📄 srtp_driver.c
字号:
stream->rtcp_cipher->type->description, stream->rtcp_auth->type->description, serv_descr[stream->rtcp_services]); } /* loop over streams in session, printing the policy of each */ stream = srtp->stream_list; while (stream != NULL) { if (stream->rtp_services > sec_serv_conf_and_auth) return err_status_bad_param; printf("# SSRC: 0x%08x\r\n" "# rtp cipher: %s\r\n" "# rtp auth: %s\r\n" "# rtp services: %s\r\n" "# rtcp cipher: %s\r\n" "# rtcp auth: %s\r\n" "# rtcp services: %s\r\n", stream->ssrc, stream->rtp_cipher->type->description, stream->rtp_auth->type->description, serv_descr[stream->rtp_services], stream->rtcp_cipher->type->description, stream->rtcp_auth->type->description, serv_descr[stream->rtcp_services]); /* advance to next stream in the list */ stream = stream->next; } return err_status_ok;}err_status_tsrtp_print_policy(const srtp_policy_t *policy) { err_status_t status; srtp_t session; status = srtp_create(&session, policy); if (status) return status; status = srtp_session_print_policy(session); if (status) return status; status = srtp_dealloc(session); if (status) return status; return err_status_ok;}/* * srtp_print_packet(...) is for debugging only * it prints an RTP packet to the stdout * * note that this function is *not* threadsafe */#include <stdio.h>#define MTU 2048char packet_string[MTU];char *srtp_packet_to_string(srtp_hdr_t *hdr, int pkt_octet_len) { int octets_in_rtp_header = 12; uint8_t *data = ((uint8_t *)hdr)+octets_in_rtp_header; int hex_len = pkt_octet_len-octets_in_rtp_header; /* sanity checking */ if ((hdr == NULL) || (pkt_octet_len > MTU)) return NULL; /* write packet into string */ sprintf(packet_string, "(s)rtp packet: {\n" " version:\t%d\n" " p:\t\t%d\n" " x:\t\t%d\n" " cc:\t\t%d\n" " m:\t\t%d\n" " pt:\t\t%x\n" " seq:\t\t%x\n" " ts:\t\t%x\n" " ssrc:\t%x\n" " data:\t%s\n" "} (%d octets in total)\n", hdr->version, hdr->p, hdr->x, hdr->cc, hdr->m, hdr->pt, hdr->seq, hdr->ts, hdr->ssrc, octet_string_hex_string(data, hex_len), pkt_octet_len); return packet_string;}/* * mips_estimate() is a simple function to estimate the number of * instructions per second that the host can perform. note that this * function can be grossly wrong; you may want to have a manual sanity * check of its output! * * the 'ignore' pointer is there to convince the compiler to not just * optimize away the function */doublemips_estimate(int num_trials, int *ignore) { clock_t t; int i, sum; sum = 0; t = clock(); for (i=0; i<num_trials; i++) sum += i; t = clock() - t;/* printf("%d\n", sum); */ *ignore = sum; return (double) num_trials * CLOCKS_PER_SEC / t;}/* * srtp_validate() verifies the correctness of libsrtp by comparing * some computed packets against some pre-computed reference values. * These packets were made with the default SRTP policy. */err_status_tsrtp_validate() { unsigned char test_key[30] = { 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb, 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6 }; uint8_t srtp_plaintext_ref[28] = { 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad, 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab }; uint8_t srtp_plaintext[38] = { 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad, 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; uint8_t srtp_ciphertext[38] = { 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad, 0xca, 0xfe, 0xba, 0xbe, 0x4e, 0x55, 0xdc, 0x4c, 0xe7, 0x99, 0x78, 0xd8, 0x8c, 0xa4, 0xd2, 0x15, 0x94, 0x9d, 0x24, 0x02, 0xb7, 0x8d, 0x6a, 0xcc, 0x99, 0xea, 0x17, 0x9b, 0x8d, 0xbb }; srtp_t srtp_snd, srtp_recv; err_status_t status; int len; srtp_policy_t policy; /* * create a session with a single stream using the default srtp * policy and with the SSRC value 0xcafebabe */ crypto_policy_set_rtp_default(&policy.rtp); crypto_policy_set_rtcp_default(&policy.rtcp); policy.ssrc.type = ssrc_specific; policy.ssrc.value = 0xcafebabe; policy.key = test_key; policy.next = NULL; status = srtp_create(&srtp_snd, &policy); if (status) return status; /* * protect plaintext, then compare with ciphertext */ len = 28; status = srtp_protect(srtp_snd, srtp_plaintext, &len); if (status || (len != 38)) return err_status_fail; debug_print(mod_driver, "ciphertext:\n %s", octet_string_hex_string(srtp_plaintext, len)); debug_print(mod_driver, "ciphertext reference:\n %s", octet_string_hex_string(srtp_ciphertext, len)); if (octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) return err_status_fail; /* * create a receiver session context comparable to the one created * above - we need to do this so that the replay checking doesn't * complain */ status = srtp_create(&srtp_recv, &policy); if (status) return status; /* * unprotect ciphertext, then compare with plaintext */ status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len); if (status || (len != 28)) return status; if (octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) return err_status_fail; return err_status_ok;}err_status_tsrtp_create_big_policy(srtp_policy_t **list) { extern const srtp_policy_t *policy_array[]; srtp_policy_t *p, *tmp; int i = 0; uint32_t ssrc = 0; /* sanity checking */ if ((list == NULL) || (policy_array[0] == NULL)) return err_status_bad_param; /* * loop over policy list, mallocing a new list and copying values * into it (and incrementing the SSRC value as we go along) */ tmp = NULL; while (policy_array[i] != NULL) { p = (srtp_policy_t*) malloc(sizeof(srtp_policy_t)); if (p == NULL) return err_status_bad_param; memcpy(p, policy_array[i], sizeof(srtp_policy_t)); p->ssrc.type = ssrc_specific; p->ssrc.value = ssrc++; p->next = tmp; tmp = p; i++; } *list = p; return err_status_ok;}err_status_tsrtp_test_remove_stream() { err_status_t status; srtp_policy_t *policy_list; srtp_t session; srtp_stream_t stream; /* * srtp_get_stream() is a libSRTP internal function that we declare * here so that we can use it to verify the correct operation of the * library */ extern srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc); status = srtp_create_big_policy(&policy_list); if (status) return status; status = srtp_create(&session, policy_list); if (status) return status; /* * check for false positives by trying to remove a stream that's not * in the session */ status = srtp_remove_stream(session, htonl(0xaaaaaaaa)); if (status != err_status_no_ctx) return err_status_fail; /* * check for false negatives by removing stream 0x1, then * searching for streams 0x0 and 0x2 */ status = srtp_remove_stream(session, htonl(0x1)); if (status != err_status_ok) return err_status_fail; stream = srtp_get_stream(session, htonl(0x0)); if (stream == NULL) return err_status_fail; stream = srtp_get_stream(session, htonl(0x2)); if (stream == NULL) return err_status_fail; return err_status_ok; }/* * srtp policy definitions - these definitions are used above */unsigned char test_key[30] = { 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb, 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6};const srtp_policy_t default_policy = { { ssrc_any_outbound, 0 }, /* SSRC */ { /* SRTP policy */ AES_128_ICM, /* cipher type */ 30, /* cipher key length in octets */ HMAC_SHA1, /* authentication func type */ 16, /* auth key length in octets */ 10, /* auth tag length in octets */ sec_serv_conf_and_auth /* security services flag */ }, { /* SRTCP policy */ AES_128_ICM, /* cipher type */ 30, /* cipher key length in octets */ HMAC_SHA1, /* authentication func type */ 16, /* auth key length in octets */ 10, /* auth tag length in octets */ sec_serv_conf_and_auth /* security services flag */ }, test_key, NULL};const srtp_policy_t aes_tmmh_policy = { { ssrc_any_outbound, 0 }, /* SSRC */ { AES_128_ICM, /* cipher type */ 30, /* cipher key length in octets */ UST_TMMHv2, /* authentication func type */ 94, /* auth key length in octets */ 4, /* auth tag length in octets */ sec_serv_conf_and_auth /* security services flag */ }, { AES_128_ICM, /* cipher type */ 30, /* cipher key length in octets */ UST_TMMHv2, /* authentication func type */ 94, /* auth key length in octets */ 4, /* auth tag length in octets */ sec_serv_conf_and_auth /* security services flag */ }, test_key, NULL};const srtp_policy_t tmmh_only_policy = { { ssrc_any_outbound, 0 }, /* SSRC */ { AES_128_ICM, /* cipher type */ 30, /* cipher key length in octets */ UST_TMMHv2, /* authentication func type */ 94, /* auth key length in octets */ 4, /* auth tag length in octets */ sec_serv_auth /* security services flag */ }, { AES_128_ICM, /* cipher type */ 30, /* cipher key length in octets */ UST_TMMHv2, /* authentication func type */ 94, /* auth key length in octets */ 4, /* auth tag length in octets */ sec_serv_auth /* security services flag */ }, test_key, NULL};const srtp_policy_t aes_only_policy = { { ssrc_any_outbound, 0 }, /* SSRC */ { AES_128_ICM, /* cipher type */ 30, /* cipher key length in octets */ NULL_AUTH, /* authentication func type */ 0, /* auth key length in octets */ 0, /* auth tag length in octets */ sec_serv_conf /* security services flag */ }, { AES_128_ICM, /* cipher type */ 30, /* cipher key length in octets */ NULL_AUTH, /* authentication func type */ 0, /* auth key length in octets */ 0, /* auth tag length in octets */ sec_serv_conf /* security services flag */ }, test_key, NULL};const srtp_policy_t hmac_only_policy = { { ssrc_any_outbound, 0 }, /* SSRC */ { NULL_CIPHER, /* cipher type */ 0, /* cipher key length in octets */ HMAC_SHA1, /* authentication func type */ 20, /* auth key length in octets */ 4, /* auth tag length in octets */ sec_serv_auth /* security services flag */ }, { NULL_CIPHER, /* cipher type */ 0, /* cipher key length in octets */ HMAC_SHA1, /* authentication func type */ 20, /* auth key length in octets */ 4, /* auth tag length in octets */ sec_serv_auth /* security services flag */ }, test_key, NULL};const srtp_policy_t null_policy = { { ssrc_any_outbound, 0 }, /* SSRC */ { NULL_CIPHER, /* cipher type */ 0, /* cipher key length in octets */ NULL_AUTH, /* authentication func type */ 0, /* auth key length in octets */ 0, /* auth tag length in octets */ sec_serv_none /* security services flag */ }, { NULL_CIPHER, /* cipher type */ 0, /* cipher key length in octets */ NULL_AUTH, /* authentication func type */ 0, /* auth key length in octets */ 0, /* auth tag length in octets */ sec_serv_none /* security services flag */ }, test_key, NULL};/* * an array of pointers to the policies listed above * * This array is used to test various aspects of libSRTP for * different cryptographic policies. The order of the elements * matters - the timing test generates output that can be used * in a plot (see the gnuplot script file 'timing'). If you * add to this list, you should do it at the end. */#define USE_TMMH 0const srtp_policy_t *policy_array[] = { &hmac_only_policy,#if USE_TMMH &tmmh_only_policy,#endif &aes_only_policy,#if USE_TMMH &aes_tmmh_policy,#endif &default_policy, &null_policy, NULL};const srtp_policy_t wildcard_policy = { { ssrc_any_outbound, 0 }, /* SSRC */ { /* SRTP policy */ AES_128_ICM, /* cipher type */ 30, /* cipher key length in octets */ HMAC_SHA1, /* authentication func type */ 16, /* auth key length in octets */ 10, /* auth tag length in octets */ sec_serv_conf_and_auth /* security services flag */ }, { /* SRTCP policy */ AES_128_ICM, /* cipher type */ 30, /* cipher key length in octets */ HMAC_SHA1, /* authentication func type */ 16, /* auth key length in octets */ 10, /* auth tag length in octets */ sec_serv_conf_and_auth /* security services flag */ }, test_key, NULL};⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -