[jitsi-dev] [jitsi/libjitsi] Rework encryption / openssl offloading (testing) (#127)


#1

This PR merges PR#97 and adds commit with recompiled binaries and ant target used to compile them. Creates a PR to further test the functionality.
You can view, comment on, or merge this pull request online at:

  https://github.com/jitsi/libjitsi/pull/127

-- Commit Summary --

  * Remove OpenSSLDigest
  * Fix OpenSSLHMAC with recent libcrypto
  * Fix HMAC.c include
  * Don't export HMAC_CTX_cleanup() in jnopenssl lib
  * Improve SRTPCipherF8.processBlock a bit
  * Rework SRTPCipherF8 to hide the BlockCipher into it
  * Add arguments checks to SRTPCipherF8
  * Rework SRTPCipherCTR to hide CipherBlock and getCipherStream
  * Rewite SRTPCipherCTR.process
  * Add arguments checks to SRTPCipherCTR
  * Make SRTPCipherCTR an abstract class and
  * Update SRTPCipherCTRJava JavaDoc
  * Introduce OpenSSLWrapperLoader and use it
  * Add SRTPCipherCTROpenSSL, use it by default if available
  * Drop OpenSSLBlockCipher, we now have SRTPCipherCTROpenSSL
  * Add unit tests for SRTPCipherCTR
  * Add unit tests for SRTPCipherF8
  * Logs a message whenever a packet arrives less than 10ms after its
  * Adds another method for getting the current sending bitrate for a MediaStream.
  * Added a configuration parameter to enable/disable VBR mode in Opus codec.
  * Uses RTPPacketPredicate.
  * Create the abs-send-time engine for audio streams, too.
  * Adds the abs-sent-time RTP header extension to RTP packets which don't have it.
  * Reuses a RawPacket's buffer when adding a header extension, if the length permits.
  * Use SecureRandom instead of ZrtpFortuna in DtlsControlImpl
  * Cache RSA keypair for 24h in DtlsControlImpl
  * Adds a final on a filed. Fixes formatting (to what I only suppose is the correct indentation).
  * Formatting fix.
  * Addresses comments by @lyubomir.
  * Closes #cachingTransformer on MediaStreamImpl#close(), fixing a leak
  * Moves RecurringProcessible(Executor) from a private/impl package to a public org.jitsi.util.concurrent (as suggested by Boris Grozev).
  * Allows MediaStream#setTarget() to be called before MediaStream#setConnector().
  * jitsi/ice4j commit 41ca35476e5aed5cefc6e9f5053e3d26b2d4ff2b: Merge pull request #53 from jitsi/muxserversocketchannel-abandoned-cleanup
  * Fixes the class name used for the logger in AbsSendTimeEngine.
  * Performs checks to make sure that the calculated RTP header length
  * Handles exceptions while parsing the audio level extension.
  * Catches exception in the RTPConnector receive thread.
  * Catches exceptions in the RTPConnector send thread.
  * Fixes javadocs. Applies manual formatting for the sake of readability.
  * Use SecureRandom instead of ZrtpFortuna in ZRTPTransformEngine
  * Use SecureRandom instead of ZrtpFortuna in SDesControlImpl
  * Also cache certificate and fingerprint in DtlsControlImpl
  * Fixes a warning about an unused import.
  * Adds the MonotonicAtomicLong utility class.
  * Clarifies javadocs. Manually formats.
  * Fixes typos in comments.
  * Reorganize certificate-related caching fields for (possibly subjective) readability.
  * Adds log for empty targets list
  * Fixes warnings (raised by IntelliJ IDEA).
  * Adds RawPacketQueue.
  * Adds QueueStatistics to some of our packet queues.
  * Uses RateStatistics from ice4j.
  * Expands the use of CertificateInfo outside of DtlsControlImpl in preparation for addressing FIXMEs.
  * Adds a missing header.
  * Minor fixes in logging.
  * Adds JavaDoc.
  * Adapts to ice4j changes.
  * Check the packet length before trying to rewrite the sequence number.
  * Collects multiple properties of DtlsControlImpl into a class/structure for easy sharing with DtlsTransformEngine and DtlsPacketTransformer (in sight of early DTLS support).
  * Moves 'user' support from DtlsControlImpl to AbstractSrtpControl.
  * Uses ice4j 1.0-20160323.233049-19.
  * Adds a missing javadoc.
  * Re-introduces RTP timestamp uplifting.
  * Catches ArrayIndexOutOfBoundsException in isKeyFrame.
  * Adds parentheses.
  * Logs a warning if isKeyFrame caught an exception.
  * Fixes incorrect offset which causes DTLS records in a flight to be sent separately.
  * Increases the default packet queue size to 1024.
  * Use ice4j 1.0-20160325.181044-20.
  * Adds a getter for a field with only a setter.
  * Improves javadocs.
  * Logs a warning upon encountering an unknown DTLS handshake message type. (Suggested by Boris Grozev.)
  * Fixes a NullPointerException. (Reported by Damyan Minkov.)
  * Adds a constant for RTX.
  * Prints more information in some debug messages.
  * RawPacket: only grow internal buffer when really needed
  * Use constant time comparison to check authentication tag
  * Try to only pull out the correct packets from the DTLS queue by matching by SSRC and PT.
  * Clears the whole queue if it isn't empty after 3s.
  * Attempts to fix frequent short freezes.
  * Adds more tracing information.
  * Fix javadocs and comments.
  * Manually format for consistency.
  * Remove duplication.
  * Reduce assignments and field reads
  * Call SecureRandom early
  * Remove ZrtpFortunaEntropyGatherer
  * Rewrite source code and comments for readability
  * Merge branch 'master' into champtar-openssl2. Merge pull request #97 from champtar/openssl2.
  * Rebuilds jnopenssl with latest changes. Adds ant target to build the binary.

-- File Changes --

    M build.xml (11)
    M lib/native/linux-x86-64/libjnopenssl.so (0)
    M lib/native/linux-x86/libjnopenssl.so (0)
    M src/native/build.xml (29)
    D src/native/openssl/BlockCipher.c (303)
    D src/native/openssl/BlockCipher.h (101)
    D src/native/openssl/Digest.c (151)
    D src/native/openssl/Digest.h (77)
    M src/native/openssl/HMAC.c (14)
    M src/native/openssl/HMAC.h (8)
    A src/native/openssl/OpenSSLWrapperLoader.c (35)
    A src/native/openssl/OpenSSLWrapperLoader.h (21)
    A src/native/openssl/SRTPCipherCTROpenSSL.c (108)
    A src/native/openssl/SRTPCipherCTROpenSSL.h (45)
    M src/org/jitsi/impl/neomedia/transform/srtp/AES.java (20)
    M src/org/jitsi/impl/neomedia/transform/srtp/BaseSRTPCryptoContext.java (34)
    M src/org/jitsi/impl/neomedia/transform/srtp/CryptoBenchmark.java (7)
    M src/org/jitsi/impl/neomedia/transform/srtp/HMACSHA1.java (55)
    D src/org/jitsi/impl/neomedia/transform/srtp/NIOBlockCipher.java (51)
    D src/org/jitsi/impl/neomedia/transform/srtp/OpenSSLBlockCipher.java (390)
    D src/org/jitsi/impl/neomedia/transform/srtp/OpenSSLDigest.java (323)
    M src/org/jitsi/impl/neomedia/transform/srtp/OpenSSLHMAC.java (146)
    A src/org/jitsi/impl/neomedia/transform/srtp/OpenSSLWrapperLoader.java (65)
    D src/org/jitsi/impl/neomedia/transform/srtp/SHA1.java (87)
    M src/org/jitsi/impl/neomedia/transform/srtp/SRTCPCryptoContext.java (31)
    M src/org/jitsi/impl/neomedia/transform/srtp/SRTPCipherCTR.java (131)
    A src/org/jitsi/impl/neomedia/transform/srtp/SRTPCipherCTRJava.java (92)
    A src/org/jitsi/impl/neomedia/transform/srtp/SRTPCipherCTROpenSSL.java (102)
    M src/org/jitsi/impl/neomedia/transform/srtp/SRTPCipherF8.java (119)
    M src/org/jitsi/impl/neomedia/transform/srtp/SRTPCryptoContext.java (31)
    A test/org/jitsi/impl/neomedia/transform/srtp/SRTPCipherCTRTest.java (66)
    A test/org/jitsi/impl/neomedia/transform/srtp/SRTPCipherF8Test.java (68)

-- Patch Links --

https://github.com/jitsi/libjitsi/pull/127.patch
https://github.com/jitsi/libjitsi/pull/127.diff

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/127


#2

Merged #127.

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/127#event-614685426