mirror of
https://gitlab.freedesktop.org/gstreamer/gstreamer.git
synced 2024-12-24 01:00:37 +00:00
mikey: add different key length parameters
Add encryption and authentication key length parameters to MIKEY. For the encoders, the key lengths are obtained from the cipher and auth algorithms set in the caps. For the decoders, they are obtained while parsing the key management from the client. Fixes https://bugzilla.gnome.org/show_bug.cgi?id=730472
This commit is contained in:
parent
fc06329e87
commit
32432b5c61
3 changed files with 64 additions and 0 deletions
|
@ -1545,6 +1545,18 @@ mikey_apply_policy (GstCaps * caps, GstMIKEYMessage * msg, guint8 policy)
|
|||
break;
|
||||
}
|
||||
break;
|
||||
case GST_MIKEY_SP_SRTP_ENC_KEY_LEN:
|
||||
switch (param->val[0]) {
|
||||
case AES_128_KEY_LEN:
|
||||
srtp_cipher = "aes-128-icm";
|
||||
break;
|
||||
case AES_256_KEY_LEN:
|
||||
srtp_cipher = "aes-256-icm";
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
break;
|
||||
case GST_MIKEY_SP_SRTP_AUTH_ALG:
|
||||
switch (param->val[0]) {
|
||||
case 0:
|
||||
|
@ -1558,6 +1570,18 @@ mikey_apply_policy (GstCaps * caps, GstMIKEYMessage * msg, guint8 policy)
|
|||
break;
|
||||
}
|
||||
break;
|
||||
case GST_MIKEY_SP_SRTP_AUTH_KEY_LEN:
|
||||
switch (param->val[0]) {
|
||||
case HMAC_32_KEY_LEN:
|
||||
srtp_auth = "hmac-sha1-32";
|
||||
break;
|
||||
case HMAC_80_KEY_LEN:
|
||||
srtp_auth = "hmac-sha1-80";
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
break;
|
||||
case GST_MIKEY_SP_SRTP_SRTP_ENC:
|
||||
break;
|
||||
case GST_MIKEY_SP_SRTP_SRTCP_ENC:
|
||||
|
|
|
@ -72,6 +72,32 @@ update_sdp_from_tags (GstRTSPStream * stream, GstSDPMedia * stream_media)
|
|||
gst_object_unref (src_pad);
|
||||
}
|
||||
|
||||
static guint8
|
||||
enc_key_length_from_cipher_name (const gchar * cipher)
|
||||
{
|
||||
if (g_strcmp0 (cipher, "aes-128-icm") == 0)
|
||||
return AES_128_KEY_LEN;
|
||||
else if (g_strcmp0 (cipher, "aes-256-icm") == 0)
|
||||
return AES_256_KEY_LEN;
|
||||
else {
|
||||
GST_ERROR ("encryption algorithm '%s' not supported", cipher);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
static guint8
|
||||
auth_key_length_from_auth_name (const gchar * auth)
|
||||
{
|
||||
if (g_strcmp0 (auth, "hmac-sha1-32") == 0)
|
||||
return HMAC_32_KEY_LEN;
|
||||
else if (g_strcmp0 (auth, "hmac-sha1-80") == 0)
|
||||
return HMAC_80_KEY_LEN;
|
||||
else {
|
||||
GST_ERROR ("authentication algorithm '%s' not supported", auth);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
static void
|
||||
make_media (GstSDPMessage * sdp, GstSDPInfo * info, GstRTSPMedia * media,
|
||||
GstRTSPStream * stream, GstStructure * s, GstRTSPProfile profile)
|
||||
|
@ -226,9 +252,17 @@ make_media (GstSDPMessage * sdp, GstSDPInfo * info, GstRTSPMedia * media,
|
|||
byte = 1;
|
||||
gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_ENC_ALG, 1,
|
||||
&byte);
|
||||
/* Encryption key length */
|
||||
byte = enc_key_length_from_cipher_name (srtpcipher);
|
||||
gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_ENC_KEY_LEN, 1,
|
||||
&byte);
|
||||
/* only HMAC-SHA1 */
|
||||
gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_AUTH_ALG, 1,
|
||||
&byte);
|
||||
/* Authentication key length */
|
||||
byte = auth_key_length_from_auth_name (srtpauth);
|
||||
gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_AUTH_KEY_LEN, 1,
|
||||
&byte);
|
||||
/* we enable encryption on RTP and RTCP */
|
||||
gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_SRTP_ENC, 1,
|
||||
&byte);
|
||||
|
|
|
@ -27,6 +27,12 @@
|
|||
|
||||
G_BEGIN_DECLS
|
||||
|
||||
#define AES_128_KEY_LEN 16
|
||||
#define AES_256_KEY_LEN 32
|
||||
|
||||
#define HMAC_32_KEY_LEN 4
|
||||
#define HMAC_80_KEY_LEN 10
|
||||
|
||||
typedef struct {
|
||||
gboolean is_ipv6;
|
||||
const gchar *server_ip;
|
||||
|
|
Loading…
Reference in a new issue