_generate_offer (CallsSdpCryptoContext *self)
|
|||||||
|
|
||||||
attr = calls_srtp_crypto_attribute_new (1);
|
attr = calls_srtp_crypto_attribute_new (1);
|
||||||
attr->tag = 1;
|
attr->tag = 1;
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
|
||||||
calls_srtp_crypto_attribute_init_keys (attr);
|
calls_srtp_crypto_attribute_init_keys (attr);
|
||||||
|
|
||||||
self->local_crypto_attributes = g_list_append (NULL, attr);
|
self->local_crypto_attributes = g_list_append (NULL, attr);
|
||||||
|
|
||||||
attr = calls_srtp_crypto_attribute_new (1);
|
attr = calls_srtp_crypto_attribute_new (1);
|
||||||
attr->tag = 2;
|
attr->tag = 2;
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
|
||||||
calls_srtp_crypto_attribute_init_keys (attr);
|
calls_srtp_crypto_attribute_init_keys (attr);
|
||||||
|
|
||||||
self->local_crypto_attributes = g_list_append (self->local_crypto_attributes, attr);
|
self->local_crypto_attributes = g_list_append (self->local_crypto_attributes, attr);
|
||||||
|
|||||||
@@ -55,8 +55,8 @@ static gsize
|
|||||||
get_key_size_for_suite (calls_srtp_crypto_suite suite)
|
get_key_size_for_suite (calls_srtp_crypto_suite suite)
|
||||||
{
|
{
|
||||||
switch (suite) {
|
switch (suite) {
|
||||||
case CALLS_SRTP_SUITE_AES_128_SHA1_32:
|
case CALLS_SRTP_SUITE_AES_CM_128_SHA1_32:
|
||||||
case CALLS_SRTP_SUITE_AES_128_SHA1_80:
|
case CALLS_SRTP_SUITE_AES_CM_128_SHA1_80:
|
||||||
return 30;
|
return 30;
|
||||||
|
|
||||||
case CALLS_SRTP_SUITE_UNKNOWN:
|
case CALLS_SRTP_SUITE_UNKNOWN:
|
||||||
@@ -353,11 +353,10 @@ calls_srtp_parse_sdp_crypto_attribute (const char *attribute,
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* f.e. attr_fields[1] = "AES_CM_128_HMAC_SHA1_32" */
|
|
||||||
if (g_strcmp0 (attr_fields[1], "AES_CM_128_HMAC_SHA1_32") == 0)
|
if (g_strcmp0 (attr_fields[1], "AES_CM_128_HMAC_SHA1_32") == 0)
|
||||||
crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
|
crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
|
||||||
else if (g_strcmp0 (attr_fields[1], "AES_CM_128_HMAC_SHA1_80") == 0)
|
else if (g_strcmp0 (attr_fields[1], "AES_CM_128_HMAC_SHA1_80") == 0)
|
||||||
crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
|
crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
|
||||||
else
|
else
|
||||||
crypto_suite = CALLS_SRTP_SUITE_UNKNOWN; /* error */
|
crypto_suite = CALLS_SRTP_SUITE_UNKNOWN; /* error */
|
||||||
|
|
||||||
@@ -576,9 +575,9 @@ calls_srtp_print_sdp_crypto_attribute (calls_srtp_crypto_attribute *attr,
|
|||||||
if (!validate_crypto_attribute (attr, error))
|
if (!validate_crypto_attribute (attr, error))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_32)
|
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_32)
|
||||||
crypto_suite = "AES_CM_128_HMAC_SHA1_32";
|
crypto_suite = "AES_CM_128_HMAC_SHA1_32";
|
||||||
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_80)
|
else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_80)
|
||||||
crypto_suite = "AES_CM_128_HMAC_SHA1_80";
|
crypto_suite = "AES_CM_128_HMAC_SHA1_80";
|
||||||
else
|
else
|
||||||
return NULL;
|
return NULL;
|
||||||
@@ -719,14 +718,14 @@ calls_srtp_crypto_get_srtpdec_params (calls_srtp_crypto_attribute *attr,
|
|||||||
{
|
{
|
||||||
g_return_val_if_fail (attr, FALSE);
|
g_return_val_if_fail (attr, FALSE);
|
||||||
|
|
||||||
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_32) {
|
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_32) {
|
||||||
*srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-128-icm";
|
*srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-128-icm";
|
||||||
*srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-32";
|
*srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-32";
|
||||||
*srtcp_cipher = attr->unencrypted_srtcp ? "null" : "aes-128-icm";
|
*srtcp_cipher = attr->unencrypted_srtcp ? "null" : "aes-128-icm";
|
||||||
*srtcp_auth = attr->unencrypted_srtcp ? "null" : "hmac-sha1-32";
|
*srtcp_auth = attr->unencrypted_srtcp ? "null" : "hmac-sha1-32";
|
||||||
|
|
||||||
return TRUE;
|
return TRUE;
|
||||||
} else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_80) {
|
} else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_80) {
|
||||||
*srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-128-icm";
|
*srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-128-icm";
|
||||||
*srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-80";
|
*srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-80";
|
||||||
*srtcp_cipher = attr->unencrypted_srtcp ? "null" : "aes-128-icm";
|
*srtcp_cipher = attr->unencrypted_srtcp ? "null" : "aes-128-icm";
|
||||||
@@ -758,14 +757,14 @@ calls_srtp_crypto_get_srtpenc_params (calls_srtp_crypto_attribute *attr,
|
|||||||
{
|
{
|
||||||
g_return_val_if_fail (attr, FALSE);
|
g_return_val_if_fail (attr, FALSE);
|
||||||
|
|
||||||
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_32) {
|
if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_32) {
|
||||||
*srtp_cipher = attr->unencrypted_srtp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
|
*srtp_cipher = attr->unencrypted_srtp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
|
||||||
*srtp_auth = attr->unauthenticated_srtp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_32;
|
*srtp_auth = attr->unauthenticated_srtp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_32;
|
||||||
*srtcp_cipher = attr->unencrypted_srtcp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
|
*srtcp_cipher = attr->unencrypted_srtcp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
|
||||||
*srtcp_auth = attr->unencrypted_srtcp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_32;
|
*srtcp_auth = attr->unencrypted_srtcp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_32;
|
||||||
|
|
||||||
return TRUE;
|
return TRUE;
|
||||||
} else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_80) {
|
} else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_CM_128_SHA1_80) {
|
||||||
|
|
||||||
*srtp_cipher = attr->unencrypted_srtp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
|
*srtp_cipher = attr->unencrypted_srtp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
|
||||||
*srtp_auth = attr->unauthenticated_srtp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_80;
|
*srtp_auth = attr->unauthenticated_srtp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_80;
|
||||||
|
|||||||
@@ -30,8 +30,8 @@ G_BEGIN_DECLS
|
|||||||
|
|
||||||
typedef enum {
|
typedef enum {
|
||||||
CALLS_SRTP_SUITE_UNKNOWN = 0,
|
CALLS_SRTP_SUITE_UNKNOWN = 0,
|
||||||
CALLS_SRTP_SUITE_AES_128_SHA1_32,
|
CALLS_SRTP_SUITE_AES_CM_128_SHA1_32, /* RFC 4568 */
|
||||||
CALLS_SRTP_SUITE_AES_128_SHA1_80,
|
CALLS_SRTP_SUITE_AES_CM_128_SHA1_80, /* RFC 4568 */
|
||||||
} calls_srtp_crypto_suite;
|
} calls_srtp_crypto_suite;
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -47,7 +47,7 @@ test_sip_media_manager_caps (void)
|
|||||||
|
|
||||||
attr = calls_srtp_crypto_attribute_new (1);
|
attr = calls_srtp_crypto_attribute_new (1);
|
||||||
attr->tag = 1;
|
attr->tag = 1;
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
|
||||||
calls_srtp_crypto_attribute_init_keys (attr);
|
calls_srtp_crypto_attribute_init_keys (attr);
|
||||||
|
|
||||||
crypto_attributes = g_list_append (NULL, attr);
|
crypto_attributes = g_list_append (NULL, attr);
|
||||||
|
|||||||
@@ -55,7 +55,7 @@ test_crypto_attribute_validity (void)
|
|||||||
|
|
||||||
g_assert_null (calls_srtp_print_sdp_crypto_attribute (attr, NULL));
|
g_assert_null (calls_srtp_print_sdp_crypto_attribute (attr, NULL));
|
||||||
|
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
|
||||||
key_salt = calls_srtp_generate_key_salt (30);
|
key_salt = calls_srtp_generate_key_salt (30);
|
||||||
attr->key_params[0].b64_keysalt = g_base64_encode (key_salt, 30);
|
attr->key_params[0].b64_keysalt = g_base64_encode (key_salt, 30);
|
||||||
g_free (key_salt);
|
g_free (key_salt);
|
||||||
@@ -122,7 +122,7 @@ test_crypto_attribute_validity (void)
|
|||||||
|
|
||||||
attr = calls_srtp_crypto_attribute_new (4);
|
attr = calls_srtp_crypto_attribute_new (4);
|
||||||
attr->tag = 12;
|
attr->tag = 12;
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
|
||||||
|
|
||||||
calls_srtp_crypto_attribute_init_keys (attr);
|
calls_srtp_crypto_attribute_init_keys (attr);
|
||||||
attr->key_params[0].lifetime = 31;
|
attr->key_params[0].lifetime = 31;
|
||||||
@@ -182,7 +182,7 @@ test_parse (void)
|
|||||||
attr_simple = calls_srtp_crypto_attribute_new (1);
|
attr_simple = calls_srtp_crypto_attribute_new (1);
|
||||||
key_salt = calls_srtp_generate_key_salt (30);
|
key_salt = calls_srtp_generate_key_salt (30);
|
||||||
attr_simple->tag = 1;
|
attr_simple->tag = 1;
|
||||||
attr_simple->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
|
attr_simple->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
|
||||||
attr_simple->key_params[0].b64_keysalt = g_base64_encode (key_salt, 30);
|
attr_simple->key_params[0].b64_keysalt = g_base64_encode (key_salt, 30);
|
||||||
|
|
||||||
attr_simple_str = calls_srtp_print_sdp_crypto_attribute (attr_simple, NULL);
|
attr_simple_str = calls_srtp_print_sdp_crypto_attribute (attr_simple, NULL);
|
||||||
@@ -200,7 +200,7 @@ test_parse (void)
|
|||||||
|
|
||||||
attr_multi = calls_srtp_crypto_attribute_new (2);
|
attr_multi = calls_srtp_crypto_attribute_new (2);
|
||||||
attr_multi->tag = 42;
|
attr_multi->tag = 42;
|
||||||
attr_multi->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
|
attr_multi->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
|
||||||
calls_srtp_crypto_attribute_init_keys (attr_multi);
|
calls_srtp_crypto_attribute_init_keys (attr_multi);
|
||||||
|
|
||||||
attr_multi_str = calls_srtp_print_sdp_crypto_attribute (attr_multi, NULL);
|
attr_multi_str = calls_srtp_print_sdp_crypto_attribute (attr_multi, NULL);
|
||||||
@@ -236,7 +236,7 @@ test_srtp_params (void)
|
|||||||
GstSrtpCipherType srtcp_cipher_enum;
|
GstSrtpCipherType srtcp_cipher_enum;
|
||||||
GstSrtpAuthType srtcp_auth_enum;
|
GstSrtpAuthType srtcp_auth_enum;
|
||||||
|
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
|
||||||
attr->unencrypted_srtp = FALSE;
|
attr->unencrypted_srtp = FALSE;
|
||||||
attr->unauthenticated_srtp = FALSE;
|
attr->unauthenticated_srtp = FALSE;
|
||||||
attr->unencrypted_srtcp = FALSE;
|
attr->unencrypted_srtcp = FALSE;
|
||||||
@@ -263,7 +263,7 @@ test_srtp_params (void)
|
|||||||
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
|
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
|
||||||
|
|
||||||
|
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
|
||||||
attr->unencrypted_srtp = TRUE;
|
attr->unencrypted_srtp = TRUE;
|
||||||
attr->unauthenticated_srtp = FALSE;
|
attr->unauthenticated_srtp = FALSE;
|
||||||
attr->unencrypted_srtcp = FALSE;
|
attr->unencrypted_srtcp = FALSE;
|
||||||
@@ -290,7 +290,7 @@ test_srtp_params (void)
|
|||||||
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
|
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
|
||||||
|
|
||||||
|
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
|
||||||
attr->unencrypted_srtp = FALSE;
|
attr->unencrypted_srtp = FALSE;
|
||||||
attr->unauthenticated_srtp = TRUE;
|
attr->unauthenticated_srtp = TRUE;
|
||||||
attr->unencrypted_srtcp = FALSE;
|
attr->unencrypted_srtcp = FALSE;
|
||||||
@@ -317,7 +317,7 @@ test_srtp_params (void)
|
|||||||
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
|
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
|
||||||
|
|
||||||
|
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_32;
|
||||||
attr->unencrypted_srtp = FALSE;
|
attr->unencrypted_srtp = FALSE;
|
||||||
attr->unauthenticated_srtp = FALSE;
|
attr->unauthenticated_srtp = FALSE;
|
||||||
attr->unencrypted_srtcp = TRUE;
|
attr->unencrypted_srtcp = TRUE;
|
||||||
@@ -344,7 +344,7 @@ test_srtp_params (void)
|
|||||||
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_NULL);
|
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_NULL);
|
||||||
|
|
||||||
|
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
|
||||||
attr->unencrypted_srtp = FALSE;
|
attr->unencrypted_srtp = FALSE;
|
||||||
attr->unauthenticated_srtp = FALSE;
|
attr->unauthenticated_srtp = FALSE;
|
||||||
attr->unencrypted_srtcp = FALSE;
|
attr->unencrypted_srtcp = FALSE;
|
||||||
@@ -371,7 +371,7 @@ test_srtp_params (void)
|
|||||||
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
|
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
|
||||||
|
|
||||||
|
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
|
||||||
attr->unencrypted_srtp = TRUE;
|
attr->unencrypted_srtp = TRUE;
|
||||||
attr->unauthenticated_srtp = FALSE;
|
attr->unauthenticated_srtp = FALSE;
|
||||||
attr->unencrypted_srtcp = FALSE;
|
attr->unencrypted_srtcp = FALSE;
|
||||||
@@ -398,7 +398,7 @@ test_srtp_params (void)
|
|||||||
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
|
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
|
||||||
|
|
||||||
|
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
|
||||||
attr->unencrypted_srtp = FALSE;
|
attr->unencrypted_srtp = FALSE;
|
||||||
attr->unauthenticated_srtp = TRUE;
|
attr->unauthenticated_srtp = TRUE;
|
||||||
attr->unencrypted_srtcp = FALSE;
|
attr->unencrypted_srtcp = FALSE;
|
||||||
@@ -425,7 +425,7 @@ test_srtp_params (void)
|
|||||||
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
|
g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
|
||||||
|
|
||||||
|
|
||||||
attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
|
attr->crypto_suite = CALLS_SRTP_SUITE_AES_CM_128_SHA1_80;
|
||||||
attr->unencrypted_srtp = FALSE;
|
attr->unencrypted_srtp = FALSE;
|
||||||
attr->unauthenticated_srtp = FALSE;
|
attr->unauthenticated_srtp = FALSE;
|
||||||
attr->unencrypted_srtcp = TRUE;
|
attr->unencrypted_srtcp = TRUE;
|
||||||
|
|||||||
Reference in New Issue
Block a user