协议加解密

数据传输链路上对整个数据包进行SSL加密

rtsp  ----  rtsps

rtmp -----rtmps

http----https

ws-----wss

webrtc(DTLS)

GB28181----GB35114(国标加密)

协议层加密和编码层加密是两回事，有些协议是正常的，像海大宇，有自己的秘钥传输字段，会有专门的探测检测，解析码流层的加密；

SSL加解密函数：来自ZLmediakit ,openssl

void SSL_Box::onRecv(const Buffer::Ptr &buffer) {
    if (!buffer->size()) {
        return;
    }
    if (!_ssl) {
        if (_on_dec) {
            _on_dec(buffer);
        }
        return;
    }
#if defined(ENABLE_OPENSSL)
    uint32_t offset = 0;
    while (offset < buffer->size()) {
        auto nwrite = BIO_write(_read_bio, buffer->data() + offset, buffer->size() - offset);
        if (nwrite > 0) {
            //部分或全部写入bio完毕
            offset += nwrite;
            flush();
            continue;
        }
        //nwrite <= 0,出现异常
        ErrorL << "Ssl error on BIO_write: " << SSLUtil::getLastError();
        shutdown();
        break;
    }
#endif //defined(ENABLE_OPENSSL)
}

void SSL_Box::onSend(Buffer::Ptr buffer) {
    if (!buffer->size()) {
        return;
    }
    if (!_ssl) {
        if (_on_enc) {
            _on_enc(buffer);
        }
        return;
    }
#if defined(ENABLE_OPENSSL)
    if (!_server_mode && !_send_handshake) {
        _send_handshake = true;
        SSL_do_handshake(_ssl.get());
    }
    _buffer_send.emplace_back(std::move(buffer));
    flush();
#endif //defined(ENABLE_OPENSSL)
}

 http://c.gb688.cn/bzgk/gb/showGb?type=online&hcno=B7F5589329EF98B32F0EB8ACEC341C81