Wip

logist322 · rainliu · commit 393f2bd48ede · 2023-08-09T18:30:53.000-07:00
diff --git a/srtp/benches/srtp_bench.rs b/srtp/benches/srtp_bench.rs
@@ -4,6 +4,17 @@ use util::Marshal;
 use webrtc_srtp::{context::Context, protection_profile::ProtectionProfile};
 
 fn benchmark_encrypt_rtp_aes_128_cm_hmac_sha1(c: &mut Criterion) {
+    let mut setup_ctx = Context::new(
+        &vec![
+            96, 180, 31, 4, 119, 137, 128, 252, 75, 194, 252, 44, 63, 56, 61, 55,
+        ],
+        &vec![247, 26, 49, 94, 99, 29, 79, 94, 5, 111, 252, 216, 62, 195],
+        ProtectionProfile::Aes128CmHmacSha1_80,
+        None,
+        None,
+    )
+    .unwrap();
+    
     let mut ctx = Context::new(
         &vec![
             96, 180, 31, 4, 119, 137, 128, 252, 75, 194, 252, 44, 63, 56, 61, 55,
@@ -20,7 +31,7 @@ fn benchmark_encrypt_rtp_aes_128_cm_hmac_sha1(c: &mut Criterion) {
         pld.extend_from_slice(&[i as u8]);
     }
 
-    c.bench_function("Benchmark context ", |b| {
+    c.bench_function("Benchmark encrypt", |b| {
         let mut seq = 1;
         b.iter_batched(
             || {
@@ -46,6 +57,33 @@ fn benchmark_encrypt_rtp_aes_128_cm_hmac_sha1(c: &mut Criterion) {
             criterion::BatchSize::LargeInput,
         );
     });
+
+    c.bench_function("Benchmark decrypt", |b| {
+        let mut seq = 1;
+        b.iter_batched(
+            || {
+                let pkt = rtp::packet::Packet {
+                    header: rtp::header::Header {
+                        sequence_number: seq,
+                        timestamp: seq.into(),
+                        extension_profile: 48862,
+                        marker: true,
+                        padding: false,
+                        extension: true,
+                        payload_type: 96,
+                        ..Default::default()
+                    },
+                    payload: pld.clone().into(),
+                };
+                seq += 1;
+                setup_ctx.encrypt_rtp(&pkt.marshal().unwrap()).unwrap()
+            },
+            |encrypted| {
+                ctx.decrypt_rtp(&encrypted).unwrap()
+            },
+            criterion::BatchSize::LargeInput,
+        );
+    });
 }
 
 criterion_group!(benches, benchmark_encrypt_rtp_aes_128_cm_hmac_sha1);
diff --git a/srtp/src/cipher/cipher_aes_cm_hmac_sha1.rs b/srtp/src/cipher/cipher_aes_cm_hmac_sha1.rs
@@ -207,6 +207,7 @@ impl Cipher for CipherAesCmHmacSha1 {
         if encrypted.len() < self.auth_tag_len() {
             return Err(Error::SrtpTooSmall(encrypted.len(), self.auth_tag_len()));
         }
+        let header_len = header.marshal_size();
 
         let mut writer = BytesMut::with_capacity(encrypted.len() - self.auth_tag_len());
 
@@ -224,22 +225,20 @@ impl Cipher for CipherAesCmHmacSha1 {
         }
 
         // Write cipher_text to the destination buffer.
-        writer.extend_from_slice(cipher_text);
+        writer.extend_from_slice(&cipher_text[..header_len]);
 
         // Decrypt the ciphertext for the payload.
-        let counter = generate_counter(
+        let nonce = generate_counter(
             header.sequence_number,
             roc,
             header.ssrc,
             &self.srtp_session_salt,
         );
 
-        let key = GenericArray::from_slice(&self.srtp_session_key);
-        let nonce = GenericArray::from_slice(&counter);
-        let mut stream = Aes128Ctr::new(key, nonce);
-        let payload_offset = header.marshal_size();
-        stream.seek(0);
-        stream.apply_keystream(&mut writer[payload_offset..]);
+        writer.put_bytes(0, encrypted.len() - header_len - self.auth_tag_len());
+        self.ctx.encrypt_init(None, None, Some(&nonce)).unwrap();
+        let count = self.ctx.cipher_update(&cipher_text[header_len..], Some(&mut writer[header_len..])).unwrap();
+        self.ctx.cipher_final(&mut writer[count..]).unwrap();
 
         Ok(writer.freeze())
     }
diff --git a/srtp/src/session/mod.rs b/srtp/src/session/mod.rs
@@ -97,7 +97,7 @@ impl Session {
                 tokio::select! {
                     result = incoming_stream => match result{
                         Ok(()) => {},
-                        Err(err) => log::error!("{}", err),
+                        Err(err) => log::info!("{}", err),
                     },
                     opt = close_stream => if let Some(ssrc) = opt {
                         Session::close_stream(&cloned_streams_map, ssrc).await
diff --git a/util/src/replay_detector/mod.rs b/util/src/replay_detector/mod.rs
@@ -1,8 +1,6 @@
 #[cfg(test)]
 mod replay_detector_test;
 
-use std::collections::HashMap;
-
 use super::fixed_big_int::*;
 
 // ReplayDetector is the interface of sequence replay detector.
@@ -86,7 +84,6 @@ pub struct WrappedSlidingWindowDetector {
     window_size: usize,
     mask: FixedBigInt,
     init: bool,
-    duplicated: HashMap<u64, u8>,
 }
 
 impl WrappedSlidingWindowDetector {
@@ -101,27 +98,16 @@ impl WrappedSlidingWindowDetector {
             window_size,
             mask: FixedBigInt::new(window_size),
             init: false,
-            duplicated: HashMap::new(),
         }
     }
 }
 
 impl ReplayDetector for WrappedSlidingWindowDetector {
     fn check(&mut self, seq: u64) -> bool {
-        self.duplicated
-            .entry(seq)
-            .and_modify(|i| *i += 1)
-            .or_insert(1);
-        self.accepted = false;
-
         self.accepted = false;
 
         if seq > self.max_seq {
             // Exceeded upper limit.
-            log::error!(
-                "checked {seq} {}\nupper limit",
-                self.duplicated.get(&seq).unwrap_or(&0)
-            );
             return false;
         }
         if !self.init {
@@ -143,18 +129,10 @@ impl ReplayDetector for WrappedSlidingWindowDetector {
 
         if diff >= self.window_size as i64 {
             // Too old.
-            log::error!(
-                "checked {seq} {}\nold",
-                self.duplicated.get(&seq).unwrap_or(&0)
-            );
             return false;
         }
         if diff >= 0 && self.mask.bit(diff as usize) != 0 {
             // The sequence number is duplicated.
-            log::error!(
-                "checked {seq} {}\nduplicated",
-                self.duplicated.get(&seq).unwrap_or(&0)
-            );
             return false;
         }
 
