3
* Copyright 2009, Google Inc.
5
* Redistribution and use in source and binary forms, with or without
6
* modification, are permitted provided that the following conditions are met:
8
* 1. Redistributions of source code must retain the above copyright notice,
9
* this list of conditions and the following disclaimer.
10
* 2. Redistributions in binary form must reproduce the above copyright notice,
11
* this list of conditions and the following disclaimer in the documentation
12
* and/or other materials provided with the distribution.
13
* 3. The name of the author may not be used to endorse or promote products
14
* derived from this software without specific prior written permission.
16
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
17
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
18
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
19
* EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
20
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
21
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
22
* OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
23
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
25
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28
#ifndef TALK_SESSION_PHONE_SRTPFILTER_H_
29
#define TALK_SESSION_PHONE_SRTPFILTER_H_
36
#include "talk/base/basictypes.h"
37
#include "talk/base/scoped_ptr.h"
38
#include "talk/base/sigslotrepeater.h"
39
#include "talk/session/phone/cryptoparams.h"
40
#include "talk/p2p/base/sessiondescription.h"
42
// Forward declaration to avoid pulling in libsrtp headers here
43
struct srtp_event_data_t;
45
typedef srtp_ctx_t* srtp_t;
50
// Cipher suite to use for SRTP. Typically a 80-bit HMAC will be used, except
51
// in applications (voice) where the additional bandwidth may be significant.
52
// A 80-bit HMAC is always used for SRTCP.
53
// 128-bit AES with 80-bit SHA-1 HMAC.
54
extern const char CS_AES_CM_128_HMAC_SHA1_80[];
55
// 128-bit AES with 32-bit SHA-1 HMAC.
56
extern const char CS_AES_CM_128_HMAC_SHA1_32[];
57
// Key is 128 bits and salt is 112 bits == 30 bytes. B64 bloat => 40 bytes.
58
extern const int SRTP_MASTER_KEY_BASE64_LEN;
60
// Needed for DTLS-SRTP
61
extern const int SRTP_MASTER_KEY_KEY_LEN;
62
extern const int SRTP_MASTER_KEY_SALT_LEN;
67
void EnableSrtpDebugging();
69
// Class to transform SRTP to/from RTP.
70
// Initialize by calling SetSend with the local security params, then call
71
// SetRecv once the remote security params are received. At that point
72
// Protect/UnprotectRt(c)p can be called to encrypt/decrypt data.
73
// TODO: Figure out concurrency policy for SrtpFilter.
90
// Whether the filter is active (i.e. crypto has been properly negotiated).
91
bool IsActive() const;
93
// Indicates which crypto algorithms and keys were contained in the offer.
94
// offer_params should contain a list of available parameters to use, or none,
95
// if crypto is not desired. This must be called before SetAnswer.
96
bool SetOffer(const std::vector<CryptoParams>& offer_params,
97
ContentSource source);
98
// Indicates which crypto algorithms and keys were contained in the answer.
99
// answer_params should contain the negotiated parameters, which may be none,
100
// if crypto was not desired or could not be negotiated (and not required).
101
// This must be called after SetOffer. If crypto negotiation completes
102
// successfully, this will advance the filter to the active state.
103
bool SetAnswer(const std::vector<CryptoParams>& answer_params,
104
ContentSource source);
106
// Just set up both sets of keys directly.
107
// Used with DTLS-SRTP.
108
bool SetRtpParams(const std::string& send_cs,
109
const uint8* send_key, int send_key_len,
110
const std::string& recv_cs,
111
const uint8* recv_key, int recv_key_len);
112
bool SetRtcpParams(const std::string& send_cs,
113
const uint8* send_key, int send_key_len,
114
const std::string& recv_cs,
115
const uint8* recv_key, int recv_key_len);
117
// Encrypts/signs an individual RTP/RTCP packet, in-place.
118
// If an HMAC is used, this will increase the packet size.
119
bool ProtectRtp(void* data, int in_len, int max_len, int* out_len);
120
bool ProtectRtcp(void* data, int in_len, int max_len, int* out_len);
121
// Decrypts/verifies an invidiual RTP/RTCP packet.
122
// If an HMAC is used, this will decrease the packet size.
123
bool UnprotectRtp(void* data, int in_len, int* out_len);
124
bool UnprotectRtcp(void* data, int in_len, int* out_len);
126
// Update the silent threshold (in ms) for signaling errors.
127
void set_signal_silent_time(uint32 signal_silent_time_in_ms);
129
sigslot::repeater3<uint32, Mode, Error> SignalSrtpError;
132
bool StoreParams(const std::vector<CryptoParams>& params,
133
ContentSource source);
134
void CreateSrtpSessions();
135
bool NegotiateParams(const std::vector<CryptoParams>& answer_params,
136
CryptoParams* selected_params);
137
bool ApplyParams(const CryptoParams& send_params,
138
const CryptoParams& recv_params);
140
static bool ParseKeyParams(const std::string& params, uint8* key, int len);
144
ST_INIT, // SRTP filter unused.
145
ST_SENTOFFER, // Offer with SRTP parameters sent.
146
ST_RECEIVEDOFFER, // Offer with SRTP parameters received.
147
ST_ACTIVE, // Offer and answer set.
148
// SRTP filter is active but new parameters are offered.
149
// When the answer is set, the state transitions to ST_ACTIVE or ST_INIT.
151
// SRTP filter is active but new parameters are received.
152
// When the answer is set, the state transitions back to ST_ACTIVE.
153
ST_RECEIVEDUPDATEDOFFER
156
uint32 signal_silent_time_in_ms_;
157
std::vector<CryptoParams> offer_params_;
158
talk_base::scoped_ptr<SrtpSession> send_session_;
159
talk_base::scoped_ptr<SrtpSession> recv_session_;
160
talk_base::scoped_ptr<SrtpSession> send_rtcp_session_;
161
talk_base::scoped_ptr<SrtpSession> recv_rtcp_session_;
164
// Class that wraps a libSRTP session.
170
// Configures the session for sending data using the specified
171
// cipher-suite and key. Receiving must be done by a separate session.
172
bool SetSend(const std::string& cs, const uint8* key, int len);
173
// Configures the session for receiving data using the specified
174
// cipher-suite and key. Sending must be done by a separate session.
175
bool SetRecv(const std::string& cs, const uint8* key, int len);
177
// Encrypts/signs an individual RTP/RTCP packet, in-place.
178
// If an HMAC is used, this will increase the packet size.
179
bool ProtectRtp(void* data, int in_len, int max_len, int* out_len);
180
bool ProtectRtcp(void* data, int in_len, int max_len, int* out_len);
181
// Decrypts/verifies an invidiual RTP/RTCP packet.
182
// If an HMAC is used, this will decrease the packet size.
183
bool UnprotectRtp(void* data, int in_len, int* out_len);
184
bool UnprotectRtcp(void* data, int in_len, int* out_len);
186
// Update the silent threshold (in ms) for signaling errors.
187
void set_signal_silent_time(uint32 signal_silent_time_in_ms);
189
sigslot::repeater3<uint32, SrtpFilter::Mode, SrtpFilter::Error>
193
bool SetKey(int type, const std::string& cs, const uint8* key, int len);
195
void HandleEvent(const srtp_event_data_t* ev);
196
static void HandleEventThunk(srtp_event_data_t* ev);
197
static std::list<SrtpSession*>* sessions();
200
int rtp_auth_tag_len_;
201
int rtcp_auth_tag_len_;
202
talk_base::scoped_ptr<SrtpStat> srtp_stat_;
204
int last_send_seq_num_;
205
DISALLOW_COPY_AND_ASSIGN(SrtpSession);
208
// Class that collects failures of SRTP.
213
// Report RTP protection results to the handler.
214
void AddProtectRtpResult(uint32 ssrc, int result);
215
// Report RTP unprotection results to the handler.
216
void AddUnprotectRtpResult(uint32 ssrc, int result);
217
// Report RTCP protection results to the handler.
218
void AddProtectRtcpResult(int result);
219
// Report RTCP unprotection results to the handler.
220
void AddUnprotectRtcpResult(int result);
222
// Get silent time (in ms) for SRTP statistics handler.
223
uint32 signal_silent_time() const { return signal_silent_time_; }
224
// Set silent time (in ms) for SRTP statistics handler.
225
void set_signal_silent_time(uint32 signal_silent_time) {
226
signal_silent_time_ = signal_silent_time;
229
// Sigslot for reporting errors.
230
sigslot::signal3<uint32, SrtpFilter::Mode, SrtpFilter::Error>
234
// For each different ssrc and error, we collect statistics separately.
238
mode(SrtpFilter::PROTECT),
239
error(SrtpFilter::ERROR_NONE) {
241
FailureKey(uint32 in_ssrc, SrtpFilter::Mode in_mode,
242
SrtpFilter::Error in_error)
247
bool operator <(const FailureKey& key) const {
248
return ssrc < key.ssrc || mode < key.mode || error < key.error;
251
SrtpFilter::Mode mode;
252
SrtpFilter::Error error;
254
// For tracing conditions for signaling, currently we only use
255
// last_signal_time. Wrap this as a struct so that later on, if we need any
256
// other improvements, it will be easier.
259
: last_signal_time(0) {
261
explicit FailureStat(uint32 in_last_signal_time)
262
: last_signal_time(in_last_signal_time) {
265
last_signal_time = 0;
267
uint32 last_signal_time;
270
// Inspect SRTP result and signal error if needed.
271
void HandleSrtpResult(const FailureKey& key);
273
std::map<FailureKey, FailureStat> failures_;
274
// Threshold in ms to silent the signaling errors.
275
uint32 signal_silent_time_;
277
DISALLOW_COPY_AND_ASSIGN(SrtpStat);
280
} // namespace cricket
282
#endif // TALK_SESSION_PHONE_SRTPFILTER_H_