Skip to content

Commit 716e434

Browse files
logist322rainliu
logist322
authored and
rainliu
committed
srtcp
1 parent d126a8b commit 716e434

File tree

1 file changed

+23
-19
lines changed

1 file changed

+23
-19
lines changed

srtp/src/cipher/cipher_aes_cm_hmac_sha1.rs

Lines changed: 23 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,8 @@ pub(crate) struct CipherAesCmHmacSha1 {
3232
srtcp_session_auth: HmacSha1,
3333
//srtcp_session_auth_tag: Vec<u8>,
3434

35-
ctx: CipherCtx
35+
rtp_ctx: CipherCtx,
36+
rtcp_ctx: CipherCtx
3637
}
3738

3839
impl CipherAesCmHmacSha1 {
@@ -90,8 +91,13 @@ impl CipherAesCmHmacSha1 {
9091
.map_err(|e| Error::Other(e.to_string()))?;
9192

9293
let t = openssl::cipher::Cipher::aes_128_ctr();
93-
let mut ctx = CipherCtx::new().expect("a reusable cipher context");
94-
ctx.encrypt_init(Some(t), Some(&srtp_session_key[..]), None)
94+
let mut rtp_ctx = CipherCtx::new().expect("a reusable cipher context");
95+
rtp_ctx.encrypt_init(Some(t), Some(&srtp_session_key[..]), None)
96+
.expect("enc init");
97+
98+
let t = openssl::cipher::Cipher::aes_128_ctr();
99+
let mut rtcp_ctx = CipherCtx::new().expect("a reusable cipher context");
100+
rtcp_ctx.encrypt_init(Some(t), Some(&srtcp_session_key[..]), None)
95101
.expect("enc init");
96102

97103
Ok(CipherAesCmHmacSha1 {
@@ -103,7 +109,8 @@ impl CipherAesCmHmacSha1 {
103109
srtcp_session_salt,
104110
srtcp_session_auth,
105111
//srtcp_session_auth_tag,
106-
ctx,
112+
rtp_ctx,
113+
rtcp_ctx
107114
})
108115
}
109116

@@ -187,9 +194,9 @@ impl Cipher for CipherAesCmHmacSha1 {
187194
&self.srtp_session_salt,
188195
);
189196
writer.resize(payload.len(), 0);
190-
self.ctx.encrypt_init(None, None, Some(&nonce)).unwrap();
191-
let count = self.ctx.cipher_update(&payload[header_len..], Some(&mut writer[header_len..])).unwrap();
192-
self.ctx.cipher_final(&mut writer[count..]).unwrap();
197+
self.rtp_ctx.encrypt_init(None, None, Some(&nonce)).unwrap();
198+
let count = self.rtp_ctx.cipher_update(&payload[header_len..], Some(&mut writer[header_len..])).unwrap();
199+
self.rtp_ctx.cipher_final(&mut writer[count..]).unwrap();
193200

194201
// Generate and write the auth tag.
195202
let auth_tag = &self.generate_srtp_auth_tag(&writer, roc)[..self.auth_tag_len()];
@@ -236,9 +243,9 @@ impl Cipher for CipherAesCmHmacSha1 {
236243
);
237244

238245
writer.put_bytes(0, encrypted.len() - header_len - self.auth_tag_len());
239-
self.ctx.decrypt_init(None, None, Some(&nonce)).unwrap();
240-
let count = self.ctx.cipher_update(&cipher_text[header_len..], Some(&mut writer[header_len..])).unwrap();
241-
self.ctx.cipher_final(&mut writer[count..]).unwrap();
246+
self.rtp_ctx.decrypt_init(None, None, Some(&nonce)).unwrap();
247+
let count = self.rtp_ctx.cipher_update(&cipher_text[header_len..], Some(&mut writer[header_len..])).unwrap();
248+
self.rtp_ctx.cipher_final(&mut writer[count..]).unwrap();
242249

243250
Ok(writer.freeze())
244251
}
@@ -248,23 +255,20 @@ impl Cipher for CipherAesCmHmacSha1 {
248255
BytesMut::with_capacity(decrypted.len() + SRTCP_INDEX_SIZE + self.auth_tag_len());
249256

250257
// Write the decrypted to the destination buffer.
251-
writer.extend_from_slice(decrypted);
258+
writer.extend_from_slice(&decrypted[..rtcp::header::HEADER_LENGTH + rtcp::header::SSRC_LENGTH]);
252259

253260
// Encrypt everything after header
254-
let counter = generate_counter(
261+
let nonce = generate_counter(
255262
(srtcp_index & 0xFFFF) as u16,
256263
(srtcp_index >> 16) as u32,
257264
ssrc,
258265
&self.srtcp_session_salt,
259266
);
260267

261-
let key = GenericArray::from_slice(&self.srtcp_session_key);
262-
let nonce = GenericArray::from_slice(&counter);
263-
let mut stream = Aes128Ctr::new(key, nonce);
264-
265-
stream.apply_keystream(
266-
&mut writer[rtcp::header::HEADER_LENGTH + rtcp::header::SSRC_LENGTH..],
267-
);
268+
writer.resize(decrypted.len() - rtcp::header::HEADER_LENGTH - rtcp::header::SSRC_LENGTH, 0);
269+
self.rtcp_ctx.encrypt_init(None, None, Some(&nonce)).unwrap();
270+
let count = self.rtcp_ctx.cipher_update(&decrypted[rtcp::header::HEADER_LENGTH + rtcp::header::SSRC_LENGTH..], Some(&mut writer[rtcp::header::HEADER_LENGTH + rtcp::header::SSRC_LENGTH..])).unwrap();
271+
self.rtcp_ctx.cipher_final(&mut writer[rtcp::header::HEADER_LENGTH + rtcp::header::SSRC_LENGTH + count..]).unwrap();
268272

269273
// Add SRTCP index and set Encryption bit
270274
writer.put_u32(srtcp_index as u32 | (1u32 << 31));

0 commit comments

Comments
 (0)