return ntp_time_source_type;
}
-#define AES_128_KEY_LEN 16
-#define AES_256_KEY_LEN 32
-
-#define HMAC_32_KEY_LEN 4
-#define HMAC_80_KEY_LEN 10
-
#define DEFAULT_LOCATION NULL
#define DEFAULT_PROTOCOLS GST_RTSP_LOWER_TRANS_UDP | GST_RTSP_LOWER_TRANS_UDP_MCAST | GST_RTSP_LOWER_TRANS_TCP
#define DEFAULT_DEBUG FALSE
return GST_RTSP_ERROR;
}
-static guint8
-enc_key_length_from_cipher_name (const gchar * cipher)
-{
- if (g_strcmp0 (cipher, "aes-128-icm") == 0)
- return AES_128_KEY_LEN;
- else if (g_strcmp0 (cipher, "aes-256-icm") == 0)
- return AES_256_KEY_LEN;
- else {
- GST_ERROR ("encryption algorithm '%s' not supported", cipher);
- return 0;
- }
-}
-
-static guint8
-auth_key_length_from_auth_name (const gchar * auth)
-{
- if (g_strcmp0 (auth, "hmac-sha1-32") == 0)
- return HMAC_32_KEY_LEN;
- else if (g_strcmp0 (auth, "hmac-sha1-80") == 0)
- return HMAC_80_KEY_LEN;
- else {
- GST_ERROR ("authentication algorithm '%s' not supported", auth);
- return 0;
- }
-}
-
static GstCaps *
signal_get_srtcp_params (GstRTSPClientSink * sink,
GstRTSPStreamContext * context)
gst_rtsp_client_sink_stream_make_keymgmt (GstRTSPClientSink * sink,
GstRTSPStreamContext * context)
{
- GBytes *bytes;
- gchar *result, *base64;
- const guint8 *data;
- gsize size;
- GstMIKEYMessage *msg;
- GstMIKEYPayload *payload, *pkd;
- guint8 byte;
- GstStructure *s;
- GstMapInfo info;
- GstBuffer *srtpkey;
- const GValue *val;
- const gchar *srtcpcipher, *srtcpauth;
- guint send_ssrc;
+ gchar *base64, *result = NULL;
+ GstMIKEYMessage *mikey_msg;
context->srtcpparams = signal_get_srtcp_params (sink, context);
if (context->srtcpparams == NULL)
context->srtcpparams = gst_rtsp_stream_get_caps (context->stream);
- s = gst_caps_get_structure (context->srtcpparams, 0);
+ mikey_msg = gst_mikey_message_new_from_caps (context->srtcpparams);
+ if (mikey_msg) {
+ guint send_ssrc;
- srtcpcipher = gst_structure_get_string (s, "srtcp-cipher");
- srtcpauth = gst_structure_get_string (s, "srtcp-auth");
- val = gst_structure_get_value (s, "srtp-key");
+ /* add policy '0' for our SSRC */
+ gst_rtsp_stream_get_ssrc (context->stream, &send_ssrc);
+ GST_LOG_OBJECT (sink, "Stream %p ssrc %x", context->stream, send_ssrc);
+ gst_mikey_message_add_cs_srtp (mikey_msg, 0, send_ssrc, 0);
- if (srtcpcipher == NULL || srtcpauth == NULL || val == NULL) {
- GST_ERROR_OBJECT (sink, "could not find the right SRTP parameters in caps");
- return NULL;
- }
+ base64 = gst_mikey_message_base64_encode (mikey_msg);
+ gst_mikey_message_unref (mikey_msg);
- srtpkey = gst_value_get_buffer (val);
-
- gst_rtsp_stream_get_ssrc (context->stream, &send_ssrc);
- GST_LOG_OBJECT (sink, "Stream %p ssrc %x", context->stream, send_ssrc);
-
- msg = gst_mikey_message_new ();
- /* unencrypted MIKEY message, we send this over TLS so this is allowed */
- gst_mikey_message_set_info (msg, GST_MIKEY_VERSION, GST_MIKEY_TYPE_PSK_INIT,
- FALSE, GST_MIKEY_PRF_MIKEY_1, g_random_int (), GST_MIKEY_MAP_TYPE_SRTP);
- /* add policy '0' for our SSRC */
- gst_mikey_message_add_cs_srtp (msg, 0, send_ssrc, 0);
- /* timestamp is now */
- gst_mikey_message_add_t_now_ntp_utc (msg);
- /* add some random data */
- gst_mikey_message_add_rand_len (msg, 16);
-
- /* the policy '0' is SRTP */
- payload = gst_mikey_payload_new (GST_MIKEY_PT_SP);
- gst_mikey_payload_sp_set (payload, 0, GST_MIKEY_SEC_PROTO_SRTP);
-
- /* only AES-CM is supported */
- byte = 1;
- gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_ENC_ALG, 1, &byte);
- /* encryption key length */
- byte = enc_key_length_from_cipher_name (srtcpcipher);
- gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_ENC_KEY_LEN, 1,
- &byte);
- /* only HMAC-SHA1 */
- gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_AUTH_ALG, 1,
- &byte);
- /* authentication key length */
- byte = auth_key_length_from_auth_name (srtcpauth);
- gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_AUTH_KEY_LEN, 1,
- &byte);
- /* we enable encryption on RTP and RTCP */
- gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_SRTP_ENC, 1,
- &byte);
- gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_SRTCP_ENC, 1,
- &byte);
- /* we enable authentication on RTP and RTCP */
- gst_mikey_payload_sp_add_param (payload, GST_MIKEY_SP_SRTP_SRTP_AUTH, 1,
- &byte);
- gst_mikey_message_add_payload (msg, payload);
-
- /* make unencrypted KEMAC */
- payload = gst_mikey_payload_new (GST_MIKEY_PT_KEMAC);
- gst_mikey_payload_kemac_set (payload, GST_MIKEY_ENC_NULL, GST_MIKEY_MAC_NULL);
- /* add the key in KEMAC */
- pkd = gst_mikey_payload_new (GST_MIKEY_PT_KEY_DATA);
- gst_buffer_map (srtpkey, &info, GST_MAP_READ);
- gst_mikey_payload_key_data_set_key (pkd, GST_MIKEY_KD_TEK, info.size,
- info.data);
- gst_buffer_unmap (srtpkey, &info);
- gst_mikey_payload_kemac_add_sub (payload, pkd);
- gst_mikey_message_add_payload (msg, payload);
-
- /* now serialize this to bytes */
- bytes = gst_mikey_message_to_bytes (msg, NULL, NULL);
- gst_mikey_message_unref (msg);
- /* and make it into base64 */
- data = g_bytes_get_data (bytes, &size);
- base64 = g_base64_encode (data, size);
- g_bytes_unref (bytes);
-
- result = g_strdup_printf ("prot=mikey;uri=\"%s\";data=\"%s\"",
- context->conninfo.location, base64);
- g_free (base64);
+ if (base64) {
+ result = gst_sdp_make_keymgmt (context->conninfo.location, base64);
+ g_free (base64);
+ }
+ }
return result;
}
projects / platform / upstream / gstreamer.git / commitdiff