Integrity Transform Carrying Roll-Over Counter for SRTP
Once debugged, it should provide a simple way to synchronize live
(multicast...) secure streams.
Uses libgcrypt, as we have it in our deps/contrib already for GnuTLS.
This could be used in both "UDP"[1] access and access output plugins,
though they should really be called "RTP" instead nowadays.
Done:
- AES(-128) Counter Mode key derivation and RTP en-/decryption
- test vectors for AES-CM
- NULL cipher (with the *_UNENCRYPTED flags) - untested
To do (missing mandatory features):
- RTCP en-/decryption
- HMAC-SHA1 authentication
- replay attack protection
Also to probably do:
- integrate with udp access and access output plugins
- integrate with RTSP server (err, I won't do that myself)
- support for Transform Carrying ROC for SRTP (RFC4771)
so we can use it easily for multicast streaming