RTC: Refine SRTP unprotect rtp and rtcp, without copy

trunk/src/app/srs_app_rtc_conn.cpp

@@ -186,14 +186,14 @@ srs_error_t SrsSecurityTransport::protect_rtp2(void* rtp_hdr, int* len_ptr)
     return srtp_->protect_rtp2(rtp_hdr, len_ptr);
 }
 
-srs_error_t SrsSecurityTransport::unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext)
+srs_error_t SrsSecurityTransport::unprotect_rtp(void* packet, int* nb_plaintext)
 {
-    return srtp_->unprotect_rtp(cipher, plaintext, nb_plaintext);
+    return srtp_->unprotect_rtp(packet, nb_plaintext);
 }
 
-srs_error_t SrsSecurityTransport::unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext)
+srs_error_t SrsSecurityTransport::unprotect_rtcp(void* packet, int* nb_plaintext)
 {
-    return srtp_->unprotect_rtcp(cipher, plaintext, nb_plaintext);
+    return srtp_->unprotect_rtcp(packet, nb_plaintext);
 }
 
 SrsSemiSecurityTransport::SrsSemiSecurityTransport(SrsRtcConnection* s) : SrsSecurityTransport(s)
@@ -281,14 +281,13 @@ srs_error_t SrsPlaintextTransport::protect_rtp2(void* rtp_hdr, int* len_ptr)
     return srs_success;
 }
 
-srs_error_t SrsPlaintextTransport::unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext)
+srs_error_t SrsPlaintextTransport::unprotect_rtp(void* packet, int* nb_plaintext)
 {
     return srs_success;
 }
 
-srs_error_t SrsPlaintextTransport::unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext)
+srs_error_t SrsPlaintextTransport::unprotect_rtcp(void* packet, int* nb_plaintext)
 {
-    memcpy(plaintext, cipher, nb_plaintext);
     return srs_success;
 }
 
@@ -1147,7 +1146,7 @@ srs_error_t SrsRtcPublishStream::on_rtp(char* data, int nb_data)
 
     // Decrypt the cipher to plaintext RTP data.
     int nb_unprotected_buf = nb_data;
-    if ((err = session_->transport_->unprotect_rtp(data, NULL, nb_unprotected_buf)) != srs_success) {
+    if ((err = session_->transport_->unprotect_rtp(data, &nb_unprotected_buf)) != srs_success) {
         // We try to decode the RTP header for more detail error informations.
         SrsBuffer b(data, nb_data); SrsRtpHeader h; h.ignore_padding(true);
         srs_error_t r0 = h.decode(&b); srs_freep(r0); // Ignore any error for header decoding.
@@ -1940,12 +1939,12 @@ srs_error_t SrsRtcConnection::on_rtcp(char* data, int nb_data)
 {
     srs_error_t err = srs_success;
 
-    char unprotected_buf[kRtpPacketSize];
     int nb_unprotected_buf = nb_data;
-    if ((err = transport_->unprotect_rtcp(data, unprotected_buf, nb_unprotected_buf)) != srs_success) {
+    if ((err = transport_->unprotect_rtcp(data, &nb_unprotected_buf)) != srs_success) {
         return srs_error_wrap(err, "rtcp unprotect");
     }
 
+    char* unprotected_buf = data;
     if (_srs_blackhole->blackhole) {
         _srs_blackhole->sendto(unprotected_buf, nb_unprotected_buf);
     }

trunk/src/app/srs_app_rtc_conn.hpp

@@ -100,8 +100,8 @@ public:
     virtual srs_error_t protect_rtp(const char* plaintext, char* cipher, int& nb_cipher) = 0;
     virtual srs_error_t protect_rtcp(const char* plaintext, char* cipher, int& nb_cipher) = 0;
     virtual srs_error_t protect_rtp2(void* rtp_hdr, int* len_ptr) = 0;
-    virtual srs_error_t unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext) = 0;
-    virtual srs_error_t unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext) = 0;
+    virtual srs_error_t unprotect_rtp(void* packet, int* nb_plaintext) = 0;
+    virtual srs_error_t unprotect_rtcp(void* packet, int* nb_plaintext) = 0;
 };
 
 // The security transport, use DTLS/SRTP to protect the data.
@@ -130,11 +130,10 @@ public:
     // Encrypt the input rtp_hdr with *len_ptr bytes.
     // @remark the input plaintext and out cipher reuse rtp_hdr.
     srs_error_t protect_rtp2(void* rtp_hdr, int* len_ptr);
-    // Decrypt the input cipher to output cipher with nb_cipher bytes.
-    // @remark Note that the nb_plaintext is the size of input cipher, and 
-    // it also is the length of output plaintext when return.
-    srs_error_t unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext);
-    srs_error_t unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext);
+    // Decrypt the packet(cipher) to plaintext, which is also the packet ptr.
+    // The nb_plaintext should be initialized to the size of cipher.
+    srs_error_t unprotect_rtp(void* packet, int* nb_plaintext);
+    srs_error_t unprotect_rtcp(void* packet, int* nb_plaintext);
 // implement ISrsDtlsCallback
 public:
     virtual srs_error_t on_dtls_handshake_done();
@@ -176,8 +175,8 @@ public:
     virtual srs_error_t protect_rtp(const char* plaintext, char* cipher, int& nb_cipher);
     virtual srs_error_t protect_rtcp(const char* plaintext, char* cipher, int& nb_cipher);
     virtual srs_error_t protect_rtp2(void* rtp_hdr, int* len_ptr);
-    virtual srs_error_t unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext);
-    virtual srs_error_t unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext);
+    srs_error_t unprotect_rtp(void* packet, int* nb_plaintext);
+    srs_error_t unprotect_rtcp(void* packet, int* nb_plaintext);
 };
 
 // The handler for PLI worker coroutine.

trunk/src/app/srs_app_rtc_dtls.cpp

@@ -1010,7 +1010,7 @@ srs_error_t SrsSRTP::protect_rtp2(void* rtp_hdr, int* len_ptr)
     return err;
 }
 
-srs_error_t SrsSRTP::unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext)
+srs_error_t SrsSRTP::unprotect_rtp(void* packet, int* nb_plaintext)
 {
     srs_error_t err = srs_success;
 
@@ -1020,14 +1020,14 @@ srs_error_t SrsSRTP::unprotect_rtp(const char* cipher, char* plaintext, int& nb_
     }
 
     srtp_err_status_t r0 = srtp_err_status_ok;
-    if ((r0 = srtp_unprotect(recv_ctx_, (void*)cipher, &nb_plaintext)) != srtp_err_status_ok) {
+    if ((r0 = srtp_unprotect(recv_ctx_, packet, nb_plaintext)) != srtp_err_status_ok) {
         return srs_error_new(ERROR_RTC_SRTP_UNPROTECT, "rtp unprotect r0=%u", r0);
     }
 
     return err;
 }
 
-srs_error_t SrsSRTP::unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext)
+srs_error_t SrsSRTP::unprotect_rtcp(void* packet, int* nb_plaintext)
 {
     srs_error_t err = srs_success;
 
@@ -1036,10 +1036,8 @@ srs_error_t SrsSRTP::unprotect_rtcp(const char* cipher, char* plaintext, int& nb
         return srs_error_new(ERROR_RTC_SRTP_UNPROTECT, "not ready");
     }
 
-    memcpy(plaintext, cipher, nb_plaintext);
-
     srtp_err_status_t r0 = srtp_err_status_ok;
-    if ((r0 = srtp_unprotect_rtcp(recv_ctx_, plaintext, &nb_plaintext)) != srtp_err_status_ok) {
+    if ((r0 = srtp_unprotect_rtcp(recv_ctx_, packet, nb_plaintext)) != srtp_err_status_ok) {
         return srs_error_new(ERROR_RTC_SRTP_UNPROTECT, "rtcp unprotect r0=%u", r0);
     }
 

trunk/src/app/srs_app_rtc_dtls.hpp

@@ -232,11 +232,8 @@ public:
     // Encrypt the input rtp_hdr with *len_ptr bytes.
     // @remark the input plaintext and out cipher reuse rtp_hdr.
     srs_error_t protect_rtp2(void* rtp_hdr, int* len_ptr);
-    // Decrypt the input cipher to output cipher with nb_cipher bytes.
-    // @remark Note that the nb_plaintext is the size of input cipher, and 
-    // it also is the length of output plaintext when return.
-    srs_error_t unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext);
-    srs_error_t unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext);
+    srs_error_t unprotect_rtp(void* packet, int* nb_plaintext);
+    srs_error_t unprotect_rtcp(void* packet, int* nb_plaintext);
 };
 
 #endif