gstreamer/subprojects/gst-plugins-base/gst-libs/gst
François Laignel 0f7be28eb1 rtspsrc: client-managed MIKEY KeyMgmt
Some servers (e.g. Axis cameras) expect the client to propose the encryption
key(s) to be used for SRTP / SRTCP. This is required to allow re-keying so
as to evade cryptanalysis. Note that the behaviour is not specified by the
RFCs. By setting the 'client-managed-mikey-mode' property to 'true', rtspsrc
acts as follows:

* For a secured profile (RTP/SAVP or RTP/SAVPF), any media in the SDP
  returned by the server for which a MIKEY key management applies is
  elligible for client managed mode. The MIKEY from the server is then
  ignored.
* rtspsrc sends a SETUP with a MIKEY payload proposed by the user. The
  payload is formed by calling the 'request-rtp-key' signal for each
  elligible stream. During initialisation, 'request-rtcp-key' is also
  called as usual. The keys returned by both signals should be the same
  for a single stream, but the mechanism allows a different approach.
* The user can start re-keying of a stream by calling SET_PARAMETER.
  The convenience signal 'set-mikey-parameter' can be used to build a
  'KeyMgmt' parameter with a MIKEY payload.
* After the server accepts the new parameter, the user can call
  'remove-key' and prepare for the new key(s) to be served by signals
  'request-rtp-key' & 'request-rtcp-key'.
* The signals 'soft-limit' & 'hard-limit' are called when a key
  reaches the limits of its utilisation.

This commit adds support for:

* client-managed MIKEY mode to srtpsrc.
* Master Key Index (MKI) parsing and encoding to GstMIKEYMessage.
* re-keying using the signals 'set-mikey-parameter' & 'remove-key' and
  then by serving the new key via 'request-rtp-key' & 'request-rtcp-key'.
* 'soft-limit' & 'hard-limit' signals, similar to those provided by srtpdec.

See also:

* https://www.rfc-editor.org/rfc/rfc3830
* https://www.rfc-editor.org/rfc/rfc4567

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7587>
2024-10-24 12:43:11 +00:00
..
allocators allocators: drmdump: Add NV15 supports 2024-09-30 16:11:09 +00:00
app gst: Move GstQueueArray as GstVecDeque to core 2024-05-06 18:25:42 +00:00
audio gst: hamonise recent Caps function names with Structure counterparts 2024-10-16 23:14:50 +00:00
fft gst-plugins-base: re-indent with GNU indent 2.2.12 2023-03-17 03:18:53 +00:00
gl gst-plugins-base: Set swap interval to 0 for wayland EGL windows 2024-10-20 14:03:11 +00:00
pbutils pbutils: descriptions: add H.266/VVC descriptions 2024-10-15 08:19:27 +00:00
riff riff: Add support for Lagarith fourcc tag 2024-10-10 03:55:04 +00:00
rtp common: Stop using GQuark-based GstStructure field name API 2024-09-26 19:21:29 +03:00
rtsp rtspconnection: Handle invalid argument properly 2024-08-06 03:50:34 +00:00
sdp rtspsrc: client-managed MIKEY KeyMgmt 2024-10-24 12:43:11 +00:00
tag exiftag: Check the result of gst_date_time_new_local_time 2024-10-23 05:34:30 +00:00
video gst: hamonise recent Caps function names with Structure counterparts 2024-10-16 23:14:50 +00:00
glib-compat-private.h gst-plugins-base: use g_sort_array() instead of deprecated g_qsort_with_data() 2024-09-02 22:31:34 +00:00
meson.build sdp: Handle level-asymmetry-allowed for H264 streams 2021-12-12 10:59:00 -03:00