eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add mki value and some review comments

Browse source 
1. Add check for prerequisites in check_config.h
2. Add mki value to use_srtp extension
3. address some review comments

Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
This commit is contained in:
Ron Eldor 2017-12-21 10:15:08 +02:00 committed by Johan Pascal
parent 34790789b6
commit 3adb9928f3
5 changed files with 91 additions and 68 deletions
Download patch file Download diff file Expand all files Collapse all files

36
include/mbedtls/ssl.h
View file

@ -862,6 +862,9 @@ typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );
!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
#if defined(MBEDTLS_SSL_DTLS_SRTP)
#define MBEDTLS_DTLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
#define MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH 255
/*
* List of SRTP profiles for DTLS-SRTP
*/
@ -873,7 +876,17 @@ typedef enum
MBEDTLS_SRTP_NULL_HMAC_SHA1_80,
MBEDTLS_SRTP_NULL_HMAC_SHA1_32,
}
mbedtls_dtls_srtp_protection_profiles;
mbedtls_ssl_srtp_profile;
typedef struct mbedtls_dtls_srtp_info_t
{
mbedtls_ssl_srtp_profile chosen_dtls_srtp_profile; /*!< negotiated SRTP profile */
unsigned char dtls_srtp_keys[MBEDTLS_DTLS_SRTP_MAX_KEY_MATERIAL_LENGTH]; /*!< master keys and master salt for SRTP generated during handshake */
size_t dtls_srtp_keys_len; /*!< length in bytes of master keys and master salt for SRTP generated during handshake */
unsigned char mki_value[MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH]; /* opaque srtp_mki<0..255> */
size_t mki_len;
}mbedtls_dtls_srtp_info;
#endif /* MBEDTLS_SSL_DTLS_SRTP */
/*
@ -1083,11 +1096,8 @@ struct mbedtls_ssl_config
#endif
#if defined(MBEDTLS_SSL_DTLS_SRTP)
/*
* use_srtp extension
*/
mbedtls_dtls_srtp_protection_profiles *dtls_srtp_profiles_list; /*!< ordered list of supported srtp profile */
size_t dtls_srtp_profiles_list_len; /*!< number of supported profiles */
mbedtls_ssl_srtp_profile *dtls_srtp_profile_list; /*!< ordered list of supported srtp profile */
size_t dtls_srtp_profile_list_len; /*!< number of supported profiles */
#endif /* MBEDTLS_SSL_DTLS_SRTP */
/*
@ -1170,9 +1180,12 @@ struct mbedtls_ssl_config
* record with unexpected CID
* should lead to failure. */
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_DTLS_SRTP)
unsigned int dtls_srtp_mki_support : 1; /* support having mki_value
in the use_srtp extension */
#endif
};
struct mbedtls_ssl_context
{
const mbedtls_ssl_config *conf; /*!< configuration information */
@ -1335,9 +1348,7 @@ struct mbedtls_ssl_context
/*
* use_srtp extension
*/
mbedtls_dtls_srtp_protection_profiles chosen_dtls_srtp_profile; /*!< negotiated SRTP profile */
unsigned char *dtls_srtp_keys; /*!< master keys and master salt for SRTP generated during handshake */
size_t dtls_srtp_keys_len; /*!< length in bytes of master keys and master salt for SRTP generated during handshake */
mbedtls_dtls_srtp_info dtls_srtp_info;
#endif /* MBEDTLS_SSL_DTLS_SRTP */
/*
@ -3173,8 +3184,7 @@ const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl );
*
* \return 0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA.
*/
int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf, const mbedtls_dtls_srtp_protection_profiles *profiles, size_t profiles_number);
int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf, const mbedtls_ssl_srtp_profile *profiles, size_t profiles_number);
/**
* \brief Get the negotiated DTLS-SRTP Protection Profile.
* This function should be called after the handshake is
@ -3184,7 +3194,7 @@ int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf, co
*
* \return Protection Profile enum member, MBEDTLS_SRTP_UNSET_PROFILE if no protocol was negotiated.
*/
mbedtls_dtls_srtp_protection_profiles mbedtls_ssl_get_dtls_srtp_protection_profile( const mbedtls_ssl_context *ssl);
mbedtls_ssl_srtp_profile mbedtls_ssl_get_dtls_srtp_protection_profile( const mbedtls_ssl_context *ssl);
/**
* \brief Get the generated DTLS-SRTP key material.