mirror of
https://github.com/ossrs/srs.git
synced 2025-03-09 15:49:59 +00:00
Upgrade libsrt to v1.5.3. v5.0.183 (#3808)
This commit is contained in:
parent
389a62ee3a
commit
632d457194
154 changed files with 39813 additions and 17038 deletions
|
@ -14,18 +14,18 @@ written by
|
|||
Haivision Systems Inc.
|
||||
|
||||
2011-06-23 (jdube)
|
||||
HaiCrypt initial implementation.
|
||||
HaiCrypt initial implementation.
|
||||
2014-03-11 (jdube)
|
||||
Adaptation for SRT.
|
||||
Adaptation for SRT.
|
||||
*****************************************************************************/
|
||||
|
||||
#include <string.h> /* memcpy */
|
||||
#ifdef _WIN32
|
||||
#include <winsock2.h>
|
||||
#include <ws2tcpip.h>
|
||||
#include <win/wintime.h>
|
||||
#include <winsock2.h>
|
||||
#include <ws2tcpip.h>
|
||||
#include <win/wintime.h>
|
||||
#else
|
||||
#include <sys/time.h>
|
||||
#include <sys/time.h>
|
||||
#endif
|
||||
#include "hcrypt.h"
|
||||
|
||||
|
@ -33,7 +33,7 @@ int hcryptCtx_Tx_Init(hcrypt_Session *crypto, hcrypt_Ctx *ctx, const HaiCrypt_Cf
|
|||
{
|
||||
ctx->cfg.key_len = cfg->key_len;
|
||||
|
||||
ctx->mode = HCRYPT_CTX_MODE_AESCTR;
|
||||
ctx->mode = (cfg->flags & HAICRYPT_CFG_F_GCM) ? HCRYPT_CTX_MODE_AESGCM : HCRYPT_CTX_MODE_AESCTR;
|
||||
ctx->status = HCRYPT_CTX_S_INIT;
|
||||
|
||||
ctx->msg_info = crypto->msg_info;
|
||||
|
@ -52,14 +52,14 @@ int hcryptCtx_Tx_Rekey(hcrypt_Session *crypto, hcrypt_Ctx *ctx)
|
|||
|
||||
/* Generate Salt */
|
||||
ctx->salt_len = HAICRYPT_SALT_SZ;
|
||||
if (0 > (iret = crypto->cryspr->prng(ctx->salt, ctx->salt_len))) {
|
||||
if (0 > (iret = crypto->cryspr->prng(ctx->salt, (int)ctx->salt_len))) {
|
||||
HCRYPT_LOG(LOG_ERR, "PRNG(salt[%zd]) failed\n", ctx->salt_len);
|
||||
return(iret);
|
||||
}
|
||||
|
||||
/* Generate SEK */
|
||||
ctx->sek_len = ctx->cfg.key_len;
|
||||
if (0 > (iret = crypto->cryspr->prng(ctx->sek, ctx->sek_len))) {
|
||||
if (0 > (iret = crypto->cryspr->prng(ctx->sek, (int)ctx->sek_len))) {
|
||||
HCRYPT_LOG(LOG_ERR, "PRNG(sek[%zd] failed\n", ctx->sek_len);
|
||||
return(iret);
|
||||
}
|
||||
|
@ -74,9 +74,10 @@ int hcryptCtx_Tx_Rekey(hcrypt_Session *crypto, hcrypt_Ctx *ctx)
|
|||
HCRYPT_PRINTKEY(ctx->sek, ctx->sek_len, "sek");
|
||||
|
||||
/* Regenerate KEK if Password-based (uses newly generated salt and sek_len) */
|
||||
if ((0 < ctx->cfg.pwd_len)
|
||||
&& (0 > (iret = hcryptCtx_GenSecret(crypto, ctx)))) {
|
||||
return(iret);
|
||||
if (0 < ctx->cfg.pwd_len) {
|
||||
iret = hcryptCtx_GenSecret(crypto, ctx);
|
||||
if (iret < 0)
|
||||
return(iret);
|
||||
}
|
||||
|
||||
/* Assemble the new Keying Material message */
|
||||
|
@ -106,22 +107,22 @@ int hcryptCtx_Tx_CloneKey(hcrypt_Session *crypto, hcrypt_Ctx *ctx, const hcrypt_
|
|||
|
||||
ASSERT(HCRYPT_CTX_S_SARDY <= ctx->status);
|
||||
|
||||
const hcrypt_Ctx* ctxSrc = cryptoSrc->ctx;
|
||||
if (!ctxSrc)
|
||||
{
|
||||
/* Probbly the context is not yet completely initialized, so
|
||||
* use blindly the first context from the pair
|
||||
*/
|
||||
ctxSrc = &cryptoSrc->ctx_pair[0];
|
||||
}
|
||||
const hcrypt_Ctx* ctxSrc = cryptoSrc->ctx;
|
||||
if (!ctxSrc)
|
||||
{
|
||||
/* Probbly the context is not yet completely initialized, so
|
||||
* use blindly the first context from the pair
|
||||
*/
|
||||
ctxSrc = &cryptoSrc->ctx_pair[0];
|
||||
}
|
||||
|
||||
/* Copy SALT (instead of generating) */
|
||||
ctx->salt_len = ctxSrc->salt_len;
|
||||
memcpy(ctx->salt, ctxSrc->salt, ctx->salt_len);
|
||||
/* Copy SALT (instead of generating) */
|
||||
ctx->salt_len = ctxSrc->salt_len;
|
||||
memcpy(ctx->salt, ctxSrc->salt, ctx->salt_len);
|
||||
|
||||
/* Copy SEK */
|
||||
ctx->sek_len = ctxSrc->sek_len;
|
||||
memcpy(ctx->sek, ctxSrc->sek, ctx->sek_len);
|
||||
/* Copy SEK */
|
||||
ctx->sek_len = ctxSrc->sek_len;
|
||||
memcpy(ctx->sek, ctxSrc->sek, ctx->sek_len);
|
||||
|
||||
/* Set SEK in cryspr */
|
||||
if (crypto->cryspr->ms_setkey(crypto->cryspr_cb, ctx, ctx->sek, ctx->sek_len)) {
|
||||
|
@ -133,11 +134,12 @@ int hcryptCtx_Tx_CloneKey(hcrypt_Session *crypto, hcrypt_Ctx *ctx, const hcrypt_
|
|||
HCRYPT_PRINTKEY(ctx->sek, ctx->sek_len, "sek");
|
||||
|
||||
/* Regenerate KEK if Password-based (uses newly generated salt and sek_len) */
|
||||
/* (note for CloneKey imp: it's expected that the same passphrase-salt pair
|
||||
shall generate the same KEK. GenSecret also prints the KEK */
|
||||
if ((0 < ctx->cfg.pwd_len)
|
||||
&& (0 > (iret = hcryptCtx_GenSecret(crypto, ctx)))) {
|
||||
return(iret);
|
||||
/* (note for CloneKey imp: it's expected that the same passphrase-salt pair
|
||||
shall generate the same KEK. GenSecret also prints the KEK */
|
||||
if (0 < ctx->cfg.pwd_len) {
|
||||
iret = hcryptCtx_GenSecret(crypto, ctx);
|
||||
if (iret < 0)
|
||||
return(iret);
|
||||
}
|
||||
|
||||
/* Assemble the new Keying Material message */
|
||||
|
@ -193,7 +195,7 @@ int hcryptCtx_Tx_Refresh(hcrypt_Session *crypto)
|
|||
|
||||
HCRYPT_LOG(LOG_DEBUG, "refresh/generate SEK. salt_len=%d sek_len=%d\n", (int)new_ctx->salt_len, (int)new_ctx->sek_len);
|
||||
|
||||
if (0 > crypto->cryspr->prng(new_ctx->sek, new_ctx->sek_len)) {
|
||||
if (0 > crypto->cryspr->prng(new_ctx->sek, (int)new_ctx->sek_len)) {
|
||||
HCRYPT_LOG(LOG_ERR, "PRNG(sek[%zd] failed\n", new_ctx->sek_len);
|
||||
return(-1);
|
||||
}
|
||||
|
@ -297,9 +299,9 @@ int hcryptCtx_Tx_AsmKM(hcrypt_Session *crypto, hcrypt_Ctx *ctx, unsigned char *a
|
|||
2 == sek_cnt ? HCRYPT_MSG_F_xSEK : (ctx->flags & HCRYPT_MSG_F_xSEK));
|
||||
|
||||
/* crypto->KMmsg_cache[4..7]: KEKI=0 */
|
||||
km_msg[HCRYPT_MSG_KM_OFS_CIPHER] = HCRYPT_CIPHER_AES_CTR;
|
||||
km_msg[HCRYPT_MSG_KM_OFS_AUTH] = HCRYPT_AUTH_NONE;
|
||||
km_msg[HCRYPT_MSG_KM_OFS_SE] = crypto->se;
|
||||
km_msg[HCRYPT_MSG_KM_OFS_CIPHER] = (ctx->mode == HCRYPT_CTX_MODE_AESGCM) ? HCRYPT_CIPHER_AES_GCM : HCRYPT_CIPHER_AES_CTR;
|
||||
km_msg[HCRYPT_MSG_KM_OFS_AUTH] = (ctx->mode == HCRYPT_CTX_MODE_AESGCM) ? HCRYPT_AUTH_AES_GCM : HCRYPT_AUTH_NONE;
|
||||
km_msg[HCRYPT_MSG_KM_OFS_SE] = (char) crypto->se;
|
||||
hcryptMsg_KM_SetSaltLen(km_msg, ctx->salt_len);
|
||||
hcryptMsg_KM_SetSekLen(km_msg, ctx->sek_len);
|
||||
|
||||
|
@ -320,7 +322,7 @@ int hcryptCtx_Tx_AsmKM(hcrypt_Session *crypto, hcrypt_Ctx *ctx, unsigned char *a
|
|||
}
|
||||
if (0 > crypto->cryspr->km_wrap(crypto->cryspr_cb,
|
||||
&km_msg[HCRYPT_MSG_KM_OFS_SALT + ctx->salt_len],
|
||||
seks, sek_cnt * ctx->sek_len)) {
|
||||
seks, (unsigned int)(sek_cnt * ctx->sek_len))) {
|
||||
|
||||
HCRYPT_LOG(LOG_ERR, "%s", "wrap key failed\n");
|
||||
return(-1);
|
||||
|
@ -336,8 +338,8 @@ int hcryptCtx_Tx_ManageKM(hcrypt_Session *crypto)
|
|||
ASSERT(NULL != ctx);
|
||||
|
||||
HCRYPT_LOG(LOG_DEBUG, "KM[%d] KEY STATUS: pkt_cnt=%u against ref.rate=%u and pre.announce=%u\n",
|
||||
(ctx->alt->flags & HCRYPT_CTX_F_xSEK)/2,
|
||||
ctx->pkt_cnt, crypto->km.refresh_rate, crypto->km.pre_announce);
|
||||
(ctx->alt->flags & HCRYPT_CTX_F_xSEK)/2,
|
||||
ctx->pkt_cnt, crypto->km.refresh_rate, crypto->km.pre_announce);
|
||||
|
||||
if ((ctx->pkt_cnt > crypto->km.refresh_rate)
|
||||
|| (ctx->pkt_cnt == 0)) { //rolled over
|
||||
|
@ -358,7 +360,7 @@ int hcryptCtx_Tx_ManageKM(hcrypt_Session *crypto)
|
|||
* prepare next SEK for announcement
|
||||
*/
|
||||
hcryptCtx_Tx_Refresh(crypto);
|
||||
|
||||
|
||||
HCRYPT_LOG(LOG_INFO, "KM[%d] Pre-announced\n",
|
||||
(ctx->alt->flags & HCRYPT_CTX_F_xSEK)/2);
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue