feat(srtp): add AES CM 256 crypto profiles #764
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This PR adds `Aes256CmHmacSha1_80` and `Aes256CmHmacSha1_32` protection profiles. They're defined in [RFC6188](https://datatracker.ietf.org/doc/html/rfc6188). I didn't implement a new struct for handling them, but extended `CipherAesCmHmacSha1` to not only support AES CM 128.
RRRadicalEdward
commented
Dec 21, 2025
| #[default] | ||
| Aes128CmHmacSha1_80 = 0x0001, | ||
| Aes128CmHmacSha1_32 = 0x0002, | ||
| Aes256CmHmacSha1_80 = 0x0003, |
Contributor
Author
There was a problem hiding this comment.
Aes256CmHmacSha1_80 and Aes256CmHmacSha1_32 don't have IANA-assigned IDs. I found this note in the Pion implementation, and assigned the same IDs they have for the items.
RRRadicalEdward
commented
Dec 21, 2025
| assert_eq!(profile.key_len(), AES::key_size()); | ||
| assert_eq!(profile.salt_len(), master_salt.len()); | ||
|
|
||
| type Kdf = fn(u8, &[u8], &[u8], usize, usize) -> Result<Vec<u8>>; |
Contributor
Author
There was a problem hiding this comment.
I moved this type to srtp/src/mod.rs, because I found myself doing the same in my implementation. So instead of code duplication, I reused this type.
RRRadicalEdward
commented
Dec 21, 2025
| } | ||
|
|
||
| #[test] | ||
| fn test_encrypt_aes_256_cm_rtp() { |
Contributor
Author
There was a problem hiding this comment.
I don't know how many tests are needed. Let me know if it's not enough. I think I could work on providing more if needed 😄
rainliu
approved these changes
Dec 21, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds
Aes256CmHmacSha1_80andAes256CmHmacSha1_32protection profiles. They're defined in RFC6188. I didn't implement a new struct for handling them, but extendedCipherAesCmHmacSha1to not only support AES CM 128.