ascii-chat 0.8.38
Real-time terminal-based video chat with ASCII art conversion
Loading...
Searching...
No Matches
Functions
turn_credentials.c File Reference

TURN server credential generation implementation. More...

Go to the source code of this file.

Functions

asciichat_error_t turn_generate_credentials (const char *session_id, const char *secret, uint32_t validity_seconds, turn_credentials_t *out_credentials)
 
bool turn_credentials_expired (const turn_credentials_t *credentials)
 

Detailed Description

TURN server credential generation implementation.

Uses OpenBSD's public domain SHA1 implementation for HMAC-SHA1 credential generation (RFC 5766 TURN).

Definition in file turn_credentials.c.

Function Documentation

◆ turn_credentials_expired()

bool turn_credentials_expired ( const turn_credentials_t *  credentials)

Definition at line 192 of file turn_credentials.c.

192 {
193 if (!credentials) {
194 return true;
195 }
196
197 time_t now = time(NULL);
198 return now >= credentials->expires_at;
199}

◆ turn_generate_credentials()

asciichat_error_t turn_generate_credentials ( const char *  session_id,
const char *  secret,
uint32_t  validity_seconds,
turn_credentials_t *  out_credentials 
)

Definition at line 142 of file turn_credentials.c.

143 {
144 if (!session_id || !secret || !out_credentials) {
145 return SET_ERRNO(ERROR_INVALID_PARAM, "TURN credentials: NULL parameter");
146 }
147
148 if (validity_seconds == 0) {
149 return SET_ERRNO(ERROR_INVALID_PARAM, "TURN credentials: validity_seconds must be > 0");
150 }
151
152 // Calculate expiration timestamp
153 time_t now = time(NULL);
154 time_t expires_at = now + (time_t)validity_seconds;
155
156 // Format username: "{timestamp}:{session_id}"
157 int username_len = safe_snprintf(out_credentials->username, sizeof(out_credentials->username), "%ld:%s",
158 (long)expires_at, session_id);
159 if (username_len < 0 || (size_t)username_len >= sizeof(out_credentials->username)) {
160 return SET_ERRNO(ERROR_BUFFER_OVERFLOW, "TURN credentials: username too long");
161 }
162
163 // Compute HMAC-SHA1(secret, username)
164 uint8_t hmac_result[SHA1_DIGEST_LENGTH];
165 unsigned int hmac_len = 0;
166
167 asciichat_error_t result = hmac_sha1((const uint8_t *)out_credentials->username, (size_t)username_len,
168 (const uint8_t *)secret, strlen(secret), hmac_result, &hmac_len);
169 if (result != ASCIICHAT_OK) {
170 return result;
171 }
172
173 if (hmac_len != SHA1_DIGEST_LENGTH) {
174 return SET_ERRNO(ERROR_CRYPTO, "TURN credentials: unexpected HMAC length %u (expected %u)", hmac_len,
175 SHA1_DIGEST_LENGTH);
176 }
177
178 // Base64-encode the HMAC to get the password
179 size_t encoded_len =
180 base64_encode(hmac_result, hmac_len, out_credentials->password, sizeof(out_credentials->password));
181 if (encoded_len == 0) {
182 return SET_ERRNO(ERROR_BUFFER_OVERFLOW, "TURN credentials: password encoding failed");
183 }
184
185 out_credentials->expires_at = expires_at;
186
187 log_debug("Generated TURN credentials: username=%s, expires_at=%ld", out_credentials->username, (long)expires_at);
188
189 return ASCIICHAT_OK;
190}
session_id
uint8_t session_id[16]
Definition src/client/webrtc.c:62
safe_snprintf
int safe_snprintf(char *buffer, size_t buffer_size, const char *format,...)
Safe formatted string printing to buffer.
Definition system.c:456

References safe_snprintf(), and session_id.

Referenced by database_session_join().