RuhNetConsulting
/
rtpengine
mirror of https://github.com/sipwise/rtpengine
1
1
Fork 0
Code Issues 0 Projects 0 Releases 822 Wiki Activity
Browse Source

dump DTLS cert and keys

pull/101/head
Richard Fuchs 11 years ago
parent
a81588e313
commit
37d98ad3ed
3 changed files with 76 additions and 0 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +22
    -0
      daemon/crypto.c
  2. +4
    -0
      daemon/crypto.h
  3. +50
    -0
      daemon/dtls.c

+ 22
- 0
daemon/crypto.c View File

@ -550,3 +550,25 @@ static int null_crypt_rtp(struct crypto_context *c, struct rtp_header *r, str *s
static int null_crypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, u_int64_t idx) {
return 0;
}
static void dump_key(struct crypto_context *c) {
char *k, *s;
k = g_base64_encode(c->params.master_key, c->params.crypto_suite->master_key_len);
s = g_base64_encode(c->params.master_salt, c->params.crypto_suite->master_salt_len);
ilog(LOG_DEBUG, "--- %s key %s salt %s", c->params.crypto_suite->name, k, s);
g_free(k);
g_free(s);
}
void crypto_dump_keys(struct crypto_context *in, struct crypto_context *out) {
if (get_log_level() < LOG_DEBUG)
return;
ilog(LOG_DEBUG, "SRTP keys, incoming:");
dump_key(in);
ilog(LOG_DEBUG, "SRTP keys, outgoing:");
dump_key(out);
}

+ 4
- 0
daemon/crypto.h View File

@ -92,6 +92,10 @@ extern const int num_crypto_suites;
const struct crypto_suite *crypto_find_suite(const str *);
int crypto_gen_session_key(struct crypto_context *, str *, unsigned char, int);
void crypto_dump_keys(struct crypto_context *in, struct crypto_context *out);
INLINE int crypto_encrypt_rtp(struct crypto_context *c, struct rtp_header *rtp,
str *payload, u_int64_t index)


+ 50
- 0
daemon/dtls.c View File

@ -112,6 +112,52 @@ static void cert_free(void *p) {
X509_free(cert->x509);
}
static void buf_dump_free(char *buf, size_t len) {
char *p, *f;
int llen;
p = buf;
while (len) {
f = memchr(p, '\n', len);
if (f)
llen = f - p;
else
llen = len;
ilog(LOG_DEBUG, "--- %.*s", llen, p);
len -= llen + 1;
p = f + 1;
}
free(buf);
}
static void dump_cert(struct dtls_cert *cert) {
FILE *fp;
char *buf;
size_t len;
if (get_log_level() < LOG_DEBUG)
return;
/* cert */
fp = open_memstream(&buf, &len);
PEM_write_X509(fp, cert->x509);
fclose(fp);
ilog(LOG_DEBUG, "Dump of DTLS certificate:");
buf_dump_free(buf, len);
/* key */
fp = open_memstream(&buf, &len);
PEM_write_PrivateKey(fp, cert->pkey, NULL, NULL, 0, 0, NULL);
fclose(fp);
ilog(LOG_DEBUG, "Dump of DTLS private key:");
buf_dump_free(buf, len);
}
static int cert_init() {
X509 *x509 = NULL;
EVP_PKEY *pkey = NULL;
@ -202,6 +248,8 @@ static int cert_init() {
new_cert->pkey = pkey;
new_cert->expires = time(NULL) + CERT_EXPIRY_TIME;
dump_cert(new_cert);
/* swap out certs */
rwlock_lock_w(&__dtls_cert_lock);
@ -567,6 +615,8 @@ found:
crypto_init(&ps->sfd->crypto, &client);
}
crypto_dump_keys(&ps->crypto, &ps->sfd->crypto);
return 0;
error:


Write Preview
Loading…
Cancel
Save