Example #1
0
int trtp_srtp_set_key_and_salt(trtp_manager_t* rtp_mgr, trtp_srtp_crypto_type_t crypto_type, const void* key, tsk_size_t key_size, const void* salt, tsk_size_t salt_size, int32_t idx)
{
	int ret;
	trtp_srtp_ctx_xt* srtp_ctx;
	err_status_t srtp_err;
	if(!rtp_mgr || !key || !key_size || !salt || !salt_size){
		TSK_DEBUG_ERROR("Invalid parameter");
		return -1;
	}

	if((key_size + salt_size) > sizeof(srtp_ctx->key_bin)){
		TSK_DEBUG_ERROR("Invalid [key||salt].len [%u||%u]", key_size, salt_size);
	}

	srtp_ctx = &rtp_mgr->srtp_contexts[idx][0];
	if((ret = trtp_srtp_ctx_deinit(srtp_ctx))){
		return ret;
	}
		
	switch((srtp_ctx->crypto_type = crypto_type)){
		case HMAC_SHA1_80:
		default:
			{
				crypto_policy_set_aes_cm_128_hmac_sha1_80(&srtp_ctx->policy.rtp);
				crypto_policy_set_aes_cm_128_hmac_sha1_80(&srtp_ctx->policy.rtcp);
				break;
			}
		case HMAC_SHA1_32:
			{
				crypto_policy_set_aes_cm_128_hmac_sha1_32(&srtp_ctx->policy.rtp);
				crypto_policy_set_aes_cm_128_hmac_sha1_80(&srtp_ctx->policy.rtcp); // always 80
				break;
			}
	}

	memcpy(srtp_ctx->key_bin, key, key_size);
#if HAVE_APPEND_SALT_TO_KEY
	append_salt_to_key(srtp_ctx->key_bin, key_size, (void*)salt, salt_size);
#else
	memcpy(&srtp_ctx->key_bin[key_size], salt, salt_size);
#endif
	
	srtp_ctx->policy.key = srtp_ctx->key_bin;
	srtp_ctx->policy.ssrc.type = idx == TRTP_SRTP_LINE_IDX_REMOTE ? ssrc_any_inbound : ssrc_any_outbound;
	if((srtp_err = srtp_create(&srtp_ctx->session, &srtp_ctx->policy)) != err_status_ok){
		TSK_DEBUG_ERROR("srtp_create() failed: %d", srtp_err);
		return -3;
	}
	srtp_ctx->initialized = tsk_true;
	return 0;
}
Example #2
0
err_status_t test_dtls_srtp() {
    asrtpa_hdr_t *test_packet;
    int test_packet_len = 80;
    asrtpa_t s;
    asrtpa_policy_t policy;
    uint8_t key[ASRTPA_MAX_KEY_LEN];
    uint8_t salt[ASRTPA_MAX_KEY_LEN];
    unsigned int key_len, salt_len;
    asrtpa_profile_t profile;
    err_status_t err;

    /* create a 'null' SRTP session */
    err = asrtpa_create(&s, NULL);
    if (err)
        return err;

    /*
     * verify that packet-processing functions behave properly - we
     * expect that these functions will return err_status_no_ctx
     */
    test_packet = asrtpa_create_test_packet(80, 0xa5a5a5a5);
    if (test_packet == NULL)
        return err_status_alloc_fail;
    err = asrtpa_protect(s, test_packet, &test_packet_len);
    if (err != err_status_no_ctx) {
        printf("wrong return value from asrtpa_protect() (got code %d)\n", err);
        return err_status_fail;
    }
    err = asrtpa_unprotect(s, test_packet, &test_packet_len);
    if (err != err_status_no_ctx) {
        printf("wrong return value from asrtpa_unprotect() (got code %d)\n", err);
        return err_status_fail;
    }
    err = asrtpa_protect_rtcp(s, test_packet, &test_packet_len);
    if (err != err_status_no_ctx) {
        printf("wrong return value from asrtpa_protect_rtcp() (got code %d)\n",
                err);
        return err_status_fail;
    }
    err = asrtpa_unprotect_rtcp(s, test_packet, &test_packet_len);
    if (err != err_status_no_ctx) {
        printf("wrong return value from asrtpa_unprotect_rtcp() (got code %d)\n",
                err);
        return err_status_fail;
    }

    /*
     * set keys to known values for testing
     */
    profile = asrtpa_profile_aes128_cm_sha1_80;
    key_len = asrtpa_profile_get_master_key_length(profile);
    salt_len = asrtpa_profile_get_master_salt_length(profile);
    memset(key, 0xff, key_len);
    memset(salt, 0xee, salt_len);
    append_salt_to_key(key, key_len, salt, salt_len);
    policy.key = key;

    /* initialize SRTP policy from profile  */
    err = crypto_policy_set_from_profile_for_rtp(&policy.rtp, profile);
    if (err)
        return err;
    err = crypto_policy_set_from_profile_for_rtcp(&policy.rtcp, profile);
    if (err)
        return err;
    policy.ssrc.type = ssrc_any_inbound;
    policy.next = NULL;

    err = asrtpa_add_stream(s, &policy);
    if (err)
        return err;

    return err_status_ok;
}