Commit graph

9 commits

Author SHA1 Message Date
Philippe Normand
b6c7280868 sdp: Add debug categories for message and mikey modules
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7924>
2024-11-19 18:54:32 +00:00
François Laignel
0f7be28eb1 rtspsrc: client-managed MIKEY KeyMgmt
Some servers (e.g. Axis cameras) expect the client to propose the encryption
key(s) to be used for SRTP / SRTCP. This is required to allow re-keying so
as to evade cryptanalysis. Note that the behaviour is not specified by the
RFCs. By setting the 'client-managed-mikey-mode' property to 'true', rtspsrc
acts as follows:

* For a secured profile (RTP/SAVP or RTP/SAVPF), any media in the SDP
  returned by the server for which a MIKEY key management applies is
  elligible for client managed mode. The MIKEY from the server is then
  ignored.
* rtspsrc sends a SETUP with a MIKEY payload proposed by the user. The
  payload is formed by calling the 'request-rtp-key' signal for each
  elligible stream. During initialisation, 'request-rtcp-key' is also
  called as usual. The keys returned by both signals should be the same
  for a single stream, but the mechanism allows a different approach.
* The user can start re-keying of a stream by calling SET_PARAMETER.
  The convenience signal 'set-mikey-parameter' can be used to build a
  'KeyMgmt' parameter with a MIKEY payload.
* After the server accepts the new parameter, the user can call
  'remove-key' and prepare for the new key(s) to be served by signals
  'request-rtp-key' & 'request-rtcp-key'.
* The signals 'soft-limit' & 'hard-limit' are called when a key
  reaches the limits of its utilisation.

This commit adds support for:

* client-managed MIKEY mode to srtpsrc.
* Master Key Index (MKI) parsing and encoding to GstMIKEYMessage.
* re-keying using the signals 'set-mikey-parameter' & 'remove-key' and
  then by serving the new key via 'request-rtp-key' & 'request-rtcp-key'.
* 'soft-limit' & 'hard-limit' signals, similar to those provided by srtpdec.

See also:

* https://www.rfc-editor.org/rfc/rfc3830
* https://www.rfc-editor.org/rfc/rfc4567

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7587>
2024-10-24 12:43:11 +00:00
Bart Van Severen
a62b07f3b4 sdp: gstmikey: gst_mikey_message_to_caps: extract salt and append to srtp-key
A KEMAC can hold both key and salt, so if salt is present, we should extract it
and append it to the srtp-key cap because libsrtp expects the srtp-key to hold
the concantenated srtp master key and salt.

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/3568>
2023-01-26 07:46:59 +00:00
Bart Van Severen
5678151799 sdp: gstmikey: gst_mikey_message_to_caps: extract ROC from first crypto session
We need the ROC to decrypt a SRTP stream as the ROC is part of the AES IV.
So look for first crypto session, from which we can get the ROC and find corresponding
crypto policy.

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/3568>
2023-01-26 07:46:59 +00:00
Sebastian Dröge
0378bd3fed sdp: Fix gst_mikey_payload_key_data_set_interval() array length annotation
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1744

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/3787>
2023-01-25 13:16:44 +00:00
Tim-Philipp Müller
58722ba48e libs: sdp: drop use of GSlice
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/3695>
2023-01-24 15:25:06 +00:00
Sebastian Dröge
366893e9ac Fix various warnings from gobject-introspection
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/3261>
2022-10-25 09:45:25 +03:00
Sebastian Dröge
2650bba844 sdp: Add/fix various annotations
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/3194>
2022-10-18 13:51:17 +03:00
Thibault Saunier
2fd28195ca Move files from gst-plugins-base into the "subprojects/gst-plugins-base/" subdir 2021-09-24 16:13:26 -03:00
Renamed from gst-libs/gst/sdp/gstmikey.c (Browse further)