Skip to content
Snippets Groups Projects
Commit 8e3d1b33 authored by Guillaume Roguez's avatar Guillaume Roguez
Browse files

srtp: force usage of SRTP_AEAD_AES_256_GCM 

Force cipher name from SDP to be SRTP_AEAD_AES_256_GCM (I/O)
and 44-bytes SRTP params.

Change-Id: I5a59f1986e5afb64708a2d013c7be32760bce2bf
Tuleap: #747
parent dbd3f6a5
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
src/media/socket_pair.cpp
+ 3
3
View file @ 8e3d1b33
...@@ -62,7 +62,7 @@ static constexpr int NET_POLL_TIMEOUT = 100; /* poll() timeout in ms */ ...@@ -62,7 +62,7 @@ static constexpr int NET_POLL_TIMEOUT = 100; /* poll() timeout in ms */
// Maximal size allowed for a RTP packet. // Maximal size allowed for a RTP packet.
// This value of 1232 bytes is an IPv6 minimum (1280 - 40 IPv6 header - 8 UDP header). // This value of 1232 bytes is an IPv6 minimum (1280 - 40 IPv6 header - 8 UDP header).
static const size_t RTP_BUFFER_SIZE = 1232; // also used for RTPC static const size_t RTP_BUFFER_SIZE = 1232; // also used for RTPC
static const size_t SRTP_BUFFER_SIZE = RTP_BUFFER_SIZE - 10; // minus biggest authentication tag (=> SRTP_AES128_CM_HMAC_SHA1_80) static const size_t SRTP_BUFFER_SIZE = RTP_BUFFER_SIZE - 16; // minus biggest authentication tag (=> SRTP_AEAD_AES_256_GCM)
enum class DataType : unsigned { RTP=1<<0, RTCP=1<<1 }; enum class DataType : unsigned { RTP=1<<0, RTCP=1<<1 };
...@@ -72,14 +72,14 @@ public: ...@@ -72,14 +72,14 @@ public:
const char* in_suite, const char* in_key) { const char* in_suite, const char* in_key) {
if (out_suite && out_key) { if (out_suite && out_key) {
// XXX: see srtp_open from libavformat/srtpproto.c // XXX: see srtp_open from libavformat/srtpproto.c
if (ff_srtp_set_crypto(&srtp_out, out_suite, out_key) < 0) { if (ff_srtp_set_crypto(&srtp_out, "SRTP_AEAD_AES_256_GCM", out_key) < 0) {
srtp_close(); srtp_close();
throw std::runtime_error("Could not set crypto on output"); throw std::runtime_error("Could not set crypto on output");
} }
} }
if (in_suite && in_key) { if (in_suite && in_key) {
if (ff_srtp_set_crypto(&srtp_in, in_suite, in_key) < 0) { if (ff_srtp_set_crypto(&srtp_in, "SRTP_AEAD_AES_256_GCM", in_key) < 0) {
srtp_close(); srtp_close();
throw std::runtime_error("Could not set crypto on input"); throw std::runtime_error("Could not set crypto on input");
} }
......
src/sip/sdp.cpp
+ 5
2
View file @ 8e3d1b33
...@@ -150,8 +150,11 @@ Sdp::generateSdesAttribute() ...@@ -150,8 +150,11 @@ Sdp::generateSdesAttribute()
{ {
static constexpr const unsigned cryptoSuite = 0; static constexpr const unsigned cryptoSuite = 0;
std::vector<uint8_t> keyAndSalt; std::vector<uint8_t> keyAndSalt;
#if 0
keyAndSalt.resize(ring::CryptoSuites[cryptoSuite].masterKeyLength / 8 keyAndSalt.resize(ring::CryptoSuites[cryptoSuite].masterKeyLength / 8
+ ring::CryptoSuites[cryptoSuite].masterSaltLength/ 8); + ring::CryptoSuites[cryptoSuite].masterSaltLength/ 8);
#endif
keyAndSalt.resize(32+12); // AES-GCM-256 master-key + salt
// generate keys // generate keys
randomFill(keyAndSalt); randomFill(keyAndSalt);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment