mikey: add different key length parameters

Add encryption and authentication key length parameters to MIKEY. For
the encoders, the key lengths are obtained from the cipher and auth
algorithms set in the caps. For the decoders, they are obtained while
parsing the key management from the client.

Fixes https://bugzilla.gnome.org/show_bug.cgi?id=730472
This commit is contained in:
Aleix Conchillo Flaqué 2014-05-20 14:48:37 -07:00 committed by Wim Taymans
parent fc06329e87
commit 32432b5c61
3 changed files with 64 additions and 0 deletions

View file

@ -1545,6 +1545,18 @@ mikey_apply_policy (GstCaps * caps, GstMIKEYMessage * msg, guint8 policy)
break; break;
} }
break; break;
case GST_MIKEY_SP_SRTP_ENC_KEY_LEN:
switch (param->val[0]) {
case AES_128_KEY_LEN:
srtp_cipher = "aes-128-icm";
break;
case AES_256_KEY_LEN:
srtp_cipher = "aes-256-icm";
break;
default:
break;
}
break;
case GST_MIKEY_SP_SRTP_AUTH_ALG: case GST_MIKEY_SP_SRTP_AUTH_ALG:
switch (param->val[0]) { switch (param->val[0]) {
case 0: case 0:
@ -1558,6 +1570,18 @@ mikey_apply_policy (GstCaps * caps, GstMIKEYMessage * msg, guint8 policy)
break; break;
} }
break; break;
case GST_MIKEY_SP_SRTP_AUTH_KEY_LEN:
switch (param->val[0]) {
case HMAC_32_KEY_LEN:
srtp_auth = "hmac-sha1-32";
break;
case HMAC_80_KEY_LEN:
srtp_auth = "hmac-sha1-80";
break;
default:
break;
}
break;
case GST_MIKEY_SP_SRTP_SRTP_ENC: case GST_MIKEY_SP_SRTP_SRTP_ENC:
break; break;
case GST_MIKEY_SP_SRTP_SRTCP_ENC: case GST_MIKEY_SP_SRTP_SRTCP_ENC:

View file

@ -72,6 +72,32 @@ update_sdp_from_tags (GstRTSPStream * stream, GstSDPMedia * stream_media)
gst_object_unref (src_pad); gst_object_unref (src_pad);
} }
static guint8
enc_key_length_from_cipher_name (const gchar * cipher)
{
if (g_strcmp0 (cipher, "aes-128-icm") == 0)
return AES_128_KEY_LEN;
else if (g_strcmp0 (cipher, "aes-256-icm") == 0)
return AES_256_KEY_LEN;
else {
GST_ERROR ("encryption algorithm '%s' not supported", cipher);
return 0;
}
}
static guint8
auth_key_length_from_auth_name (const gchar * auth)
{
if (g_strcmp0 (auth, "hmac-sha1-32") == 0)
return HMAC_32_KEY_LEN;
else if (g_strcmp0 (auth, "hmac-sha1-80") == 0)
return HMAC_80_KEY_LEN;
else {
GST_ERROR ("authentication algorithm '%s' not supported", auth);
return 0;
}
}
static void static void
make_media (GstSDPMessage * sdp, GstSDPInfo * info, GstRTSPMedia * media, make_media (GstSDPMessage * sdp, GstSDPInfo * info, GstRTSPMedia * media,
GstRTSPStream * stream, GstStructure * s, GstRTSPProfile profile) GstRTSPStream * stream, GstStructure * s, GstRTSPProfile profile)
@ -226,9 +252,17 @@ make_media (GstSDPMessage * sdp, GstSDPInfo * info, GstRTSPMedia * media,
byte = 1; byte = 1;
gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_ENC_ALG, 1, gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_ENC_ALG, 1,
&byte); &byte);
/* Encryption key length */
byte = enc_key_length_from_cipher_name (srtpcipher);
gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_ENC_KEY_LEN, 1,
&byte);
/* only HMAC-SHA1 */ /* only HMAC-SHA1 */
gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_AUTH_ALG, 1, gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_AUTH_ALG, 1,
&byte); &byte);
/* Authentication key length */
byte = auth_key_length_from_auth_name (srtpauth);
gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_AUTH_KEY_LEN, 1,
&byte);
/* we enable encryption on RTP and RTCP */ /* we enable encryption on RTP and RTCP */
gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_SRTP_ENC, 1, gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_SRTP_ENC, 1,
&byte); &byte);

View file

@ -27,6 +27,12 @@
G_BEGIN_DECLS G_BEGIN_DECLS
#define AES_128_KEY_LEN 16
#define AES_256_KEY_LEN 32
#define HMAC_32_KEY_LEN 4
#define HMAC_80_KEY_LEN 10
typedef struct { typedef struct {
gboolean is_ipv6; gboolean is_ipv6;
const gchar *server_ip; const gchar *server_ip;