[calls] sip: media-pipeline: Use cryptographic parameters
- From: Evangelos Ribeiro Tzaras <devrtz src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [calls] sip: media-pipeline: Use cryptographic parameters
- Date: Tue, 24 May 2022 21:37:28 +0000 (UTC)
commit ea5b4f2895523c9e4b077d54b3360d6bc17bc5b4
Author: Evangelos Ribeiro Tzaras <devrtz fortysixandtwo eu>
Date: Mon Apr 25 09:47:24 2022 +0200
sip: media-pipeline: Use cryptographic parameters
Allows setting up cryptographic parameters with
calls_sip_media_pipeline_set_crypto() and use them to set GstCaps for
GstSrtpDec and GObject properties for GstSrtpEnc
plugins/sip/calls-sip-media-pipeline.c | 167 ++++++++++++++++++++--
plugins/sip/calls-sip-media-pipeline.h | 4 +
plugins/sip/calls-srtp-utils.c | 78 +++++++++++
plugins/sip/calls-srtp-utils.h | 27 ++++
tests/test-srtp.c | 247 +++++++++++++++++++++++++++++++++
5 files changed, 515 insertions(+), 8 deletions(-)
---
diff --git a/plugins/sip/calls-sip-media-pipeline.c b/plugins/sip/calls-sip-media-pipeline.c
index 1e58294f..f007401d 100644
--- a/plugins/sip/calls-sip-media-pipeline.c
+++ b/plugins/sip/calls-sip-media-pipeline.c
@@ -26,6 +26,7 @@
#include "calls-media-pipeline-enums.h"
#include "calls-sip-media-pipeline.h"
+#include "calls-srtp-utils.h"
#include "util.h"
#include <glib-unix.h>
@@ -148,6 +149,8 @@ struct _CallsSipMediaPipeline {
/* SRTP */
gboolean use_srtp;
+ calls_srtp_crypto_attribute *crypto_own;
+ calls_srtp_crypto_attribute *crypto_theirs;
GstElement *srtpenc;
GstElement *srtpdec;
@@ -380,13 +383,109 @@ on_srtpdec_request_key (GstElement *srtpdec,
guint ssrc,
gpointer user_data)
{
- /* TODO get key */
- return gst_caps_new_simple ("application/x-srtp",
- "srtp-cipher", G_TYPE_STRING, "null",
- "srtcp-cipher", G_TYPE_STRING, "null",
- "srtp-auth", G_TYPE_STRING, "null",
- "srtcp-auth", G_TYPE_STRING, "null",
+ CallsSipMediaPipeline *self = CALLS_SIP_MEDIA_PIPELINE (user_data);
+
+ GstCaps *caps;
+
+ const char *srtp_cipher = "null";
+ const char *srtcp_cipher = "null";
+ const char *srtp_auth = "null";
+ const char *srtcp_auth = "null";
+
+ gboolean need_mki;
+
+ if (!calls_srtp_crypto_get_srtpdec_params (self->crypto_theirs,
+ &srtp_cipher,
+ &srtp_auth,
+ &srtcp_cipher,
+ &srtcp_auth))
+ return NULL;
+
+ if (self->crypto_theirs->n_key_params == 0 ||
+ self->crypto_theirs->n_key_params > 16) {
+ g_warning ("Got %u key parameters, but can only handle between 1 and 16",
+ self->crypto_theirs->n_key_params);
+
+ return NULL;
+ }
+
+ need_mki = self->crypto_theirs->n_key_params > 1;
+
+ if (self->crypto_theirs->n_key_params == 1) {
+ /* g_autofree guchar *key_salt = NULL; */
+ guchar *key_salt = NULL;
+ gsize key_salt_length;
+ g_autoptr (GstBuffer) key_buffer = NULL;
+
+ key_salt = g_base64_decode (self->crypto_theirs->key_params[0].b64_keysalt,
+ &key_salt_length);
+ key_buffer = gst_buffer_new_wrapped (key_salt, key_salt_length);
+
+ /* TODO Setting up MKI buffer not implemented yet */
+ if (self->crypto_theirs->key_params[0].mki) {
+ g_warning ("Using MKI is not implemented yet");
+ return NULL;
+ }
+
+ return gst_caps_new_simple ("application/x-srtp",
+ "srtp-key", GST_TYPE_BUFFER, key_buffer,
+ "srtp-cipher", G_TYPE_STRING, srtp_cipher,
+ "srtcp-cipher", G_TYPE_STRING, srtcp_cipher,
+ "srtp-auth", G_TYPE_STRING, srtp_auth,
+ "srtcp-auth", G_TYPE_STRING, srtcp_auth,
+ NULL);
+
+ }
+
+ /* TODO Setting up MKI buffer not implemented yet */
+ g_warning ("Using MKI is not implemented yet");
+ return NULL;
+
+ caps = gst_caps_new_simple ("application/x-srtp",
+ "srtp-cipher", G_TYPE_STRING, srtp_cipher,
+ "srtcp-cipher", G_TYPE_STRING, srtcp_cipher,
+ "srtp-auth", G_TYPE_STRING, srtp_auth,
+ "srtcp-auth", G_TYPE_STRING, srtcp_auth,
NULL);
+
+
+ for (guint i = 0; i < self->crypto_theirs->n_key_params; i++) {
+ GstStructure *structure;
+
+ g_autofree char *structure_name = g_strdup_printf ("key-%u", i);
+
+ guchar *key_salt = NULL;
+ gsize key_salt_length;
+ g_autoptr (GstBuffer) key_buffer = NULL;
+ g_autoptr (GstBuffer) mki_buffer = NULL;
+
+ key_salt = g_base64_decode (self->crypto_theirs->key_params[0].b64_keysalt,
+ &key_salt_length);
+ key_buffer = gst_buffer_new_wrapped (key_salt, key_salt_length);
+
+
+ if (i == 0 && need_mki) {
+ structure = gst_structure_new (structure_name,
+ "srtp-key", GST_TYPE_BUFFER, key_buffer,
+ "mki", GST_TYPE_BUFFER, mki_buffer,
+ NULL);
+ } else if (i == 0 && !need_mki) {
+ structure = gst_structure_new (structure_name,
+ "srtp-key", GST_TYPE_BUFFER, key_buffer,
+ NULL);
+ } else {
+ g_autofree char *key_field_name = g_strdup_printf ("srtp-key%u", i+1);
+ g_autofree char *mki_field_name = g_strdup_printf ("mki%u", i+1);
+
+ structure = gst_structure_new (structure_name,
+ key_field_name, GST_TYPE_BUFFER, key_buffer,
+ mki_field_name, GST_TYPE_BUFFER, mki_buffer,
+ NULL);
+ }
+ gst_caps_append_structure (caps, structure);
+ }
+
+ return caps;
}
@@ -543,8 +642,6 @@ pipeline_init (CallsSipMediaPipeline *self,
self);
MAKE_ELEMENT (srtpenc, "srtpenc", "srtpenc");
- g_object_set (self->srtpenc,
- "rtp-cipher", 0, "rtp-auth", 0, "rtcp-cipher", 0, "rtcp-auth", 0, NULL);
#if GST_CHECK_VERSION (1, 20, 0)
tmppad = gst_element_request_pad_simple (self->srtpenc, "rtp_sink_0");
@@ -1060,6 +1157,60 @@ calls_sip_media_pipeline_set_codec (CallsSipMediaPipeline *self,
}
+void
+calls_sip_media_pipeline_set_crypto (CallsSipMediaPipeline *self,
+ calls_srtp_crypto_attribute *crypto_own,
+ calls_srtp_crypto_attribute *crypto_theirs)
+{
+ guchar *key_salt = NULL;
+ gsize key_salt_length;
+ GstSrtpCipherType srtp_cipher;
+ GstSrtpAuthType srtp_auth;
+ GstSrtpCipherType srtcp_cipher;
+ GstSrtpAuthType srtcp_auth;
+
+ g_autoptr (GstBuffer) key_buffer = NULL;
+
+ g_return_if_fail (CALLS_IS_SIP_MEDIA_PIPELINE (self));
+ g_return_if_fail (crypto_own);
+ g_return_if_fail (crypto_theirs);
+ g_return_if_fail (crypto_own->crypto_suite == crypto_theirs->crypto_suite);
+ g_return_if_fail (crypto_own->tag == crypto_theirs->tag);
+
+ if (self->use_srtp)
+ return;
+
+ self->use_srtp = TRUE;
+ self->crypto_own = crypto_own;
+ self->crypto_theirs = crypto_theirs;
+
+ if (!calls_srtp_crypto_get_srtpenc_params (crypto_own,
+ &srtp_cipher,
+ &srtp_auth,
+ &srtcp_cipher,
+ &srtcp_auth)) {
+ g_autofree char *attr_str =
+ calls_srtp_print_sdp_crypto_attribute (crypto_own, NULL);
+ g_warning ("Could not get srtpenc parameters from attribute: %s", attr_str);
+ return;
+ }
+
+ /* TODO MKI stuff */
+
+ key_salt = g_base64_decode (crypto_own->key_params[0].b64_keysalt,
+ &key_salt_length);
+ key_buffer = gst_buffer_new_wrapped (key_salt, key_salt_length);
+
+ g_object_set (self->srtpenc,
+ "key", key_buffer,
+ "rtp-cipher", srtp_cipher,
+ "rtp-auth", srtp_auth,
+ "rtcp-cipher", srtcp_cipher,
+ "rtcp-auth", srtcp_auth,
+ NULL);
+}
+
+
static void
diagnose_used_ports_in_socket (GSocket *socket)
{
diff --git a/plugins/sip/calls-sip-media-pipeline.h b/plugins/sip/calls-sip-media-pipeline.h
index 951cc921..720aa55a 100644
--- a/plugins/sip/calls-sip-media-pipeline.h
+++ b/plugins/sip/calls-sip-media-pipeline.h
@@ -24,6 +24,7 @@
#pragma once
+#include "calls-srtp-utils.h"
#include "gst-rfc3551.h"
#include <glib-object.h>
@@ -67,6 +68,9 @@ G_DECLARE_FINAL_TYPE (CallsSipMediaPipeline, calls_sip_media_pipeline, CALLS, SI
CallsSipMediaPipeline* calls_sip_media_pipeline_new (MediaCodecInfo *codec);
void calls_sip_media_pipeline_set_codec (CallsSipMediaPipeline *self,
MediaCodecInfo *info);
+void calls_sip_media_pipeline_set_crypto (CallsSipMediaPipeline *self,
+ calls_srtp_crypto_attribute *crypto_own,
+ calls_srtp_crypto_attribute
*crypto_theirs);
void calls_sip_media_pipeline_start (CallsSipMediaPipeline *self);
void calls_sip_media_pipeline_stop (CallsSipMediaPipeline *self);
void calls_sip_media_pipeline_pause (CallsSipMediaPipeline *self,
diff --git a/plugins/sip/calls-srtp-utils.c b/plugins/sip/calls-srtp-utils.c
index a7a87e65..1cde3f7b 100644
--- a/plugins/sip/calls-srtp-utils.c
+++ b/plugins/sip/calls-srtp-utils.c
@@ -691,3 +691,81 @@ calls_srtp_crypto_attribute_free (calls_srtp_crypto_attribute *attr)
g_free (attr->b64_fec_key);
g_free (attr);
}
+
+/**
+ * calls_srtp_crypto_get_srtpdec_params:
+ * @attr: A #calls_srtp_crypto_attribute
+ * @srtp_cipher (out): SRTP cipher
+ * @srtp_auth (out): SRTP auth
+ * @srtcp_cipher (out): SRTCP cipher
+ * @srtcp_auth (out): SRTCP auth
+ *
+ * Sets the parameters suitable for #GstSrtpDec (as a #GstCaps).
+ */
+gboolean
+calls_srtp_crypto_get_srtpdec_params (calls_srtp_crypto_attribute *attr,
+ const char **srtp_cipher,
+ const char **srtp_auth,
+ const char **srtcp_cipher,
+ const char **srtcp_auth)
+{
+ g_return_val_if_fail (attr, FALSE);
+
+ if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_32) {
+ *srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-128-icm";
+ *srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-32";
+ *srtcp_cipher = attr->unencrypted_srtcp ? "null" : "aes-128-icm";
+ *srtcp_auth = attr->unencrypted_srtcp ? "null" : "hmac-sha1-32";
+
+ return TRUE;
+ } else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_80) {
+ *srtp_cipher = attr->unencrypted_srtp ? "null" : "aes-128-icm";
+ *srtp_auth = attr->unauthenticated_srtp ? "null" : "hmac-sha1-80";
+ *srtcp_cipher = attr->unencrypted_srtcp ? "null" : "aes-128-icm";
+ *srtcp_auth = attr->unencrypted_srtcp ? "null" : "hmac-sha1-80";
+
+ return TRUE;
+ }
+
+ return FALSE;
+}
+
+
+/**
+ * calls_srtp_crypto_get_srtpenc_params:
+ * @attr: A #calls_srtp_crypto_attribute
+ * @srtp_cipher (out): SRTP cipher
+ * @srtp_auth (out): SRTP auth
+ * @srtcp_cipher (out): SRTCP cipher
+ * @srtcp_auth (out): SRTCP auth
+ *
+ * Sets the parameters suitable for #GstSrtpDec (as a #GstCaps).
+ */
+gboolean
+calls_srtp_crypto_get_srtpenc_params (calls_srtp_crypto_attribute *attr,
+ GstSrtpCipherType *srtp_cipher,
+ GstSrtpAuthType *srtp_auth,
+ GstSrtpCipherType *srtcp_cipher,
+ GstSrtpAuthType *srtcp_auth)
+{
+ g_return_val_if_fail (attr, FALSE);
+
+ if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_32) {
+ *srtp_cipher = attr->unencrypted_srtp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
+ *srtp_auth = attr->unauthenticated_srtp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_32;
+ *srtcp_cipher = attr->unencrypted_srtcp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
+ *srtcp_auth = attr->unencrypted_srtcp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_32;
+
+ return TRUE;
+ } else if (attr->crypto_suite == CALLS_SRTP_SUITE_AES_128_SHA1_80) {
+
+ *srtp_cipher = attr->unencrypted_srtp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
+ *srtp_auth = attr->unauthenticated_srtp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_80;
+ *srtcp_cipher = attr->unencrypted_srtcp ? GST_SRTP_CIPHER_NULL : GST_SRTP_CIPHER_AES_128_ICM;
+ *srtcp_auth = attr->unencrypted_srtcp ? GST_SRTP_AUTH_NULL : GST_SRTP_AUTH_HMAC_SHA1_80;
+
+ return TRUE;
+ }
+
+ return FALSE;
+}
diff --git a/plugins/sip/calls-srtp-utils.h b/plugins/sip/calls-srtp-utils.h
index 72d37ca7..781136a0 100644
--- a/plugins/sip/calls-srtp-utils.h
+++ b/plugins/sip/calls-srtp-utils.h
@@ -49,6 +49,23 @@ typedef enum {
} calls_srtp_lifetime_type;
+/* from GStreamer */
+typedef enum {
+ GST_SRTP_CIPHER_NULL,
+ GST_SRTP_CIPHER_AES_128_ICM,
+ GST_SRTP_CIPHER_AES_256_ICM,
+ GST_SRTP_CIPHER_AES_128_GCM,
+ GST_SRTP_CIPHER_AES_256_GCM
+} GstSrtpCipherType;
+
+
+typedef enum {
+ GST_SRTP_AUTH_NULL,
+ GST_SRTP_AUTH_HMAC_SHA1_32,
+ GST_SRTP_AUTH_HMAC_SHA1_80
+} GstSrtpAuthType;
+
+
typedef struct {
char *b64_keysalt;
calls_srtp_lifetime_type lifetime_type;
@@ -98,6 +115,16 @@ calls_srtp_crypto_attribute *calls_srtp_crypto_attribute_new (guint n_
gboolean calls_srtp_crypto_attribute_init_keys (calls_srtp_crypto_attribute *attr);
void calls_srtp_crypto_attribute_free (calls_srtp_crypto_attribute *attr);
char *calls_srtp_generate_crypto_for_offer (void);
+gboolean calls_srtp_crypto_get_srtpdec_params (calls_srtp_crypto_attribute *attr,
+ const char
**srtp_cipher,
+ const char
**srtp_auth,
+ const char
**srtcp_cipher,
+ const char
**srtcp_auth);
+gboolean calls_srtp_crypto_get_srtpenc_params (calls_srtp_crypto_attribute *attr,
+ GstSrtpCipherType
*srtp_cipher,
+ GstSrtpAuthType
*srtp_auth,
+ GstSrtpCipherType
*srtcp_cipher,
+ GstSrtpAuthType
*srtcp_auth);
G_DEFINE_AUTOPTR_CLEANUP_FUNC (calls_srtp_crypto_attribute, calls_srtp_crypto_attribute_free)
diff --git a/tests/test-srtp.c b/tests/test-srtp.c
index 1d352311..e8228b9f 100644
--- a/tests/test-srtp.c
+++ b/tests/test-srtp.c
@@ -223,6 +223,252 @@ test_parse (void)
}
+static void
+test_srtp_params (void)
+{
+ calls_srtp_crypto_attribute *attr = calls_srtp_crypto_attribute_new (1);
+ const char *srtp_cipher;
+ const char *srtp_auth;
+ const char *srtcp_cipher;
+ const char *srtcp_auth;
+ GstSrtpCipherType srtp_cipher_enum;
+ GstSrtpAuthType srtp_auth_enum;
+ GstSrtpCipherType srtcp_cipher_enum;
+ GstSrtpAuthType srtcp_auth_enum;
+
+ attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
+ attr->unencrypted_srtp = FALSE;
+ attr->unauthenticated_srtp = FALSE;
+ attr->unencrypted_srtcp = FALSE;
+
+ g_assert_true (calls_srtp_crypto_get_srtpdec_params (attr,
+ &srtp_cipher,
+ &srtp_auth,
+ &srtcp_cipher,
+ &srtcp_auth));
+ g_assert_cmpstr (srtp_cipher, ==, "aes-128-icm");
+ g_assert_cmpstr (srtp_auth, ==, "hmac-sha1-32");
+ g_assert_cmpstr (srtcp_cipher, ==, "aes-128-icm");
+ g_assert_cmpstr (srtcp_auth, ==, "hmac-sha1-32");
+
+ g_assert_true (calls_srtp_crypto_get_srtpenc_params (attr,
+ &srtp_cipher_enum,
+ &srtp_auth_enum,
+ &srtcp_cipher_enum,
+ &srtcp_auth_enum));
+
+ g_assert_cmpint (srtp_cipher_enum, ==, GST_SRTP_CIPHER_AES_128_ICM);
+ g_assert_cmpint (srtp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
+ g_assert_cmpint (srtcp_cipher_enum, ==, GST_SRTP_CIPHER_AES_128_ICM);
+ g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
+
+
+ attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
+ attr->unencrypted_srtp = TRUE;
+ attr->unauthenticated_srtp = FALSE;
+ attr->unencrypted_srtcp = FALSE;
+
+ g_assert_true (calls_srtp_crypto_get_srtpdec_params (attr,
+ &srtp_cipher,
+ &srtp_auth,
+ &srtcp_cipher,
+ &srtcp_auth));
+ g_assert_cmpstr (srtp_cipher, ==, "null");
+ g_assert_cmpstr (srtp_auth, ==, "hmac-sha1-32");
+ g_assert_cmpstr (srtcp_cipher, ==, "aes-128-icm");
+ g_assert_cmpstr (srtcp_auth, ==, "hmac-sha1-32");
+
+ g_assert_true (calls_srtp_crypto_get_srtpenc_params (attr,
+ &srtp_cipher_enum,
+ &srtp_auth_enum,
+ &srtcp_cipher_enum,
+ &srtcp_auth_enum));
+
+ g_assert_cmpint (srtp_cipher_enum, ==, GST_SRTP_CIPHER_NULL);
+ g_assert_cmpint (srtp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
+ g_assert_cmpint (srtcp_cipher_enum, ==, GST_SRTP_CIPHER_AES_128_ICM);
+ g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
+
+
+ attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
+ attr->unencrypted_srtp = FALSE;
+ attr->unauthenticated_srtp = TRUE;
+ attr->unencrypted_srtcp = FALSE;
+
+ g_assert_true (calls_srtp_crypto_get_srtpdec_params (attr,
+ &srtp_cipher,
+ &srtp_auth,
+ &srtcp_cipher,
+ &srtcp_auth));
+ g_assert_cmpstr (srtp_cipher, ==, "aes-128-icm");
+ g_assert_cmpstr (srtp_auth, ==, "null");
+ g_assert_cmpstr (srtcp_cipher, ==, "aes-128-icm");
+ g_assert_cmpstr (srtcp_auth, ==, "hmac-sha1-32");
+
+ g_assert_true (calls_srtp_crypto_get_srtpenc_params (attr,
+ &srtp_cipher_enum,
+ &srtp_auth_enum,
+ &srtcp_cipher_enum,
+ &srtcp_auth_enum));
+
+ g_assert_cmpint (srtp_cipher_enum, ==, GST_SRTP_CIPHER_AES_128_ICM);
+ g_assert_cmpint (srtp_auth_enum, ==, GST_SRTP_AUTH_NULL);
+ g_assert_cmpint (srtcp_cipher_enum, ==, GST_SRTP_CIPHER_AES_128_ICM);
+ g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
+
+
+ attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_32;
+ attr->unencrypted_srtp = FALSE;
+ attr->unauthenticated_srtp = FALSE;
+ attr->unencrypted_srtcp = TRUE;
+
+ g_assert_true (calls_srtp_crypto_get_srtpdec_params (attr,
+ &srtp_cipher,
+ &srtp_auth,
+ &srtcp_cipher,
+ &srtcp_auth));
+ g_assert_cmpstr (srtp_cipher, ==, "aes-128-icm");
+ g_assert_cmpstr (srtp_auth, ==, "hmac-sha1-32");
+ g_assert_cmpstr (srtcp_cipher, ==, "null");
+ g_assert_cmpstr (srtcp_auth, ==, "null");
+
+ g_assert_true (calls_srtp_crypto_get_srtpenc_params (attr,
+ &srtp_cipher_enum,
+ &srtp_auth_enum,
+ &srtcp_cipher_enum,
+ &srtcp_auth_enum));
+
+ g_assert_cmpint (srtp_cipher_enum, ==, GST_SRTP_CIPHER_AES_128_ICM);
+ g_assert_cmpint (srtp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_32);
+ g_assert_cmpint (srtcp_cipher_enum, ==, GST_SRTP_CIPHER_NULL);
+ g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_NULL);
+
+
+ attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
+ attr->unencrypted_srtp = FALSE;
+ attr->unauthenticated_srtp = FALSE;
+ attr->unencrypted_srtcp = FALSE;
+
+ g_assert_true (calls_srtp_crypto_get_srtpdec_params (attr,
+ &srtp_cipher,
+ &srtp_auth,
+ &srtcp_cipher,
+ &srtcp_auth));
+ g_assert_cmpstr (srtp_cipher, ==, "aes-128-icm");
+ g_assert_cmpstr (srtp_auth, ==, "hmac-sha1-80");
+ g_assert_cmpstr (srtcp_cipher, ==, "aes-128-icm");
+ g_assert_cmpstr (srtcp_auth, ==, "hmac-sha1-80");
+
+ g_assert_true (calls_srtp_crypto_get_srtpenc_params (attr,
+ &srtp_cipher_enum,
+ &srtp_auth_enum,
+ &srtcp_cipher_enum,
+ &srtcp_auth_enum));
+
+ g_assert_cmpint (srtp_cipher_enum, ==, GST_SRTP_CIPHER_AES_128_ICM);
+ g_assert_cmpint (srtp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
+ g_assert_cmpint (srtcp_cipher_enum, ==, GST_SRTP_CIPHER_AES_128_ICM);
+ g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
+
+
+ attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
+ attr->unencrypted_srtp = TRUE;
+ attr->unauthenticated_srtp = FALSE;
+ attr->unencrypted_srtcp = FALSE;
+
+ g_assert_true (calls_srtp_crypto_get_srtpdec_params (attr,
+ &srtp_cipher,
+ &srtp_auth,
+ &srtcp_cipher,
+ &srtcp_auth));
+ g_assert_cmpstr (srtp_cipher, ==, "null");
+ g_assert_cmpstr (srtp_auth, ==, "hmac-sha1-80");
+ g_assert_cmpstr (srtcp_cipher, ==, "aes-128-icm");
+ g_assert_cmpstr (srtcp_auth, ==, "hmac-sha1-80");
+
+ g_assert_true (calls_srtp_crypto_get_srtpenc_params (attr,
+ &srtp_cipher_enum,
+ &srtp_auth_enum,
+ &srtcp_cipher_enum,
+ &srtcp_auth_enum));
+
+ g_assert_cmpint (srtp_cipher_enum, ==, GST_SRTP_CIPHER_NULL);
+ g_assert_cmpint (srtp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
+ g_assert_cmpint (srtcp_cipher_enum, ==, GST_SRTP_CIPHER_AES_128_ICM);
+ g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
+
+
+ attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
+ attr->unencrypted_srtp = FALSE;
+ attr->unauthenticated_srtp = TRUE;
+ attr->unencrypted_srtcp = FALSE;
+
+ g_assert_true (calls_srtp_crypto_get_srtpdec_params (attr,
+ &srtp_cipher,
+ &srtp_auth,
+ &srtcp_cipher,
+ &srtcp_auth));
+ g_assert_cmpstr (srtp_cipher, ==, "aes-128-icm");
+ g_assert_cmpstr (srtp_auth, ==, "null");
+ g_assert_cmpstr (srtcp_cipher, ==, "aes-128-icm");
+ g_assert_cmpstr (srtcp_auth, ==, "hmac-sha1-80");
+
+ g_assert_true (calls_srtp_crypto_get_srtpenc_params (attr,
+ &srtp_cipher_enum,
+ &srtp_auth_enum,
+ &srtcp_cipher_enum,
+ &srtcp_auth_enum));
+
+ g_assert_cmpint (srtp_cipher_enum, ==, GST_SRTP_CIPHER_AES_128_ICM);
+ g_assert_cmpint (srtp_auth_enum, ==, GST_SRTP_AUTH_NULL);
+ g_assert_cmpint (srtcp_cipher_enum, ==, GST_SRTP_CIPHER_AES_128_ICM);
+ g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
+
+
+ attr->crypto_suite = CALLS_SRTP_SUITE_AES_128_SHA1_80;
+ attr->unencrypted_srtp = FALSE;
+ attr->unauthenticated_srtp = FALSE;
+ attr->unencrypted_srtcp = TRUE;
+
+ g_assert_true (calls_srtp_crypto_get_srtpdec_params (attr,
+ &srtp_cipher,
+ &srtp_auth,
+ &srtcp_cipher,
+ &srtcp_auth));
+ g_assert_cmpstr (srtp_cipher, ==, "aes-128-icm");
+ g_assert_cmpstr (srtp_auth, ==, "hmac-sha1-80");
+ g_assert_cmpstr (srtcp_cipher, ==, "null");
+ g_assert_cmpstr (srtcp_auth, ==, "null");
+
+ g_assert_true (calls_srtp_crypto_get_srtpenc_params (attr,
+ &srtp_cipher_enum,
+ &srtp_auth_enum,
+ &srtcp_cipher_enum,
+ &srtcp_auth_enum));
+
+ g_assert_cmpint (srtp_cipher_enum, ==, GST_SRTP_CIPHER_AES_128_ICM);
+ g_assert_cmpint (srtp_auth_enum, ==, GST_SRTP_AUTH_HMAC_SHA1_80);
+ g_assert_cmpint (srtcp_cipher_enum, ==, GST_SRTP_CIPHER_NULL);
+ g_assert_cmpint (srtcp_auth_enum, ==, GST_SRTP_AUTH_NULL);
+
+
+ attr->crypto_suite = CALLS_SRTP_SUITE_UNKNOWN;
+
+ g_assert_false (calls_srtp_crypto_get_srtpdec_params (attr,
+ &srtp_cipher,
+ &srtp_auth,
+ &srtcp_cipher,
+ &srtcp_auth));
+
+ g_assert_false (calls_srtp_crypto_get_srtpenc_params (attr,
+ &srtp_cipher_enum,
+ &srtp_auth_enum,
+ &srtcp_cipher_enum,
+ &srtcp_auth_enum));
+ calls_srtp_crypto_attribute_free (attr);
+}
+
+
int
main (int argc,
char *argv[])
@@ -231,6 +477,7 @@ main (int argc,
g_test_add_func ("/Calls/SRTP-SDP/crypto_attribute_validity", test_crypto_attribute_validity);
g_test_add_func ("/Calls/SRTP-SDP/parse", test_parse);
+ g_test_add_func ("/Calls/SRTP/srtp_params", test_srtp_params);
return g_test_run ();
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
