From 424da308302bef604844d3110a39f2f03bf5358e Mon Sep 17 00:00:00 2001
From: Martin Storsjö <martin@martin.st>
Date: Sat, 20 Oct 2012 23:18:01 +0300
Subject: rtsp: Support decryption of SRTP signalled via RFC 4568 (SDES)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This only takes care of decrypting incoming packets; the outgoing
RTCP packets are not encrypted. This is enough for some use cases,
and signalling crypto keys for use with outgoing RTCP packets
doesn't fit as simply into the API. If the SDP demuxer is hooked
up with custom IO, the return packets can be encrypted e.g. via the
SRTP protocol.

If the SRTP keys aren't available within the SDP, the decryption
can be handled externally as well (when using custom IO).

Signed-off-by: Martin Storsjö <martin@martin.st>
---
 libavformat/rtpdec.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

(limited to 'libavformat/rtpdec.c')

diff --git a/libavformat/rtpdec.c b/libavformat/rtpdec.c
index 73d02069ea..e052ee6f33 100644
--- a/libavformat/rtpdec.c
+++ b/libavformat/rtpdec.c
@@ -26,6 +26,7 @@
 #include "avformat.h"
 #include "mpegts.h"
 #include "network.h"
+#include "srtp.h"
 #include "url.h"
 #include "rtpdec.h"
 #include "rtpdec_formats.h"
@@ -543,6 +544,13 @@ void ff_rtp_parse_set_dynamic_protocol(RTPDemuxContext *s, PayloadContext *ctx,
     s->handler                  = handler;
 }
 
+void ff_rtp_parse_set_crypto(RTPDemuxContext *s, const char *suite,
+                             const char *params)
+{
+    if (!ff_srtp_set_crypto(&s->srtp, suite, params))
+        s->srtp_enabled = 1;
+}
+
 /**
  * This was the second switch in rtp_parse packet.
  * Normalizes time, if required, sets stream_index, etc.
@@ -876,7 +884,10 @@ static int rtp_parse_one_packet(RTPDemuxContext *s, AVPacket *pkt,
 int ff_rtp_parse_packet(RTPDemuxContext *s, AVPacket *pkt,
                         uint8_t **bufptr, int len)
 {
-    int rv = rtp_parse_one_packet(s, pkt, bufptr, len);
+    int rv;
+    if (s->srtp_enabled && bufptr && ff_srtp_decrypt(&s->srtp, *bufptr, &len) < 0)
+        return -1;
+    rv = rtp_parse_one_packet(s, pkt, bufptr, len);
     s->prev_ret = rv;
     while (rv == AVERROR(EAGAIN) && has_next_packet(s))
         rv = rtp_parse_queued_packet(s, pkt);
@@ -889,6 +900,7 @@ void ff_rtp_parse_close(RTPDemuxContext *s)
     if (!strcmp(ff_rtp_enc_name(s->payload_type), "MP2T")) {
         ff_mpegts_parse_close(s->ts);
     }
+    ff_srtp_free(&s->srtp);
     av_free(s);
 }
 
-- 
cgit v1.2.3