xref: /webrtc/srtp/src/cipher/mod.rs (revision ffe74184) 
1 pub mod cipher_aead_aes_gcm;
2 pub mod cipher_aes_cm_hmac_sha1;
3 
4 use bytes::Bytes;
5 
6 use crate::error::Result;
7 
8 ///NOTE: Auth tag and AEAD auth tag are placed at the different position in SRTCP
9 ///
10 ///In non-AEAD cipher, the authentication tag is placed *after* the ESRTCP word
11 ///(Encrypted-flag and SRTCP index).
12 ///
13 ///> AES_128_CM_HMAC_SHA1_80
14 ///> | RTCP Header | Encrypted payload |E| SRTCP Index | Auth tag |
15 ///>                                   ^               |----------|
16 ///>                                   |                ^
17 ///>                                   |                authTagLen=10
18 ///>                                   aeadAuthTagLen=0
19 ///
20 ///In AEAD cipher, the AEAD authentication tag is embedded in the ciphertext.
21 ///It is *before* the ESRTCP word (Encrypted-flag and SRTCP index).
22 ///
23 ///> AEAD_AES_128_GCM
24 ///> | RTCP Header | Encrypted payload | AEAD auth tag |E| SRTCP Index |
25 ///>                                   |---------------|               ^
26 ///>                                    ^                              authTagLen=0
27 ///>                                    aeadAuthTagLen=16
28 ///
29 ///See https://tools.ietf.org/html/rfc7714 for the full specifications.
30 
31 /// Cipher represents a implementation of one
32 /// of the SRTP Specific ciphers.
33 pub(crate) trait Cipher {
34     /// Get authenticated tag length.
auth_tag_len(&self) -> usize35     fn auth_tag_len(&self) -> usize;
36 
37     /// Retrieved RTCP index.
get_rtcp_index(&self, input: &[u8]) -> usize38     fn get_rtcp_index(&self, input: &[u8]) -> usize;
39 
40     /// Encrypt RTP payload.
encrypt_rtp( &mut self, payload: &[u8], header: &rtp::header::Header, roc: u32, ) -> Result<Bytes>41     fn encrypt_rtp(
42         &mut self,
43         payload: &[u8],
44         header: &rtp::header::Header,
45         roc: u32,
46     ) -> Result<Bytes>;
47 
48     /// Decrypt RTP payload.
decrypt_rtp( &mut self, payload: &[u8], header: &rtp::header::Header, roc: u32, ) -> Result<Bytes>49     fn decrypt_rtp(
50         &mut self,
51         payload: &[u8],
52         header: &rtp::header::Header,
53         roc: u32,
54     ) -> Result<Bytes>;
55 
56     /// Encrypt RTCP payload.
encrypt_rtcp(&mut self, payload: &[u8], srtcp_index: usize, ssrc: u32) -> Result<Bytes>57     fn encrypt_rtcp(&mut self, payload: &[u8], srtcp_index: usize, ssrc: u32) -> Result<Bytes>;
58 
59     /// Decrypt RTCP payload.
decrypt_rtcp(&mut self, payload: &[u8], srtcp_index: usize, ssrc: u32) -> Result<Bytes>60     fn decrypt_rtcp(&mut self, payload: &[u8], srtcp_index: usize, ssrc: u32) -> Result<Bytes>;
61 }
62