liblibsrtp.c

完整的RTP RTSP代码库

/*
 * The contents of this file are subject to the Mozilla Public
 * License Version 1.1 (the "License"); you may not use this file
 * except in compliance with the License. You may obtain a copy of
 * the License at http://www.mozilla.org/MPL/
 * 
 * Software distributed under the License is distributed on an "AS
 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
 * implied. See the License for the specific language governing
 * rights and limitations under the License.
 * 
 * The Initial Developer of the Original Code is Cisco Systems Inc.
 * Portions created by Cisco Systems Inc. are
 * Copyright (C) Cisco Systems Inc. 2006.  All Rights Reserved.
 * 
 * Contributor(s): 
 *              Will Clark              will_clark@cisco.com
 */

#include "liblibsrtp.h"
#include "rtp.h"
#include "mp4.h"
#include <assert.h>
#include "mutex.h"

//#define DEBUG_SRTP_CALLS 1
#define DUMP_RAW_RTP_PAK 0
#define DUMP_ENC_RTP_PAK 0
#define DUMP_RAW_RTCP_PAK 1
#define DUMP_ENC_RTCP_PAK 1

#ifdef HAVE_SRTP
struct srtp_if_t_ {
  srtp_policy_t in_policy, out_policy;
  srtp_t in_ctx, out_ctx;
  uint8_t tx_keysalt[32]; // 32, not 30, due to brokenness in libsrtp
  uint8_t rx_keysalt[32]; // 32, not 30, due to brokenness in libsrtp
  mutex_t mutex;
};
#endif

static int srtp_if_debug_level = LOG_DEBUG;

static error_msg_func_t error_msg_func = NULL;

void srtp_if_set_loglevel (int loglevel)
{
  srtp_if_debug_level = loglevel;
}

void srtp_if_set_error_func (error_msg_func_t func)
{
  error_msg_func = func;
}

#ifdef HAVE_SRTP
static void srtp_if_debug (int loglevel, const char *fmt, ...)
{
  if (loglevel <= srtp_if_debug_level) {
    if (error_msg_func != NULL) {
      va_list ap;
      va_start(ap, fmt);
      (error_msg_func)(loglevel, "libsrtp_if", fmt, ap);
      va_end(ap);
    } else {
      va_list ap;
      printf("libsrtp_if-%d:", loglevel);
      va_start(ap, fmt);
      vprintf(fmt, ap);
      va_end(ap);
      printf("\n");
    }
  }
}
#endif

#ifdef HAVE_SRTP
static bool srtp_if_initialize(void)
{
  static bool srtp_inited = false;
  err_status_t status;
  if (srtp_inited) return true;

  status = srtp_init();
  if (status) {
    srtp_if_debug(LOG_ALERT, "srtp initialization failed with error cde %d", status);
    return false;
  }
  srtp_inited = true;

  return true;
}
#endif

#ifdef HAVE_SRTP
static int our_srtp_encrypt (void *foo, 
			     uint8_t *buffer, 
			     uint32_t *len)
{
  err_status_t err;
  int retdata;
  srtp_if_t *srtp_if = (srtp_if_t *)foo;
  uint32_t i;
  retdata = *len;
  if (DUMP_RAW_RTP_PAK) {
    srtp_if_debug(LOG_DEBUG,"Calling srtp_protect, len %d", *len);
    for (i = 0; i < *len; i++) {
      printf("%02x ", buffer[i]);
      if (((i + 1) % 16) == 0) printf("\n");
    }
    printf("\n");
  }

#ifdef DEBUG_SRTP_CALLS
  srtp_if_debug(LOG_DEBUG,"calling srtp_protect: len %d proto %u seq %u", *len,
		buffer[1] & 0x7f, ntohs(*(uint16_t *)(buffer + 2)));
#endif

  MutexLock(srtp_if->mutex);
  err = srtp_protect(srtp_if->out_ctx, buffer, &retdata);
  MutexUnlock(srtp_if->mutex);

  if (DUMP_ENC_RTP_PAK) {
    srtp_if_debug(LOG_DEBUG,"Calling srtp_protect, ERR %d\n", *len);
    for (i = 0; i < *len; i++) {
      printf("%02x ", buffer[i]);
      if (((i + 1) % 16) == 0) printf("\n");
    }
    printf("\n");
  }

  if (err != 0) {
    srtp_if_debug(LOG_ERR, "failing srtp encrypts error %d len %u", err, *len);
    return FALSE;
  }
  *len = retdata;
  return TRUE;
}

static int our_srtp_decrypt (void *foo, 
			     uint8_t *buffer, 
			     uint32_t *len)
{
  err_status_t err;
  int retdata;
	srtp_if_t *srtp_if = (srtp_if_t *)foo;
  uint32_t i;

  retdata = *len;

  if (DUMP_ENC_RTP_PAK) {
    srtp_if_debug(LOG_DEBUG,"Calling srtp_unprotect, len %d", *len);
    for (i = 0; i < *len; i++) {
      printf("%02x ", buffer[i]);
      if (((i + 1) % 16) == 0) printf("\n");
    }
    printf("\n");
  }
#ifdef DEBUG_SRTP_CALLS
  srtp_if_debug(LOG_DEBUG,"calling srtp_unprotect: len %d proto %u seq %u", *len,
		buffer[1] & 0x7f, ntohs(*(uint16_t *)(buffer + 2)));
#endif
  MutexLock(srtp_if->mutex);
  err = srtp_unprotect(srtp_if->in_ctx, buffer, &retdata);
  MutexUnlock(srtp_if->mutex);
  if(err != 0) {
    srtp_if_debug(LOG_DEBUG,"called srtp_unprotect: ERR %d", err);
  }

  if (DUMP_RAW_RTP_PAK) {
    for (i = 0; i < *len; i++) {
      printf("%02x ", buffer[i]);
      if (((i + 1) % 12) == 0) printf("\n");
    }
    printf("\n");
    srtp_if_debug(LOG_DEBUG,"exiting srtp_decrypt %d %d", err, retdata);
  }
  if (err != 0) {
    srtp_if_debug(LOG_ERR, "return from srtp_unprotect %d len %d orig %u",
		  err, retdata, *len);
    return FALSE;
  }
  *len = retdata;
  return TRUE;
}     

static int our_srtcp_encrypt (void *foo, 
			     unsigned char *buffer, 
			     uint32_t *len)
{
  err_status_t err;
  int retdata;
  srtp_if_t *srtp_if = (srtp_if_t *)foo;
  uint32_t i;

  retdata = *len;
  if (DUMP_ENC_RTCP_PAK) {
    srtp_if_debug(LOG_DEBUG,"Calling srtp_protect_rtcp, len %d", *len);
    for (i = 0; i < *len; i++) {
      printf("%02x ", buffer[i]);
      if (((i + 1) % 16) == 0) printf("\n");
    }
    printf("\n");
  }

  MutexLock(srtp_if->mutex);
  err = srtp_protect_rtcp(srtp_if->out_ctx, (void *)buffer, &retdata);
  MutexUnlock(srtp_if->mutex);
  if (DUMP_RAW_RTCP_PAK) {
    for (i = 0; i < (uint32_t)retdata; i++) {
      printf("%02x ", buffer[i]);
      if (((i + 1) % 16) == 0) printf("\n");
    }
    printf("\n");
    srtp_if_debug(LOG_DEBUG,"exiting srtcp_encrypt %d %d", err, retdata);
  }

  if (err != 0) {
    srtp_if_debug(LOG_ERR, "failing srtcp encrypts error %d len %u", err, *len);
    return FALSE;
  }
  *len = retdata;
  return TRUE;
}

static int our_srtcp_decrypt (void *foo, 
			     unsigned char *buffer, 
			     uint32_t *len)
{
  err_status_t err;
  int retdata;
  srtp_if_t *srtp_if = (srtp_if_t *)foo;
  uint32_t i;

  retdata = *len;
  if (DUMP_ENC_RTCP_PAK) {
    srtp_if_debug(LOG_DEBUG,"Calling srtp_unprotect_rtcp, len %d", *len);
    for (i = 0; i < *len; i++) {
      printf("%02x ", buffer[i]);
      if (((i + 1) % 16) == 0) printf("\n");
    }
    printf("\n");
  }
  MutexLock(srtp_if->mutex);
  err = srtp_unprotect_rtcp(srtp_if->in_ctx, (void *)buffer, &retdata);
  MutexUnlock(srtp_if->mutex);
  if (DUMP_RAW_RTCP_PAK) {
    for (i = 0; i < (uint32_t)retdata; i++) {
      printf("%02x ", buffer[i]);
      if (((i + 1) % 16) == 0) printf("\n");
    }
    printf("\n");
    srtp_if_debug(LOG_DEBUG,"exiting srtcp_decrypt %d %d", err, retdata);
  }
  if (err != 0) {
    srtp_if_debug(LOG_ERR,"return from srtp_unprotect_rtcp %d len %d orig %u",err, retdata,
		  *len);
    return FALSE;
  }
  *len = retdata;
  return TRUE;
}

static uint8_t to_hex (const char ptr)
{
  if (isdigit(ptr)) {
    return (ptr - '0');
  }
  return (tolower(ptr) - 'a' + 10);
}

static bool string_to_hex (uint8_t *to, const char *from, uint to_len)
{
  while (*from != '\0') {
    if (to_len == 0) return false;
    *to = to_hex(*from++) << 4;
    *to |= to_hex(*from++);
    to++;
    to_len--;
  }
  return true;
}
#endif

#ifdef HAVE_SRTP
static void configure_cipher_auth (srtp_policy_t *policy, 
				   srtp_if_params_t *sparam) {

  assert(policy != 0);
  // bko -- protect
  crypto_policy_set_rtp_default(&policy->rtp);
  crypto_policy_set_rtcp_default(&policy->rtcp);

  if (sparam->rtp_enc == true) {
    srtp_if_debug(LOG_DEBUG, "configure_cipher_auth: RTP encryption selectd");
    if (sparam->enc_algo == SRTP_ENC_AES_CM_128) {
      srtp_if_debug(LOG_DEBUG, "configure_cipher_auth: 128bit RTP encryption");
      policy->rtp.cipher_type = AES_128_ICM;
      policy->rtp.cipher_key_len = 30;
    } else {
      srtp_if_debug(LOG_ALERT, "unrecognized cipher type for RTP");
      assert(0);
    }
  } else {
    srtp_if_debug(LOG_DEBUG, "configure_cipher_auth: null RTP encryption");
    policy->rtp.cipher_type     = NULL_CIPHER;
    policy->rtp.cipher_key_len  = 0; 
  }    

  if (sparam->rtp_auth == true) {
    if (sparam->auth_algo == SRTP_AUTH_HMAC_SHA1_80) {
      srtp_if_debug(LOG_DEBUG, "configure_cipher_auth: SHA1_80 auth");
      policy->rtp.auth_type = HMAC_SHA1;
      policy->rtp.auth_key_len = 20;
      policy->rtp.auth_tag_len = 10;
    } else if (sparam->auth_algo == SRTP_AUTH_HMAC_SHA1_32) {
      srtp_if_debug(LOG_DEBUG, "configure_cipher_auth: SHA1_32 auth");
      policy->rtp.auth_type = HMAC_SHA1;
      policy->rtp.auth_key_len = 20;
      policy->rtp.auth_tag_len = 4;    
    } else {
      srtp_if_debug(LOG_ALERT, "unrecognized auth type for RTP");
      assert(0);
    }

  } else {
    srtp_if_debug(LOG_DEBUG, "configure_cipher_auth: no auth");
    policy->rtp.auth_type       = NULL_AUTH;
    policy->rtp.auth_key_len    = 0;
    policy->rtp.auth_tag_len    = 0;    
  }

  if (sparam->rtp_enc == true && sparam->rtp_auth == true)
    policy->rtp.sec_serv = sec_serv_conf_and_auth;
  else if (sparam->rtp_enc == true && sparam->rtp_auth == false)
    policy->rtp.sec_serv = sec_serv_conf;
  else if (sparam->rtp_enc == false && sparam->rtp_auth == true)
    policy->rtp.sec_serv = sec_serv_auth;
  else
    policy->rtp.sec_serv = sec_serv_none;
  
  if (sparam->rtcp_enc == true) {