Commit 2cc27d66 authored by jehan's avatar jehan Committed by Ghislain MARY

fix wrong selection of sender crypto’s key in case of an incoming offer with...

fix wrong selection of sender crypto’s key in case of an incoming offer with matching chypto also not the first. 
parent 08d269b6
......@@ -173,7 +173,6 @@ private:
SalMulticastRole getMulticastRole (SalStreamType type);
void joinMulticastGroup (int streamIndex, MediaStream *ms);
int findCryptoIndexFromTag (const SalSrtpCryptoAlgo crypto[], unsigned char tag);
void setDtlsFingerprint (MSMediaStreamSessions *sessions, const SalStreamDescription *sd, const SalStreamDescription *remote);
void setDtlsFingerprintOnAllStreams ();
void setupDtlsParams (MediaStream *ms);
......
......@@ -1773,14 +1773,6 @@ void MediaSessionPrivate::joinMulticastGroup (int streamIndex, MediaStream *ms)
// -----------------------------------------------------------------------------
int MediaSessionPrivate::findCryptoIndexFromTag (const SalSrtpCryptoAlgo crypto[], unsigned char tag) {
for (int i = 0; i < SAL_CRYPTO_ALGO_MAX; i++) {
if (crypto[i].tag == tag)
return i;
}
return -1;
}
void MediaSessionPrivate::setDtlsFingerprint (MSMediaStreamSessions *sessions, const SalStreamDescription *sd, const SalStreamDescription *remote) {
if (sal_stream_description_has_dtls(sd)) {
if (sd->dtls_role == SalDtlsRoleInvalid)
......@@ -1945,7 +1937,7 @@ void MediaSessionPrivate::updateCryptoParameters (SalMediaDescription *oldMd, Sa
}
bool MediaSessionPrivate::updateStreamCryptoParameters (const SalStreamDescription *localStreamDesc, SalStreamDescription *oldStream, SalStreamDescription *newStream, MediaStream *ms) {
int cryptoIdx = findCryptoIndexFromTag(localStreamDesc->crypto, static_cast<unsigned char>(newStream->crypto_local_tag));
int cryptoIdx = Sal::findCryptoIndexFromTag(localStreamDesc->crypto, static_cast<unsigned char>(newStream->crypto_local_tag));
if (cryptoIdx >= 0) {
if (localDescChanged & SAL_MEDIA_DESCRIPTION_CRYPTO_KEYS_CHANGED)
ms_media_stream_sessions_set_srtp_send_key_b64(&ms->sessions, newStream->crypto[0].algo, localStreamDesc->crypto[cryptoIdx].master_key);
......@@ -2759,7 +2751,7 @@ void MediaSessionPrivate::startAudioStream (CallSession::State targetState, bool
// Valid local tags are > 0
if (sal_stream_description_has_srtp(stream)) {
const SalStreamDescription *localStreamDesc = sal_media_description_find_stream(localDesc, stream->proto, SalAudio);
int cryptoIdx = findCryptoIndexFromTag(localStreamDesc->crypto, static_cast<unsigned char>(stream->crypto_local_tag));
int cryptoIdx = Sal::findCryptoIndexFromTag(localStreamDesc->crypto, static_cast<unsigned char>(stream->crypto_local_tag));
if (cryptoIdx >= 0) {
ms_media_stream_sessions_set_srtp_recv_key_b64(&audioStream->ms.sessions, stream->crypto[0].algo, stream->crypto[0].master_key);
ms_media_stream_sessions_set_srtp_send_key_b64(&audioStream->ms.sessions, stream->crypto[0].algo, localStreamDesc->crypto[cryptoIdx].master_key);
......@@ -2942,7 +2934,7 @@ void MediaSessionPrivate::startTextStream () {
getCurrentParams()->getPrivate()->setUsedRealtimeTextCodec(rtp_profile_get_payload(textProfile, usedPt));
getCurrentParams()->enableRealtimeText(true);
if (sal_stream_description_has_srtp(tstream)) {
int cryptoIdx = findCryptoIndexFromTag(localStreamDesc->crypto, static_cast<unsigned char>(tstream->crypto_local_tag));
int cryptoIdx = Sal::findCryptoIndexFromTag(localStreamDesc->crypto, static_cast<unsigned char>(tstream->crypto_local_tag));
if (cryptoIdx >= 0) {
ms_media_stream_sessions_set_srtp_recv_key_b64(&textStream->ms.sessions, tstream->crypto[0].algo, tstream->crypto[0].master_key);
ms_media_stream_sessions_set_srtp_send_key_b64(&textStream->ms.sessions, tstream->crypto[0].algo, localStreamDesc->crypto[cryptoIdx].master_key);
......@@ -3035,7 +3027,7 @@ void MediaSessionPrivate::startVideoStream (CallSession::State targetState) {
if (isActive) {
if (sal_stream_description_has_srtp(vstream)) {
const SalStreamDescription *localStreamDesc = sal_media_description_find_stream(localDesc, vstream->proto, SalVideo);
int cryptoIdx = findCryptoIndexFromTag(localStreamDesc->crypto, static_cast<unsigned char>(vstream->crypto_local_tag));
int cryptoIdx = Sal::findCryptoIndexFromTag(localStreamDesc->crypto, static_cast<unsigned char>(vstream->crypto_local_tag));
if (cryptoIdx >= 0) {
ms_media_stream_sessions_set_srtp_recv_key_b64(&videoStream->ms.sessions, vstream->crypto[0].algo, vstream->crypto[0].master_key);
ms_media_stream_sessions_set_srtp_send_key_b64(&videoStream->ms.sessions, vstream->crypto[0].algo, localStreamDesc->crypto[cryptoIdx].master_key);
......
......@@ -352,8 +352,13 @@ void SalCallOp::sdpProcess () {
mResult->streams[i].rtp_port = mRemoteMedia->streams[i].rtp_port;
strcpy(mResult->streams[i].rtcp_addr, mRemoteMedia->streams[i].rtcp_addr);
mResult->streams[i].rtcp_port = mRemoteMedia->streams[i].rtcp_port;
if (sal_stream_description_has_srtp(&mResult->streams[i]))
mResult->streams[i].crypto[0] = mRemoteMedia->streams[i].crypto[0];
if (sal_stream_description_has_srtp(&mResult->streams[i])) {
int cryptoIdx = Sal::findCryptoIndexFromTag( mRemoteMedia->streams[i].crypto, static_cast<unsigned char>(mResult->streams[i].crypto[0].tag));
if (cryptoIdx >= 0)
mResult->streams[i].crypto[0] = mRemoteMedia->streams[i].crypto[cryptoIdx];
else
lError() << "Failed to find crypto algo with tag: " << mResult->streams[i].crypto_local_tag << "from resulting description [" << mResult << "]";
}
}
}
}
......
......@@ -808,6 +808,13 @@ belle_sip_response_t *Sal::createResponseFromRequest (belle_sip_request_t *reque
return response;
}
int Sal::findCryptoIndexFromTag (const SalSrtpCryptoAlgo crypto[], unsigned char tag) {
for (int i = 0; i < SAL_CRYPTO_ALGO_MAX; i++) {
if (crypto[i].tag == tag)
return i;
}
return -1;
}
//***********************************
......
......@@ -249,6 +249,8 @@ public:
belle_sip_source_t *createTimer (belle_sip_source_func_t func, void *data, unsigned int timeoutValueMs, const std::string &timerName);
void cancelTimer (belle_sip_source_t *timer);
//utils
static int findCryptoIndexFromTag (const SalSrtpCryptoAlgo crypto[], unsigned char tag);
private:
struct SalUuid {
......
......@@ -2674,6 +2674,13 @@ static void srtp_call(void) {
call_base(LinphoneMediaEncryptionSRTP,FALSE,FALSE,LinphonePolicyNoFirewall,FALSE);
}
/*
*Purpose of this test is to check that even if caller and callee does not have exactly the same crypto suite configured, the matching crypto suite is used.
*/
static void srtp_call_with_different_crypto_suite(void) {
call_base_with_configfile(LinphoneMediaEncryptionSRTP,FALSE,FALSE,LinphonePolicyNoFirewall,FALSE, "laure_tcp_rc", "marie_rc");
}
static void zrtp_call(void) {
call_base(LinphoneMediaEncryptionZRTP,FALSE,FALSE,LinphonePolicyNoFirewall,FALSE);
}
......@@ -6574,6 +6581,7 @@ test_t call_tests[] = {
TEST_NO_TAG("Call paused resumed with loss", call_paused_resumed_with_loss),
TEST_NO_TAG("Call paused resumed from callee", call_paused_resumed_from_callee),
TEST_NO_TAG("SRTP call", srtp_call),
TEST_NO_TAG("SRTP call with different crypto suite", srtp_call_with_different_crypto_suite),
TEST_NO_TAG("ZRTP call", zrtp_call),
TEST_NO_TAG("ZRTP silent call", zrtp_silent_call),
TEST_NO_TAG("ZRTP SAS call", zrtp_sas_call),
......
......@@ -4,6 +4,7 @@ sip_tcp_port=-1
sip_tls_port=-1
default_proxy=0
ping_with_options=0
srtp_crypto_suites=AES_256_CM_HMAC_SHA1_80
[auth_info_0]
username=laure
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment