external/srs
1
0
Fork 0
mirror of https://github.com/ossrs/srs.git synced 2025-02-15 04:42:04 +00:00
Code Issues Releases Wiki Activity

RTC: Refine SRTP unprotect rtp and rtcp, without copy

Browse source
This commit is contained in:
winlin 2021-02-07 16:21:25 +08:00
parent 0c07459d19
commit 9f91351f3c
4 changed files with 23 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
trunk/src/app/srs_app_rtc_conn.cpp
View file

@ -186,14 +186,14 @@ srs_error_t SrsSecurityTransport::protect_rtp2(void* rtp_hdr, int* len_ptr)
return srtp_->protect_rtp2(rtp_hdr, len_ptr); return srtp_->protect_rtp2(rtp_hdr, len_ptr);
} }
srs_error_t SrsSecurityTransport::unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext) srs_error_t SrsSecurityTransport::unprotect_rtp(void* packet, int* nb_plaintext)
{ {
return srtp_->unprotect_rtp(cipher, plaintext, nb_plaintext); return srtp_->unprotect_rtp(packet, nb_plaintext);
} }
srs_error_t SrsSecurityTransport::unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext) srs_error_t SrsSecurityTransport::unprotect_rtcp(void* packet, int* nb_plaintext)
{ {
return srtp_->unprotect_rtcp(cipher, plaintext, nb_plaintext); return srtp_->unprotect_rtcp(packet, nb_plaintext);
} }
SrsSemiSecurityTransport::SrsSemiSecurityTransport(SrsRtcConnection* s) : SrsSecurityTransport(s) SrsSemiSecurityTransport::SrsSemiSecurityTransport(SrsRtcConnection* s) : SrsSecurityTransport(s)
@ -281,14 +281,13 @@ srs_error_t SrsPlaintextTransport::protect_rtp2(void* rtp_hdr, int* len_ptr)
return srs_success; return srs_success;
} }
srs_error_t SrsPlaintextTransport::unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext) srs_error_t SrsPlaintextTransport::unprotect_rtp(void* packet, int* nb_plaintext)
{ {
return srs_success; return srs_success;
} }
srs_error_t SrsPlaintextTransport::unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext) srs_error_t SrsPlaintextTransport::unprotect_rtcp(void* packet, int* nb_plaintext)
{ {
memcpy(plaintext, cipher, nb_plaintext);
return srs_success; return srs_success;
} }
@ -1147,7 +1146,7 @@ srs_error_t SrsRtcPublishStream::on_rtp(char* data, int nb_data)
// Decrypt the cipher to plaintext RTP data. // Decrypt the cipher to plaintext RTP data.
int nb_unprotected_buf = nb_data; int nb_unprotected_buf = nb_data;
if ((err = session_->transport_->unprotect_rtp(data, NULL, nb_unprotected_buf)) != srs_success) { if ((err = session_->transport_->unprotect_rtp(data, &nb_unprotected_buf)) != srs_success) {
// We try to decode the RTP header for more detail error informations. // We try to decode the RTP header for more detail error informations.
SrsBuffer b(data, nb_data); SrsRtpHeader h; h.ignore_padding(true); SrsBuffer b(data, nb_data); SrsRtpHeader h; h.ignore_padding(true);
srs_error_t r0 = h.decode(&b); srs_freep(r0); // Ignore any error for header decoding. srs_error_t r0 = h.decode(&b); srs_freep(r0); // Ignore any error for header decoding.
@ -1940,12 +1939,12 @@ srs_error_t SrsRtcConnection::on_rtcp(char* data, int nb_data)
{ {
srs_error_t err = srs_success; srs_error_t err = srs_success;
char unprotected_buf[kRtpPacketSize];
int nb_unprotected_buf = nb_data; int nb_unprotected_buf = nb_data;
if ((err = transport_->unprotect_rtcp(data, unprotected_buf, nb_unprotected_buf)) != srs_success) { if ((err = transport_->unprotect_rtcp(data, &nb_unprotected_buf)) != srs_success) {
return srs_error_wrap(err, "rtcp unprotect"); return srs_error_wrap(err, "rtcp unprotect");
} }
char* unprotected_buf = data;
if (_srs_blackhole->blackhole) { if (_srs_blackhole->blackhole) {
_srs_blackhole->sendto(unprotected_buf, nb_unprotected_buf); _srs_blackhole->sendto(unprotected_buf, nb_unprotected_buf);
} }

17
trunk/src/app/srs_app_rtc_conn.hpp
View file

@ -100,8 +100,8 @@ public:
virtual srs_error_t protect_rtp(const char* plaintext, char* cipher, int& nb_cipher) = 0; virtual srs_error_t protect_rtp(const char* plaintext, char* cipher, int& nb_cipher) = 0;
virtual srs_error_t protect_rtcp(const char* plaintext, char* cipher, int& nb_cipher) = 0; virtual srs_error_t protect_rtcp(const char* plaintext, char* cipher, int& nb_cipher) = 0;
virtual srs_error_t protect_rtp2(void* rtp_hdr, int* len_ptr) = 0; virtual srs_error_t protect_rtp2(void* rtp_hdr, int* len_ptr) = 0;
virtual srs_error_t unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext) = 0; virtual srs_error_t unprotect_rtp(void* packet, int* nb_plaintext) = 0;
virtual srs_error_t unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext) = 0; virtual srs_error_t unprotect_rtcp(void* packet, int* nb_plaintext) = 0;
}; };
// The security transport, use DTLS/SRTP to protect the data. // The security transport, use DTLS/SRTP to protect the data.
@ -130,11 +130,10 @@ public:
// Encrypt the input rtp_hdr with *len_ptr bytes. // Encrypt the input rtp_hdr with *len_ptr bytes.
// @remark the input plaintext and out cipher reuse rtp_hdr. // @remark the input plaintext and out cipher reuse rtp_hdr.
srs_error_t protect_rtp2(void* rtp_hdr, int* len_ptr); srs_error_t protect_rtp2(void* rtp_hdr, int* len_ptr);
// Decrypt the input cipher to output cipher with nb_cipher bytes. // Decrypt the packet(cipher) to plaintext, which is also the packet ptr.
// @remark Note that the nb_plaintext is the size of input cipher, and // The nb_plaintext should be initialized to the size of cipher.
// it also is the length of output plaintext when return. srs_error_t unprotect_rtp(void* packet, int* nb_plaintext);
srs_error_t unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext); srs_error_t unprotect_rtcp(void* packet, int* nb_plaintext);
srs_error_t unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext);
// implement ISrsDtlsCallback // implement ISrsDtlsCallback
public: public:
virtual srs_error_t on_dtls_handshake_done(); virtual srs_error_t on_dtls_handshake_done();
@ -176,8 +175,8 @@ public:
virtual srs_error_t protect_rtp(const char* plaintext, char* cipher, int& nb_cipher); virtual srs_error_t protect_rtp(const char* plaintext, char* cipher, int& nb_cipher);
virtual srs_error_t protect_rtcp(const char* plaintext, char* cipher, int& nb_cipher); virtual srs_error_t protect_rtcp(const char* plaintext, char* cipher, int& nb_cipher);
virtual srs_error_t protect_rtp2(void* rtp_hdr, int* len_ptr); virtual srs_error_t protect_rtp2(void* rtp_hdr, int* len_ptr);
virtual srs_error_t unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext); srs_error_t unprotect_rtp(void* packet, int* nb_plaintext);
virtual srs_error_t unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext); srs_error_t unprotect_rtcp(void* packet, int* nb_plaintext);
}; };
// The handler for PLI worker coroutine. // The handler for PLI worker coroutine.

10
trunk/src/app/srs_app_rtc_dtls.cpp
View file

@ -1010,7 +1010,7 @@ srs_error_t SrsSRTP::protect_rtp2(void* rtp_hdr, int* len_ptr)
return err; return err;
} }
srs_error_t SrsSRTP::unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext) srs_error_t SrsSRTP::unprotect_rtp(void* packet, int* nb_plaintext)
{ {
srs_error_t err = srs_success; srs_error_t err = srs_success;
@ -1020,14 +1020,14 @@ srs_error_t SrsSRTP::unprotect_rtp(const char* cipher, char* plaintext, int& nb_
} }
srtp_err_status_t r0 = srtp_err_status_ok; srtp_err_status_t r0 = srtp_err_status_ok;
if ((r0 = srtp_unprotect(recv_ctx_, (void*)cipher, &nb_plaintext)) != srtp_err_status_ok) { if ((r0 = srtp_unprotect(recv_ctx_, packet, nb_plaintext)) != srtp_err_status_ok) {
return srs_error_new(ERROR_RTC_SRTP_UNPROTECT, "rtp unprotect r0=%u", r0); return srs_error_new(ERROR_RTC_SRTP_UNPROTECT, "rtp unprotect r0=%u", r0);
} }
return err; return err;
} }
srs_error_t SrsSRTP::unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext) srs_error_t SrsSRTP::unprotect_rtcp(void* packet, int* nb_plaintext)
{ {
srs_error_t err = srs_success; srs_error_t err = srs_success;
@ -1036,10 +1036,8 @@ srs_error_t SrsSRTP::unprotect_rtcp(const char* cipher, char* plaintext, int& nb
return srs_error_new(ERROR_RTC_SRTP_UNPROTECT, "not ready"); return srs_error_new(ERROR_RTC_SRTP_UNPROTECT, "not ready");
} }
memcpy(plaintext, cipher, nb_plaintext);
srtp_err_status_t r0 = srtp_err_status_ok; srtp_err_status_t r0 = srtp_err_status_ok;
if ((r0 = srtp_unprotect_rtcp(recv_ctx_, plaintext, &nb_plaintext)) != srtp_err_status_ok) { if ((r0 = srtp_unprotect_rtcp(recv_ctx_, packet, nb_plaintext)) != srtp_err_status_ok) {
return srs_error_new(ERROR_RTC_SRTP_UNPROTECT, "rtcp unprotect r0=%u", r0); return srs_error_new(ERROR_RTC_SRTP_UNPROTECT, "rtcp unprotect r0=%u", r0);
} }

7
trunk/src/app/srs_app_rtc_dtls.hpp
View file

@ -232,11 +232,8 @@ public:
// Encrypt the input rtp_hdr with *len_ptr bytes. // Encrypt the input rtp_hdr with *len_ptr bytes.
// @remark the input plaintext and out cipher reuse rtp_hdr. // @remark the input plaintext and out cipher reuse rtp_hdr.
srs_error_t protect_rtp2(void* rtp_hdr, int* len_ptr); srs_error_t protect_rtp2(void* rtp_hdr, int* len_ptr);
// Decrypt the input cipher to output cipher with nb_cipher bytes. srs_error_t unprotect_rtp(void* packet, int* nb_plaintext);
// @remark Note that the nb_plaintext is the size of input cipher, and srs_error_t unprotect_rtcp(void* packet, int* nb_plaintext);
// it also is the length of output plaintext when return.
srs_error_t unprotect_rtp(const char* cipher, char* plaintext, int& nb_plaintext);
srs_error_t unprotect_rtcp(const char* cipher, char* plaintext, int& nb_plaintext);
}; };
#endif #endif