Proposal to add support for RFC 7714 SRTP with AES-GCM

doc/Streaming.xml

@@ -235,8 +235,7 @@
     <para>IETF RFC 2435, RFC2435 - RTP Payload Format for JPEG-compressed Video</para>
     <para role="reference">&lt;<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.ietf.org/rfc/rfc2435.txt"></link>&gt;</para>
     <para>IETF RFC 3016, RTP Payload Format for MPEG-4 Audio/Visual Streams</para>
-    <programlisting><![CDATA[http://www.ietf.org/rfc/rfc3016.txt
-]]></programlisting>
+    <para role="reference">&lt;<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.ietf.org/rfc/rfc3016"></link>&gt;</para>
     <para>IETF RFC 3550, RTP: A Transport Protocol for Real-Time Applications</para>
     <para role="reference">&lt;<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.ietf.org/rfc/rfc3550.txt"></link>&gt;</para>
     <para>IETF RFC 3551, RTP Profile for Audio and Video Conferences  with Minimal Control</para>
@@ -381,6 +380,22 @@
               </entry>
             </row>
             <row>
+              <entry valign="middle">
+                  <para>MIKEY</para>
+              </entry>
+              <entry valign="middle">
+                  <para>Multimedia Internet KEYing</para>
+              </entry>
+          </row>
+          <row>
+              <entry valign="middle">
+                  <para>MKI</para>
+              </entry>
+              <entry valign="middle">
+                  <para>Master Key Identifier</para>
+              </entry>
+          </row>
+          <row>
               <entry valign="middle">
                 <para>MPEG-4</para>
               </entry>
@@ -590,7 +605,62 @@
         </section>
         <section>
           <title>SRTP data transfer via UDP</title>
-          <para>This mode allows secure transmission of RTP packets via UDP unicast and multicast. See RFC 3711 for transmission and RFC 4567 for key exchange.</para>
+            <para>This mode allows secure transmission of RTP packets via UDP unicast and multicast. See RFC 3711 and RFC 7714 for transmission and RFC 4567 for key exchange. For RFC 3711, it is expected that the SRTP authentication tag be present. For RFC 7714, it is expected that the SRTP authentication tag is not present. The optional MKI is expected to be present in SRTP packets regardless of the algorithm used.</para>
+            <para>
+              The client may set a different key management protocol in the keymgmt attribute of the SETUP.
+              If the keymgmt header is present in the SETUP, the device shall use the key management protocol and key specified in the keymgmt header.
+            </para>
+            <para>
+              Example RTSP session:
+            </para>
+            <programlisting>
+                <![CDATA[
+client->server:   DESCRIBE rtsp://example.com/onvif_camera RTSP/1.0
+                  Cseq: 1
+
+server->client:   RTSP/1.0 200 OK
+                  Cseq: 1
+                  Content-Type: application/sdp
+                  Content-Length: XXX
+                  v=0
+                  o=- 2890844256 2890842807 IN IP4 172.16.2.93
+                  s=RTSP Session
+                  m=audio 0 RTP/SAVP 0
+                  a=key-mgmt: mikey AQAFgM0XflABAAAAAAAAAAAAAAsAy...
+                  a=control:rtsp://example.com/onvif_camera/audio
+                  m=video 0 RTP/SAVP 26
+                  a=key-mgmt: mikey CQCGiO2ZhnCDCCCCCCCCCCCCCCCuC0...
+                  a=control:rtsp://example.com/onvif_camera/video
+                  m=application 0 RTP/SAVP 107
+                  a=key-mgmt: mikey EQCGiO2ZhnEDEEEEEEEEEEEEEuC0...
+                  a=control:rtsp://example.com/onvif_camera/metadata
+                  a=recvonly
+                  a=rtpmap:107 vnd.onvif.metadata/90000
+
+client->server:   SETUP rtsp://example.com/onvif_camera/audio RTSP/1.0
+                  Cseq: 2
+                  Transport: RTP/SAVP/TCP;unicast;interleaved=0-1
+                  keymgmt: prot=mikey; uri="rtsp://movie.example.com/action/audio";
+                           data="GQCGiO2ZhnGDGGGGGGGGGGGuC3..."
+
+server->client:   RTSP/1.0 200 OK
+                  Cseq: 2
+                  Transport: RTP/SAVP;unicast;client_port=8002-8003;
+                  server_port=9004-9005
+                  Session: 12345678; timeout=60
+]]>
+          </programlisting>
+        </section>
+        <section>
+          <title>Cryptographic algorithm negotiation</title>
+            <para>
+              If a device supports encryption algorithms other than AES_CM_128_SHA1_80 as defined in RFC 3711, it must also support Media2, the SecureRTSPStreamingAlgorithms attribute of the GetServiceCapabilities response and the GetStreamUri2 action. 
+              This mechanism allows the client to choose the encryption algorithm used by the device for SRTP.
+            </para>
+            <para>
+              To configure which algorithm should be used by the streaming device, the client must get the list of supported SecureRTSPStreamingAlgorithms through the GetServiceCapabilities action.
+              The client can then choose the algorithm to use and set it in the SecurityProtocolAlgorithm attribute of the GetStreamUri2 action.
+          </para>
         </section>
         <section xml:id="_Ref213038219">
           <title>RTP/RTSP/HTTP/TCP</title>

wsdl/ver10/media/wsdl/media.wsdl

@@ -120,6 +120,11 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 						<xs:documentation> Indicates the device does not support live media streaming via RTSP.</xs:documentation>
 					</xs:annotation>
 				</xs:attribute>
+				<xs:attribute name="SecureRTSPStreaming" type="xs:boolean" use="optional">
+					<xs:annotation>
+						<xs:documentation>Indicates support for live media streaming via RTSPS and SRTP.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
 				<xs:anyAttribute processContents="lax"/>
 			</xs:complexType>
 			<!--===============================-->

wsdl/ver10/schema/onvif.xsd

@@ -710,6 +710,11 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 							<xs:documentation>The rtsp session timeout for the related video stream</xs:documentation>
 						</xs:annotation>
 					</xs:element>
+					<xs:element name="SecureStreamingProtocolAlgorithm" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The cryptographic algorithm used as defined by tr2:SrtpSecurityAlgorithms</xs:documentation>
+						</xs:annotation>
+					</xs:element>
 					<xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>   <!-- first Vendor then ONVIF -->
 				</xs:sequence>
 				<xs:attribute name="GuaranteedFrameRate" type="xs:boolean">
@@ -846,6 +851,11 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 				</xs:documentation>
 			</xs:annotation>
 		</xs:attribute>
+		<xs:attribute name="SecureStreamingProtocolAlgorithms" type="tt:StringAttrList" use="optional">
+			<xs:annotation>
+				<xs:documentation>If secure RTSP streaming is supported, this shall return the list of supported cryptographic algorithms as defined by tr2:SrtpSecurityAlgorithms.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
 		<xs:anyAttribute processContents="lax"/>
 	</xs:complexType>
 	<!--===============================-->
@@ -1004,6 +1014,15 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 			</xs:extension>
 		</xs:complexContent>
 	</xs:complexType>
+  <!--===============================-->
+	<xs:simpleType name="SrtpSecurityAlgorithms">
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="NONE"/>
+			<xs:enumeration value="AES_CM_128_HMAC_SHA1_80"/>
+			<xs:enumeration value="AEAD_AES_128_GCM"/>
+			<xs:enumeration value="AEAD_AES_256_GCM"/>
+		</xs:restriction>
+	</xs:simpleType>
 	<!--===============================-->
 	<!--   VideoEncoder2Configuration   -->
 	<!--===============================-->
@@ -1059,6 +1078,11 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 							<xs:documentation>Relative value for the video quantizers and the quality of the video. A high value within supported quality range means higher quality</xs:documentation>
 						</xs:annotation>
 					</xs:element>
+					<xs:element name="SecureStreamingProtocolAlgorithm" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Defines the cryptographic algorithm to use as defined by tr2:SrtpSecurityAlgorithms</xs:documentation>
+						</xs:annotation>
+					</xs:element>
 					<xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>   <!-- first ONVIF then Vendor -->
 				</xs:sequence>
 				<xs:attribute name="GovLength" type="xs:int">
@@ -1156,6 +1180,11 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 					<xs:documentation>Supported range of encoded bitrate in kbps.</xs:documentation>
 				</xs:annotation>
 			</xs:element>
+			<xs:element name="SecureStreamingProtocolAlgorithms" type="tt:StringAttrList" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>If secure RTSP streaming is supported, this shall return the list of supported cryptographic algorithms as defined by tr2:SrtpSecurityAlgorithms.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
 			<xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>   <!-- first ONVIF then Vendor -->
 		</xs:sequence>
 		<xs:attribute name="GovLengthRange" type="tt:IntList">
@@ -1260,6 +1289,11 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 							<xs:documentation>The rtsp session timeout for the related audio stream</xs:documentation>
 						</xs:annotation>
 					</xs:element>
+					<xs:element name="SecureStreamingProtocolAlgorithm" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The cryptographic algorithm used as defined by tr2:SrtpSecurityAlgorithms</xs:documentation>
+						</xs:annotation>
+					</xs:element>
 					<xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>   <!-- first Vendor then ONVIF -->
 				</xs:sequence>
 				<xs:anyAttribute processContents="lax"/>
@@ -1303,6 +1337,11 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 					<xs:documentation>List of supported Sample Rates in kHz for the specified Encoding</xs:documentation>
 				</xs:annotation>
 			</xs:element>
+			<xs:element name="SecureStreamingProtocolAlgorithms" type="tt:StringAttrList" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>If secure RTSP streaming is supported, this shall return the list of supported cryptographic algorithms as defined by tr2:SrtpSecurityAlgorithms.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
 			<xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>   <!-- first Vendor then ONVIF -->
 		</xs:sequence>
 		<xs:anyAttribute processContents="lax"/>
@@ -1348,6 +1387,11 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 							<xs:documentation>The output sample rate in kHz.</xs:documentation>
 						</xs:annotation>
 					</xs:element>
+					<xs:element name="SecureStreamingProtocolAlgorithm" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Defines the cryptographic algorithm to use as defined by tr2:SrtpSecurityAlgorithms</xs:documentation>
+						</xs:annotation>
+					</xs:element>
 					<xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>   <!-- first ONVIF then Vendor -->
 				</xs:sequence>
 				<xs:anyAttribute processContents="lax"/>
@@ -1373,6 +1417,11 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 					<xs:documentation>List of supported Sample Rates in kHz for the specified Encoding</xs:documentation>
 				</xs:annotation>
 			</xs:element>
+			<xs:element name="SecureStreamingProtocolAlgorithms" type="tt:StringAttrList" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>If secure RTSP streaming is supported, this shall return the list of supported cryptographic algorithms as defined by tr2:SrtpSecurityAlgorithms.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
 			<xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>   <!-- first ONVIF then Vendor -->
 		</xs:sequence>
 		<xs:anyAttribute processContents="lax"/>
@@ -1430,6 +1479,11 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 							<xs:documentation>The rtsp session timeout for the related audio stream (when using Media2 Service, this value is deprecated and ignored)</xs:documentation>
 						</xs:annotation>
 					</xs:element>
+					<xs:element name="SecureStreamingProtocolAlgorithm" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The cryptographic algorithm used as defined by tr2:SrtpSecurityAlgorithms</xs:documentation>
+						</xs:annotation>
+					</xs:element>
 					<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
 					<xs:element name="AnalyticsEngineConfiguration" type="tt:AnalyticsEngineConfiguration" minOccurs="0">
 						<xs:annotation>
@@ -1507,6 +1561,11 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 	<xs:complexType name="MetadataConfigurationOptions">
 		<xs:sequence>
 			<xs:element name="PTZStatusFilterOptions" type="tt:PTZStatusFilterOptions"/>
+			<xs:element name="SecureStreamingProtocolAlgorithms" type="tt:StringAttrList" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>If secure RTSP streaming is supported, this shall return the list of supported cryptographic algorithms as defined by tr2:SrtpSecurityAlgorithms.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
 			<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
 			<xs:element name ="Extension" type="tt:MetadataConfigurationOptionsExtension" minOccurs="0"/>
 		</xs:sequence>

wsdl/ver20/media/wsdl/media.wsdl

@@ -722,8 +722,8 @@ IN NO EVENT WILL THE CORPORATION OR ITS MEMBERS OR THEIR AFFILIATES BE LIABLE FO
 				<xs:restriction base="xs:string">
 					<xs:enumeration value="RtspUnicast"/>		<!-- RTSP straming RTP as UDP Unicast. -->
 					<xs:enumeration value="RtspMulticast"/>		<!-- RTSP straming RTP as UDP Multicast. -->
-					<xs:enumeration value="RtspsUnicast"/>		<!-- Secure RTSP straming SRTP as UDP Unicast. -->
-					<xs:enumeration value="RtspsMulticast"/>	<!-- Secure RTSP straming SRTP as UDP Multicast. -->
+					<xs:enumeration value="RtspsUnicast"/>		<!-- Secure RTSP streaming with SRTP as UDP Unicast. -->
+					<xs:enumeration value="RtspsMulticast"/>	<!-- Secure RTSP streaming with SRTP as UDP Multicast. -->
 					<xs:enumeration value="RTSP"/>				<!-- RTSP straming RTP over TCP. -->
 					<xs:enumeration value="RtspOverHttp"/>		<!-- Tunneling both the RTSP control channel and the RTP stream over HTTP or HTTPS. -->
 				</xs:restriction>
@@ -1811,12 +1811,14 @@ support streaming video data of such a profile.<br/>
 			<wsdl:documentation>This operation requests a URI that can be used to initiate a live media stream using RTSP as
 				the control protocol. The returned URI shall remain valid indefinitely even if the profile is changed. <br/>
 				Defined stream types are
-				 <ul>
-				 	<li>RtspUnicast		RTSP streaming RTP as UDP Unicast.</li>
-				 	<li>RtspMulticast	RTSP streaming RTP as UDP Multicast.</li>
-				 	<li>RTSP			RTSP streaming RTP over TCP.</li>
-				 	<li>RtspOverHttp	Tunneling both the RTSP control channel and the RTP stream over HTTP or HTTPS.</li>
-				 </ul>
+				<ul>
+					<li>RtspUnicast		RTSP streaming RTP as UDP Unicast.</li>
+					<li>RtspMulticast	RTSP streaming RTP as UDP Multicast.</li>
+					<li>RtspsUnicast	Secure RTSP streaming with SRTP as UDP Unicast.</li>
+					<li>RtspsMulticast	Secure RTSP streaming with SRTP as UDP Multicast.</li>
+					<li>RTSP			RTSP streaming RTP over TCP.</li>
+					<li>RtspOverHttp	Tunneling both the RTSP control channel and the RTP stream over HTTP or HTTPS.</li>
+				</ul>
 				If a multicast stream is requested at least one of VideoEncoder2Configuration, AudioEncoder2Configuration and MetadataConfiguration shall have a valid multicast setting.<br/>
 				For full compatibility with other ONVIF services a device should not generate Uris longer than
 				128 octets.</wsdl:documentation>
@@ -1856,7 +1858,7 @@ the PTZ position shall be repeated within the metadata stream.</wsdl:documentati
 		<wsdl:operation name="GetSnapshotUri">
 			<wsdl:documentation>A client uses the GetSnapshotUri command to obtain a JPEG snapshot from the
 device. The returned URI shall remain valid indefinitely even if the profile is changed. The URI can be used for
-acquiring a JPEG image through an HTTP GET operation. The image encoding will always be
+acquiring a JPEG image through a HTTP GET operation. The image encoding will always be
 JPEG regardless of the encoding setting in the media profile. The Jpeg settings
 (like resolution or quality) may be taken from the profile if suitable. The provided
 image will be updated automatically and independent from calls to GetSnapshotUri.</wsdl:documentation>