mirror of
https://github.com/espressif/esp-protocols.git
synced 2026-07-05 16:10:46 +02:00
e5997168d9
Adds libsrtp — an ESP-IDF wrapper around cisco/libsrtp pinned at v2.8.0
(commit 24b3bf8). Crypto routes through ESP-IDF's mbedTLS, so AES
protect/unprotect goes through the chip's on-chip AES peripheral by
default (CONFIG_MBEDTLS_HARDWARE_AES=y on esp32 / s2 / s3 / c3 / c5 /
c6 / p4). Pairs with libwebsockets and (upcoming) usrsctp for the
WebRTC transport stack.
The wrapper bundles cisco/libsrtp as a git submodule and compiles its
sources directly into the IDF component archive — no internal libsrtp2.a
dance. One small port-side delta in port/crypto_kernel.c opts out of
the AES-ICM-192 cipher registration when GCM is enabled (saves binary
size; AES-CM-128 + AES-GCM cover all WebRTC SRTP suites in use).
Naming + version follow cisco's release line. Component is named
'libsrtp' (registry: espressif/libsrtp) tracking whichever 2.x release
is current upstream — v2.8.0 today. The IDF version constraint
(>=5.4,<6) reflects the fact that libsrtp v2.x's mbedTLS adapters
predate the mbedTLS 4 / TF-PSA-Crypto split shipped by IDF v6; bump
when the component tracks a release that speaks mbedTLS 4.
Supported SRTP profiles via the mbedTLS backend:
AEAD: AEAD_AES_128_GCM, AEAD_AES_256_GCM
SRTP: AES_CM_128_HMAC_SHA1_80, AES_CM_128_HMAC_SHA1_32
Tests included:
test_apps/ — embedded Unity smoke (esp32 + esp32c3 via
.build-test-rules)
host_test/ — IDF Linux-target binary, AES-GCM-128 protect/
unprotect roundtrip; aborts on the first libsrtp
failure with EXPECT() for boolean assertions
examples/get_started/ — minimal init/shutdown sanity app
License: Apache-2.0 (port glue) AND BSD-3-Clause (bundled cisco/libsrtp).
(Previously prepared as espressif/idf-extra-components#753; relocated to
esp-protocols where it naturally sits alongside libwebsockets and the
other transport-stack components.)