static int start_crypto(struct menc_st *st, const struct pl *key_info)
{
size_t olen;
int err;
/* key-info is BASE64 encoded */
olen = sizeof(st->key_rx);
err = base64_decode(key_info->p, key_info->l, st->key_rx, &olen);
if (err)
return err;
if (SRTP_MASTER_KEY_LEN != olen) {
DEBUG_WARNING("srtp keylen is %u (should be 30)\n", olen);
}
err = start_srtp(st, st->crypto_suite);
if (err)
return err;
info("srtp: %s: SRTP is Enabled (cryptosuite=%s)\n",
sdp_media_name(st->sdpm), st->crypto_suite);
return 0;
}
static int start_crypto(struct menc_st *st, const struct pl *key_info)
{
size_t olen, len;
char buf[64] = "";
int err;
len = get_master_keylen(resolve_suite(st->crypto_suite));
/* key-info is BASE64 encoded */
olen = sizeof(st->key_rx);
err = base64_decode(key_info->p, key_info->l, st->key_rx, &olen);
if (err)
return err;
if (len != olen) {
warning("srtp: %s: srtp keylen is %u (should be %zu)\n",
st->crypto_suite, olen, len);
}
err = start_srtp(st, st->crypto_suite);
if (err)
return err;
info("srtp: %s: SRTP is Enabled (cryptosuite=%s)\n",
sdp_media_name(st->sdpm), st->crypto_suite);
if (st->sess->eventh) {
if (re_snprintf(buf, sizeof(buf), "%s,%s",
sdp_media_name(st->sdpm),
st->crypto_suite))
st->sess->eventh(MENC_EVENT_SECURE, buf,
st->sess->arg);
else
warning("srtp: failed to print secure"
" event arguments\n");
}
return 0;
}
static pj_status_t transport_media_start(pjmedia_transport *tp,
pj_pool_t *pool,
const pjmedia_sdp_session *sdp_local,
const pjmedia_sdp_session *sdp_remote,
unsigned media_index)
{
struct transport_srtp *srtp = (struct transport_srtp*) tp;
pj_status_t last_err_st = PJ_EBUG;
pj_status_t status;
unsigned i;
PJ_ASSERT_RETURN(tp && pool && sdp_local && sdp_remote, PJ_EINVAL);
status = pjmedia_transport_media_start(srtp->member_tp, pool,
sdp_local, sdp_remote,
media_index);
if (status != PJ_SUCCESS || srtp->bypass_srtp)
return status;
/* Invoke media_start() of all keying methods */
for (i=0; i < srtp->keying_cnt; ) {
status = pjmedia_transport_media_start(srtp->keying[i], pool,
sdp_local, sdp_remote,
media_index);
if (status != PJ_SUCCESS) {
/* This keying method returns error, remove it */
pj_array_erase(srtp->keying, sizeof(srtp->keying[0]),
srtp->keying_cnt, i);
srtp->keying_cnt--;
last_err_st = status;
continue;
}
if (!srtp_crypto_empty(&srtp->tx_policy_neg) &&
!srtp_crypto_empty(&srtp->rx_policy_neg))
{
/* SRTP nego is done, let's destroy any other keying. */
unsigned j;
for (j = 0; j < srtp->keying_cnt; ++j) {
if (j != i)
pjmedia_transport_close(srtp->keying[j]);
}
srtp->keying_cnt = 1;
srtp->keying[0] = srtp->keying[i];
srtp->keying_pending_cnt = 0;
break;
}
i++;
}
/* All keying method failed to process remote SDP? */
if (srtp->keying_cnt == 0)
return last_err_st;
/* If SRTP key is being negotiated, just return now.
* The keying method should start the SRTP once keying nego is done.
*/
if (srtp->keying_pending_cnt)
return PJ_SUCCESS;
/* Start SRTP */
status = start_srtp(srtp);
return status;
}
