srtp 0.7.0

Rusty wrapper for libsrtp2
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383

//! SRTP session and its core functionalities

use std::any::Any;
use std::convert::TryInto;
use std::ffi::c_void;
use std::fmt;
use std::mem::MaybeUninit;
use std::os::raw::c_int;
use std::ptr;

use foreign_types::{ForeignType, ForeignTypeRef};
use srtp2_sys as sys;

use crate::crypto_policy::CryptoPolicy;
use crate::error::{Error, Result};
use crate::vec_like::VecLike;

foreign_types::foreign_type! {
    /// SRTP session
    ///
    /// An SRTP session consists of all of the traffic sent to the RTP and
    /// RTCP destination transport addresses, using the RTP/SAVP (Secure
    /// Audio/Video Profile).  A session can be viewed as a set of SRTP
    /// streams, each of which originates with a different participant.
    pub unsafe type Session: Send + Sync {
        type CType = sys::srtp_ctx_t;
        fn drop = sys::srtp_dealloc;
    }
}

/// SRTP stream policy
#[derive(Debug, Default, Clone, Copy)]
pub struct StreamPolicy<'a> {
    /// SRTP crypto policy.
    pub rtp: CryptoPolicy,
    /// SRTCP crypto policy.
    pub rtcp: CryptoPolicy,
    /// Master key for this stream.
    pub key: &'a [u8],
    /// The window size to use for replay protection.
    ///
    /// Pass 0 to use the default value.
    pub window_size: u64,
    /// Whether retransmission of packets with the same sequence number are allowed.
    ///
    /// Note that such repeated transmission must have the same RTP payload,
    /// or a severe security weakness is introduced!
    pub allow_repeat_tx: bool,
    /// List of header ids to encrypt.
    pub encrypt_extension_headers: &'a [i32],
}

type EventHandler = Option<
    Box<dyn FnMut(&mut SessionRef, u32, Option<&mut (dyn Any + Send + 'static)>) + Send + 'static>,
>;

#[derive(Default)]
pub(crate) struct UserDataWrapper {
    pub(crate) user_data: Option<Box<dyn Any + Send + 'static>>,
    on_ssrc_collision: EventHandler,
    on_key_hard_limit: EventHandler,
    on_key_soft_limit: EventHandler,
}

impl Session {
    /// Allocate and initialize an SRTP session context.
    ///
    /// To use it, streams should be added using `add_stream()` method.
    pub fn new() -> Result<Self> {
        crate::ensure_init();

        let mut session: MaybeUninit<sys::srtp_t> = MaybeUninit::uninit();

        unsafe {
            Error::check(sys::srtp_create(session.as_mut_ptr(), ptr::null_mut()))?;
            Ok(Session::from_ptr(session.assume_init()))
        }
    }

    /// Allocate and initialize an SRTP session context,
    /// with the given inbound stream policy template.
    ///
    /// Any inbound streams which is not explicitely added by `add_stream()` method
    /// will generated with the given template policy.
    pub fn with_inbound_template(policy: StreamPolicy<'_>) -> Result<Self> {
        crate::ensure_init();

        let mut session: MaybeUninit<sys::srtp_t> = MaybeUninit::uninit();
        let mut policy = policy.sys_policy()?;
        policy.ssrc.type_ = sys::srtp_ssrc_type_t_ssrc_any_inbound;

        unsafe {
            Error::check(sys::srtp_create(session.as_mut_ptr(), &policy))?;
            Ok(Session::from_ptr(session.assume_init()))
        }
    }

    /// Allocate and initialize an SRTP session context,
    /// with the given outbound stream policy template.
    ///
    /// Any outbound streams which is not explicitely added by `add_stream()` method
    /// will generated with the given template policy.
    pub fn with_outbound_template(policy: StreamPolicy<'_>) -> Result<Self> {
        crate::ensure_init();

        let mut session: MaybeUninit<sys::srtp_t> = MaybeUninit::uninit();
        let mut policy = policy.sys_policy()?;
        policy.ssrc.type_ = sys::srtp_ssrc_type_t_ssrc_any_outbound;

        unsafe {
            Error::check(sys::srtp_create(session.as_mut_ptr(), &policy))?;
            Ok(Session::from_ptr(session.assume_init()))
        }
    }
}

impl SessionRef {
    unsafe fn overwrite<T: VecLike>(
        &mut self,
        buf: &mut T,
        reserve: bool,
        func: unsafe extern "C" fn(sys::srtp_t, *mut c_void, *mut c_int) -> sys::srtp_err_status_t,
    ) -> Result<()> {
        if reserve {
            if let Err(err) = buf.reserve(sys::SRTP_MAX_TRAILER_LEN as usize) {
                error!("`buf.reserve()` failed: {}", err);
                return Err(Error::BAD_PARAM);
            }
        }

        let bytes = buf.as_mut_bytes();
        let orig_length = bytes.len();
        let head_ptr = bytes.as_mut_ptr() as *mut c_void;

        let mut length: c_int = match orig_length.try_into() {
            Ok(len) => len,
            Err(err) => {
                error!("Cannot convert the length of the `key` into c_int: {}", err);
                return Err(Error::BAD_PARAM);
            }
        };

        let res = Error::check(func(self.as_ptr(), head_ptr, &mut length));
        if let Err(err) = res {
            // Operation failed.
            // No assumptions should be made to the buffer.
            buf.set_len(0);
            return Err(err);
        }

        #[cfg(debug_assertions)]
        if reserve {
            assert!(length as usize <= orig_length + sys::SRTP_MAX_TRAILER_LEN as usize)
        } else {
            assert!(length as usize <= orig_length)
        }

        buf.set_len(length as usize);

        Ok(())
    }

    /// Convert RTP packet stored in the `buf` into SRTP in-place
    pub fn protect<T: VecLike>(&mut self, buf: &mut T) -> Result<()> {
        unsafe { self.overwrite(buf, true, sys::srtp_protect) }
    }

    /// Convert RTCP packet stored in the `buf` into SRTCP in-place
    pub fn protect_rtcp<T: VecLike>(&mut self, buf: &mut T) -> Result<()> {
        unsafe { self.overwrite(buf, true, sys::srtp_protect_rtcp) }
    }

    /// Convert SRTP packet stored in the `buf` into RTP in-place
    pub fn unprotect<T: VecLike>(&mut self, buf: &mut T) -> Result<()> {
        unsafe { self.overwrite(buf, false, sys::srtp_unprotect) }
    }

    /// Convert SRTCP packet stored in the `buf` into RTCP in-place
    pub fn unprotect_rtcp<T: VecLike>(&mut self, buf: &mut T) -> Result<()> {
        unsafe { self.overwrite(buf, false, sys::srtp_unprotect_rtcp) }
    }

    /// Allocate and initialize an SRTP stream within this SRTP session.
    pub fn add_stream(&mut self, ssrc: u32, policy: StreamPolicy<'_>) -> Result<()> {
        let policy = policy.sys_policy_ssrc(ssrc)?;

        unsafe {
            Error::check(sys::srtp_add_stream(self.as_ptr(), &policy))?;
            Ok(())
        }
    }

    /// Remove the SRTP stream with the SSRC value from this SRTP session.
    pub fn remove_stream(&mut self, ssrc: u32) -> Result<()> {
        unsafe {
            Error::check(sys::srtp_remove_stream(self.as_ptr(), ssrc))?;
            Ok(())
        }
    }

    /// Update the SRTP stream with the SSRC value from this SRTP session.
    /// Existing ROC value will be preserved.
    pub fn update_stream(&mut self, ssrc: u32, policy: StreamPolicy<'_>) -> Result<()> {
        let policy = policy.sys_policy_ssrc(ssrc)?;

        unsafe {
            Error::check(sys::srtp_update_stream(self.as_ptr(), &policy))?;
            Ok(())
        }
    }

    /// Update the SRTP stream template and streams generated from it.
    pub fn update_inbound_template(&mut self, policy: StreamPolicy<'_>) -> Result<()> {
        let mut policy = policy.sys_policy()?;
        policy.ssrc.type_ = sys::srtp_ssrc_type_t_ssrc_any_inbound;

        unsafe {
            Error::check(sys::srtp_update_stream(self.as_ptr(), &policy))?;
            Ok(())
        }
    }

    /// Update the SRTP stream template and streams generated from it.
    pub fn update_outbound_template(&mut self, policy: StreamPolicy<'_>) -> Result<()> {
        let mut policy = policy.sys_policy()?;
        policy.ssrc.type_ = sys::srtp_ssrc_type_t_ssrc_any_outbound;

        unsafe {
            Error::check(sys::srtp_update_stream(self.as_ptr(), &policy))?;
            Ok(())
        }
    }

    /// Get the roll-over-counter of the SRTP stream with the SSRC value from this SRTP session.
    pub fn get_stream_roc(&mut self, ssrc: u32) -> Result<u32> {
        unsafe {
            let mut roc = 0;
            Error::check(sys::srtp_get_stream_roc(self.as_ptr(), ssrc, &mut roc))?;
            Ok(roc)
        }
    }

    /// Set the roll-over-counter of the SRTP stream with the SSRC value from this SRTP session.
    pub fn set_stream_roc(&mut self, ssrc: u32, roc: u32) -> Result<()> {
        unsafe {
            Error::check(sys::srtp_set_stream_roc(self.as_ptr(), ssrc, roc))?;
            Ok(())
        }
    }

    pub(crate) fn user_data_wrapper(&mut self) -> &mut UserDataWrapper {
        unsafe {
            match (sys::srtp_get_user_data(self.as_ptr()) as *mut UserDataWrapper).as_mut() {
                Some(wrapper) => wrapper,
                None => {
                    let wrapper = Box::into_raw(Box::new(UserDataWrapper::default()));
                    sys::srtp_set_user_data(self.as_ptr(), wrapper as *mut c_void);
                    &mut *wrapper
                }
            }
        }
    }

    /// Store user data to the SRTP session. This can be useful to share data with the event callbacks.
    pub fn set_user_data<T>(&mut self, data: T)
    where
        T: Any + Send + 'static,
    {
        self.user_data_wrapper().user_data = Some(Box::new(data))
    }

    /// Access the use data previously stored into the SRTP session, if any.
    pub fn user_data(&mut self) -> Option<&mut (dyn Any + Send + 'static)> {
        self.user_data_wrapper().user_data.as_deref_mut()
    }

    /// Take the user data back from the SRTP session, if any.
    pub fn take_user_data(&mut self) -> Option<Box<dyn Any + Send + 'static>> {
        self.user_data_wrapper().user_data.take()
    }

    /// Set callback for SSRC collision event.
    pub fn on_ssrc_collision<F>(&mut self, f: F)
    where
        F: FnMut(&mut SessionRef, u32, Option<&mut (dyn Any + Send + 'static)>) + Send + 'static,
    {
        self.user_data_wrapper().on_ssrc_collision = Some(Box::new(f))
    }

    /// Set callback for key hard limit event.
    ///
    /// This means the SRTP stream with given SSRC reached
    /// the hard key usage limit and has expired.
    pub fn on_key_hard_limit<F>(&mut self, f: F)
    where
        F: FnMut(&mut SessionRef, u32, Option<&mut (dyn Any + Send + 'static)>) + Send + 'static,
    {
        self.user_data_wrapper().on_key_hard_limit = Some(Box::new(f))
    }

    /// Set callback for key soft limit event.
    ///
    /// This means the SRTP stream with given SSRC reached
    /// the soft key usage limit and will expire soon.
    pub fn on_key_soft_limit<F>(&mut self, f: F)
    where
        F: FnMut(&mut SessionRef, u32, Option<&mut (dyn Any + Send + 'static)>) + Send + 'static,
    {
        self.user_data_wrapper().on_key_soft_limit = Some(Box::new(f))
    }
}

impl StreamPolicy<'_> {
    fn sys_policy(&self) -> Result<sys::srtp_policy_t> {
        let mut policy: sys::srtp_policy_t = unsafe { MaybeUninit::zeroed().assume_init() };

        policy.ssrc.type_ = sys::srtp_ssrc_type_t_ssrc_undefined;
        policy.rtp = self.rtp.into_raw();
        policy.rtcp = self.rtcp.into_raw();

        let key_length =
            std::cmp::max(policy.rtp.cipher_key_len, policy.rtcp.cipher_key_len) as usize;
        if self.key.len() < key_length {
            error!(
                "StreamPolicy key is too short, required: {}, provided: {}",
                key_length,
                self.key.len(),
            );
            return Err(Error::BAD_PARAM);
        }

        policy.key = self.key.as_ptr() as *mut u8;
        policy.window_size = self.window_size;
        policy.allow_repeat_tx = if self.allow_repeat_tx { 1 } else { 0 };
        policy.enc_xtn_hdr = if self.encrypt_extension_headers.is_empty() {
            ptr::null_mut()
        } else {
            self.encrypt_extension_headers.as_ptr() as *mut i32
        };
        policy.enc_xtn_hdr_count = match self.encrypt_extension_headers.len().try_into() {
            Ok(len) => len,
            Err(err) => {
                error!(
                    "Cannot convert the length of the `enc_xtn_hdr_count` into c_int: {}",
                    err
                );
                return Err(Error::BAD_PARAM);
            }
        };

        Ok(policy)
    }

    fn sys_policy_ssrc(&self, ssrc: u32) -> Result<sys::srtp_policy_t> {
        let mut policy = self.sys_policy()?;
        policy.ssrc.type_ = sys::srtp_ssrc_type_t_ssrc_specific;
        policy.ssrc.value = ssrc;
        Ok(policy)
    }
}

impl UserDataWrapper {
    pub(crate) fn event_handler(&mut self, kind: sys::srtp_event_t) -> &mut EventHandler {
        match kind {
            sys::srtp_event_t_event_ssrc_collision => &mut self.on_ssrc_collision,
            sys::srtp_event_t_event_key_hard_limit => &mut self.on_key_hard_limit,
            sys::srtp_event_t_event_key_soft_limit => &mut self.on_key_soft_limit,
            _ => unreachable!(),
        }
    }
}

impl fmt::Debug for Session {
    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
        f.write_str("Session { .. }")
    }
}

impl fmt::Debug for SessionRef {
    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
        f.write_str("SessionRef { .. }")
    }
}