how to link with libsrt-1.5.3 to openssl through cryptodev .on imx6 target board srtp encription using camm .

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

how to link with libsrt-1.5.3 to openssl through cryptodev .on imx6 target board srtp encription using camm .

3,073 Views
veeranjaneyulug
Contributor III

Hi

we compiled libsrtp-1.5.3 source by using yocto set-up cross tool chain . and configure the source and created libsrtp.so* using  below commands

$source /opt/pokt/cross tool-chain

$./configure --host=arm-poky-linux-gnueabi --enable-openssl

$make shared_library

and then libsrtp.so copied into yocto setup build directory tmp/sysroot/machin-name/usr/lib  path.

then compile gstreamer1.0-plugins-bad with bitbake and added libgstsrtp.so related stuff in gstreamer1.0-plugins-bad/version/build/ext/srtp.Those paths Makefiles updated/enabled srtp related things(SRTP_HAVE=srtp,SRTP_LIB=lsrtp,SRTP_DIR=srtp flages enabled in Makefile) in gstreamer1.0-plugins-bad source.finally we got libgstsrtp.so* copied into rootfs /usr/lib/gstreamer-1.0 path ,libsrtp.so copied into sdcard path is usr/lib path.

cryptodev :

cryptodev.ko we copied into sdcard path is lib/modules/<kernle version>/extra/cryptodev.ko

on target board

$lsmod

$insmod/modprobe cryptodev.ko

$openssl aes-128-cbc -engine cryptodev -in t.txt out t.data

through openssl encryption/decryption is working  and then how to run libsrtp to openssl or srtp .with caam module .can you any body help me.

$test-video

Then we run above gstreamer1.0-rtsp-server binary test-video run on target board.client side we run rtsprc udp command and piplines we run client side .In wireshark we didnt get srtp packet we got rtp and rtsp.

Awaiting for your valuable reply .

Thanks & Regards

veeranjaneyulu

5 Replies

2,249 Views
tutran
Contributor I

Hi,

I also enable srtpenc with openssl using libsrtp.

My problem happend when I tried to use AES256 instead of AES128 from the streaming server.

From pc side I run

gst-launch-1.0 rtspsrc location=rtsps://192.168.0.2:8554/test tls-validation-flags=generic-error user-id=user user-pw=password ! decodebin ! autovideosink

I found that rtcp signals send from client to server is using AES128, and the signal send from server to client is encrypted with AES256 already.

Is there any configuration for the pipeline from client side so that it uses AES256 too?

I found the features of srtpenc plugin, it already support AES256 but the default is AES128.

0 Kudos
Reply

2,249 Views
Yuri
NXP Employee
NXP Employee

Hello,

  In order to use OpenSSL engine, some changes should be provided in libsrtp.

Hope the following helps.

libsrtp / Mailing Lists


Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

2,249 Views
veeranjaneyulug
Contributor III

Hi Yuri,

Thanks for your reply.

In place of libsrtp we used librtmp .But we compiled and generated librtmp.so ,libgstrmp.so.How to add opessl hardware engine  support in librtmp source code ?

we are using linux kernel version 3.14.28 with yocto setup gstreamer1.0 series plugins .Any body have tried with rtmp .

Thanks & Regards

veeranjaneyulu

0 Kudos
Reply

2,249 Views
Yuri
NXP Employee
NXP Employee

Hello,

I am not sure if librtmp uses Linux cryptoAPI.

Regards,

Yuri.

0 Kudos
Reply

2,249 Views
veeranjaneyulug
Contributor III

Hi yuri

Thanks for your reply .

we followed libsrtp/Mailing Lists added in libsrtp-1.5.3/crypto/cipher/aes_icm_ossl.c file added cryptodev engine support and in openssl source we applied patch for openssl/crypto/engine/eng_cryptodev.c file for aes_128_ctr mode stuff patch applied  and then streaming happened but on target we run gstreamer-rtsp-server application test-video on target board.

From pc side we run

gst-launch-1.0 rtspsrc location=rtsps://192.168.0.2:8554/test tls-validation-flags=generic-error user-id=user user-pw=password ! decodebin ! autovideosink

but continuously streaming but on target we got below error

cryptodev_digest_init: Open session failed

cryptodev_digest_update: illegal inputs

cryptodev_digest_final: illegal input

cryptodev_digest_cleanup: illegal input

but continuosly streaming but we dont know wheather hardware encryption is working or not .

we are getting digest value as 14. but still above error.

Can you any body guide me .please

Thanks & Regards

veeranjaneyulu

0 Kudos
Reply