xref: /webrtc/srtp/src/context/srtp.rs (revision ffe74184) 
1 use super::*;
2 use crate::error::Result;
3 use util::marshal::*;
4 
5 use bytes::Bytes;
6 
7 impl Context {
decrypt_rtp_with_header( &mut self, encrypted: &[u8], header: &rtp::header::Header, ) -> Result<Bytes>8     pub fn decrypt_rtp_with_header(
9         &mut self,
10         encrypted: &[u8],
11         header: &rtp::header::Header,
12     ) -> Result<Bytes> {
13         let roc;
14         {
15             if let Some(state) = self.get_srtp_ssrc_state(header.ssrc) {
16                 if let Some(replay_detector) = &mut state.replay_detector {
17                     if !replay_detector.check(header.sequence_number as u64) {
18                         return Err(Error::SrtpSsrcDuplicated(
19                             header.ssrc,
20                             header.sequence_number,
21                         ));
22                     }
23                 }
24 
25                 roc = state.next_rollover_count(header.sequence_number);
26             } else {
27                 return Err(Error::SsrcMissingFromSrtp(header.ssrc));
28             }
29         }
30 
31         let dst = self.cipher.decrypt_rtp(encrypted, header, roc)?;
32         {
33             if let Some(state) = self.get_srtp_ssrc_state(header.ssrc) {
34                 if let Some(replay_detector) = &mut state.replay_detector {
35                     replay_detector.accept();
36                 }
37                 state.update_rollover_count(header.sequence_number);
38             }
39         }
40 
41         Ok(dst)
42     }
43 
44     /// DecryptRTP decrypts a RTP packet with an encrypted payload
decrypt_rtp(&mut self, encrypted: &[u8]) -> Result<Bytes>45     pub fn decrypt_rtp(&mut self, encrypted: &[u8]) -> Result<Bytes> {
46         let mut buf = encrypted;
47         let header = rtp::header::Header::unmarshal(&mut buf)?;
48         self.decrypt_rtp_with_header(encrypted, &header)
49     }
50 
encrypt_rtp_with_header( &mut self, plaintext: &[u8], header: &rtp::header::Header, ) -> Result<Bytes>51     pub fn encrypt_rtp_with_header(
52         &mut self,
53         plaintext: &[u8],
54         header: &rtp::header::Header,
55     ) -> Result<Bytes> {
56         let roc;
57         {
58             if let Some(state) = self.get_srtp_ssrc_state(header.ssrc) {
59                 roc = state.next_rollover_count(header.sequence_number);
60             } else {
61                 return Err(Error::SsrcMissingFromSrtp(header.ssrc));
62             }
63         }
64 
65         let dst = self
66             .cipher
67             .encrypt_rtp(&plaintext[header.marshal_size()..], header, roc)?;
68 
69         {
70             if let Some(state) = self.get_srtp_ssrc_state(header.ssrc) {
71                 state.update_rollover_count(header.sequence_number);
72             }
73         }
74 
75         Ok(dst)
76     }
77 
78     /// EncryptRTP marshals and encrypts an RTP packet, writing to the dst buffer provided.
79     /// If the dst buffer does not have the capacity to hold `len(plaintext) + 10` bytes, a new one will be allocated and returned.
encrypt_rtp(&mut self, plaintext: &[u8]) -> Result<Bytes>80     pub fn encrypt_rtp(&mut self, plaintext: &[u8]) -> Result<Bytes> {
81         let mut buf = plaintext;
82         let header = rtp::header::Header::unmarshal(&mut buf)?;
83         self.encrypt_rtp_with_header(plaintext, &header)
84     }
85 }
86