TT#79900 add SDES=lifetime option

closes #966

Change-Id: I462dabffb5c00387ab1b91cabf3fcb2be998f76e

README.md

@@ -732,10 +732,8 @@ Optionally included keys are:
 
 	- `pad crypto`
 
-		RFC 4568 (section 6.1) is somewhat ambiguous regarding the base64 encoding format of
-		`a=crypto` parameters added to an SDP body. The default interpretation is that trailing
-		`=` characters used for padding should be omitted. With this flag set, these padding
-		characters will be left in place.
+		Legacy alias to SDES=pad.
+
 
 	- `generate mid`
 
@@ -931,6 +929,17 @@ Optionally included keys are:
 		offer, it will be removed and will be missing in the outgoing offer; and if a given crypto
 		suite was not present in the received offer, it will not be added to it.
 
+	- `pad`
+
+		RFC 4568 (section 6.1) is somewhat ambiguous regarding the base64 encoding format of
+		`a=crypto` parameters added to an SDP body. The default interpretation is that trailing
+		`=` characters used for padding should be omitted. With this flag set, these padding
+		characters will be left in place.
+
+	- `lifetime`
+
+		Add the key lifetime parameter `2^31` to each crypto key.
+
 * `record call`
 
 	Contains one of the strings `yes`, `no`, `on` or `off`. This tells the rtpengine

daemon/call_interfaces.c

@@ -541,6 +541,9 @@ INLINE void ng_sdes_option(struct sdp_ng_flags *out, str *s, void *dummy) {
 		case CSH_LOOKUP("AUTHENTICATED_SRTP"):
 			out->sdes_authenticated_srtp = 1;
 			break;
+		case CSH_LOOKUP("lifetime"):
+			out->sdes_lifetime = 1;
+			break;
 		default:
 			ilog(LOG_WARN, "Unknown 'SDES' flag encountered: '"STR_FORMAT"'",
 					STR_FMT(s));
@@ -790,7 +793,7 @@ static void call_ng_flags_flags(struct sdp_ng_flags *out, str *s, void *dummy) {
 			out->inject_dtmf = 1;
 			break;
 		case CSH_LOOKUP("pad-crypto"):
-			out->pad_crypto = 1;
+			out->sdes_pad = 1;
 			break;
 		default:
 			// handle values aliases from other dictionaries

daemon/sdp.c

@@ -2187,7 +2187,7 @@ static void insert_crypto1(struct call_media *media, struct sdp_chopper *chop, s
 			p, &state, &save);
 	p += g_base64_encode_close(0, p, &state, &save);
 
-	if (!flags->pad_crypto) {
+	if (!flags->sdes_pad) {
 		// truncate trailing ==
 		while (p > b64_buf && p[-1] == '=')
 			p--;
@@ -2198,6 +2198,8 @@ static void insert_crypto1(struct call_media *media, struct sdp_chopper *chop, s
 	chopper_append_c(chop, cps->params.crypto_suite->name);
 	chopper_append_c(chop, " inline:");
 	chopper_append(chop, b64_buf, p - b64_buf);
+	if (flags->sdes_lifetime)
+		chopper_append_c(chop, "|2^31");
 	if (cps->params.mki_len) {
 		ull = 0;
 		for (i = 0; i < cps->params.mki_len && i < sizeof(ull); i++)

include/call_interfaces.h

@@ -96,7 +96,8 @@ struct sdp_ng_flags {
 	    sdes_encrypted_srtp:1,
 	    sdes_encrypted_srtcp:1,
 	    sdes_authenticated_srtp:1,
-	    pad_crypto:1;
+	    sdes_lifetime:1,
+	    sdes_pad:1;
 };
 
 

t/auto-daemon-tests.pl

@@ -18,6 +18,45 @@ my ($sock_a, $sock_b, $port_a, $port_b, $ssrc, $resp, $srtp_ctx_a, $srtp_ctx_b,
 
 
 
+# SDES key lifetime
+
+new_call();
+
+offer('gh 966', { ICE => 'remove', 'transport-protocol' => 'RTP/SAVP', SDES => ['lifetime'],
+	DTLS => 'off' }, <<SDP);
+v=0
+o=- 1822058533 1822058533 IN IP4 1.2.3.4
+s=Asterisk
+c=IN IP4 1.2.3.4
+t=0 0
+m=audio 27998 RTP/AVP 96
+a=rtpmap:96 opus/48000/2
+----------------------------------
+v=0
+o=- 1822058533 1822058533 IN IP4 1.2.3.4
+s=Asterisk
+c=IN IP4 203.0.113.1
+t=0 0
+m=audio PORT RTP/SAVP 96
+a=rtpmap:96 opus/48000/2
+a=sendrecv
+a=rtcp:PORT
+a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:CRYPTO128|2^31
+a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:CRYPTO128|2^31
+a=crypto:3 AES_192_CM_HMAC_SHA1_80 inline:CRYPTO192|2^31
+a=crypto:4 AES_192_CM_HMAC_SHA1_32 inline:CRYPTO192|2^31
+a=crypto:5 AES_256_CM_HMAC_SHA1_80 inline:CRYPTO256|2^31
+a=crypto:6 AES_256_CM_HMAC_SHA1_32 inline:CRYPTO256|2^31
+a=crypto:7 F8_128_HMAC_SHA1_80 inline:CRYPTO128|2^31
+a=crypto:8 F8_128_HMAC_SHA1_32 inline:CRYPTO128|2^31
+a=crypto:9 NULL_HMAC_SHA1_80 inline:CRYPTO128|2^31
+a=crypto:10 NULL_HMAC_SHA1_32 inline:CRYPTO128|2^31
+SDP
+
+
+
+
+
 # PT collisions (GH 963)
 
 new_call();