Minor style modifications
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
This commit is contained in:
parent
48f62e98a8
commit
8526957cd5
6 changed files with 41 additions and 29 deletions
|
@ -418,10 +418,10 @@
|
||||||
* Use_srtp extension protection profiles values as defined in
|
* Use_srtp extension protection profiles values as defined in
|
||||||
* http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
|
* http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
|
||||||
*/
|
*/
|
||||||
#define MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80_IANA_VALUE 0x0001
|
#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80 0x0001
|
||||||
#define MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32_IANA_VALUE 0x0002
|
#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32 0x0002
|
||||||
#define MBEDTLS_SRTP_NULL_HMAC_SHA1_80_IANA_VALUE 0x0005
|
#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80 0x0005
|
||||||
#define MBEDTLS_SRTP_NULL_HMAC_SHA1_32_IANA_VALUE 0x0006
|
#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 0x0006
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Size defines
|
* Size defines
|
||||||
|
@ -867,8 +867,8 @@ typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_DTLS_SRTP)
|
#if defined(MBEDTLS_SSL_DTLS_SRTP)
|
||||||
|
|
||||||
#define MBEDTLS_DTLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
|
#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
|
||||||
#define MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH 255
|
#define MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH 255
|
||||||
/*
|
/*
|
||||||
* List of SRTP profiles for DTLS-SRTP
|
* List of SRTP profiles for DTLS-SRTP
|
||||||
*/
|
*/
|
||||||
|
@ -894,7 +894,7 @@ typedef struct mbedtls_dtls_srtp_info_t
|
||||||
/*! The SRTP profile that was negotiated*/
|
/*! The SRTP profile that was negotiated*/
|
||||||
mbedtls_ssl_srtp_profile chosen_dtls_srtp_profile;
|
mbedtls_ssl_srtp_profile chosen_dtls_srtp_profile;
|
||||||
/*! The mki_value used, with max size of 256 bytes */
|
/*! The mki_value used, with max size of 256 bytes */
|
||||||
unsigned char mki_value[MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH];
|
unsigned char mki_value[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH];
|
||||||
/*! The length of mki_value */
|
/*! The length of mki_value */
|
||||||
size_t mki_len;
|
size_t mki_len;
|
||||||
}
|
}
|
||||||
|
@ -3190,7 +3190,9 @@ const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl );
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_DTLS_SRTP)
|
#if defined(MBEDTLS_SSL_DTLS_SRTP)
|
||||||
/**
|
/**
|
||||||
* \brief Add support for mki value in use_srtp extension.
|
* \brief Add support for mki(master key id) value in use_srtp extension.
|
||||||
|
* MKI is an optional part of SRTP used for key management and
|
||||||
|
* re-keying. See RFC3711 section 3.1 for details
|
||||||
* The default value is
|
* The default value is
|
||||||
* #MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED.
|
* #MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED.
|
||||||
*
|
*
|
||||||
|
@ -3210,7 +3212,8 @@ void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
|
||||||
* in decreasing preference order.
|
* in decreasing preference order.
|
||||||
* \param profiles_number Number of supported profiles.
|
* \param profiles_number Number of supported profiles.
|
||||||
*
|
*
|
||||||
* \return 0 on success, or #MBEDTLS_ERR_SSL_BAD_INPUT_DATA.
|
* \return 0 on success
|
||||||
|
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA when the list of protection profiles is incorrect
|
||||||
*/
|
*/
|
||||||
int mbedtls_ssl_conf_dtls_srtp_protection_profiles
|
int mbedtls_ssl_conf_dtls_srtp_protection_profiles
|
||||||
( mbedtls_ssl_config *conf,
|
( mbedtls_ssl_config *conf,
|
||||||
|
@ -3224,8 +3227,9 @@ int mbedtls_ssl_conf_dtls_srtp_protection_profiles
|
||||||
* \param mki_value The MKI value to set.
|
* \param mki_value The MKI value to set.
|
||||||
* \param mki_len The length of the MKI value.
|
* \param mki_len The length of the MKI value.
|
||||||
*
|
*
|
||||||
* \return 0 on success, #MBEDTLS_ERR_SSL_BAD_INPUT_DATA
|
* \return 0 on success
|
||||||
* or #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE on failure
|
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA
|
||||||
|
* \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
|
||||||
*/
|
*/
|
||||||
int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
|
int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *mki_value,
|
unsigned char *mki_value,
|
||||||
|
@ -3235,10 +3239,11 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
|
||||||
* This function should be called after the handshake is
|
* This function should be called after the handshake is
|
||||||
* completed.
|
* completed.
|
||||||
*
|
*
|
||||||
* \param ssl SSL context
|
* \param ssl The SSL context to query
|
||||||
*
|
*
|
||||||
* \return Protection Profile enum member,
|
* \return The DTLS SRTP protection profile in use
|
||||||
* #MBEDTLS_SRTP_UNSET_PROFILE if no protocol was negotiated.
|
* \return #MBEDTLS_SRTP_UNSET_PROFILE if no protocol was negotiated or the handshake is still on
|
||||||
|
* early stage
|
||||||
*/
|
*/
|
||||||
mbedtls_ssl_srtp_profile mbedtls_ssl_get_dtls_srtp_protection_profile
|
mbedtls_ssl_srtp_profile mbedtls_ssl_get_dtls_srtp_protection_profile
|
||||||
( const mbedtls_ssl_context *ssl );
|
( const mbedtls_ssl_context *ssl );
|
||||||
|
@ -3246,10 +3251,11 @@ mbedtls_ssl_srtp_profile mbedtls_ssl_get_dtls_srtp_protection_profile
|
||||||
/**
|
/**
|
||||||
* \brief Utility function to get information on DTLS-SRTP profile.
|
* \brief Utility function to get information on DTLS-SRTP profile.
|
||||||
*
|
*
|
||||||
* \param profile The dtls-srtp profile id to get info on.
|
* \param profile The DTLS-SRTP profile id to get info on.
|
||||||
*
|
*
|
||||||
* \return Address of the SRTP profile information structure on
|
* \return Address of the SRTP profile information structure on
|
||||||
* success,NULL if not found.
|
* success
|
||||||
|
* \return \c NULL if not found.
|
||||||
*/
|
*/
|
||||||
const mbedtls_ssl_srtp_profile_info *mbedtls_ssl_dtls_srtp_profile_info_from_id
|
const mbedtls_ssl_srtp_profile_info *mbedtls_ssl_dtls_srtp_profile_info_from_id
|
||||||
( mbedtls_ssl_srtp_profile profile );
|
( mbedtls_ssl_srtp_profile profile );
|
||||||
|
|
|
@ -1103,16 +1103,16 @@ static inline uint16_t mbedtls_ssl_get_srtp_profile_iana_value
|
||||||
switch( profile )
|
switch( profile )
|
||||||
{
|
{
|
||||||
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80:
|
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80:
|
||||||
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80_IANA_VALUE;
|
profile_value = MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80;
|
||||||
break;
|
break;
|
||||||
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32:
|
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32:
|
||||||
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32_IANA_VALUE;
|
profile_value = MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32;
|
||||||
break;
|
break;
|
||||||
case MBEDTLS_SRTP_NULL_HMAC_SHA1_80:
|
case MBEDTLS_SRTP_NULL_HMAC_SHA1_80:
|
||||||
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_80_IANA_VALUE;
|
profile_value = MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80;
|
||||||
break;
|
break;
|
||||||
case MBEDTLS_SRTP_NULL_HMAC_SHA1_32:
|
case MBEDTLS_SRTP_NULL_HMAC_SHA1_32:
|
||||||
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_32_IANA_VALUE;
|
profile_value = MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32;
|
||||||
break;
|
break;
|
||||||
default: break;
|
default: break;
|
||||||
}
|
}
|
||||||
|
@ -1125,16 +1125,16 @@ static inline mbedtls_ssl_srtp_profile mbedtls_ssl_get_srtp_profile_value
|
||||||
mbedtls_ssl_srtp_profile profile_value = MBEDTLS_SRTP_UNSET_PROFILE;
|
mbedtls_ssl_srtp_profile profile_value = MBEDTLS_SRTP_UNSET_PROFILE;
|
||||||
switch( srtp_iana_value )
|
switch( srtp_iana_value )
|
||||||
{
|
{
|
||||||
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80_IANA_VALUE:
|
case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
|
||||||
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80;
|
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80;
|
||||||
break;
|
break;
|
||||||
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32_IANA_VALUE:
|
case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
|
||||||
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32;
|
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32;
|
||||||
break;
|
break;
|
||||||
case MBEDTLS_SRTP_NULL_HMAC_SHA1_80_IANA_VALUE:
|
case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
|
||||||
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_80;
|
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_80;
|
||||||
break;
|
break;
|
||||||
case MBEDTLS_SRTP_NULL_HMAC_SHA1_32_IANA_VALUE:
|
case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32:
|
||||||
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_32;
|
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_32;
|
||||||
break;
|
break;
|
||||||
default: break;
|
default: break;
|
||||||
|
|
|
@ -791,7 +791,9 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
|
||||||
/* If use_srtp is not configured, just ignore the extension */
|
/* If use_srtp is not configured, just ignore the extension */
|
||||||
if( ssl->conf->dtls_srtp_profile_list == NULL ||
|
if( ssl->conf->dtls_srtp_profile_list == NULL ||
|
||||||
ssl->conf->dtls_srtp_profile_list_len == 0 )
|
ssl->conf->dtls_srtp_profile_list_len == 0 )
|
||||||
|
{
|
||||||
return( 0 );
|
return( 0 );
|
||||||
|
}
|
||||||
|
|
||||||
/* RFC5764 section 4.1.1
|
/* RFC5764 section 4.1.1
|
||||||
* uint8 SRTPProtectionProfile[2];
|
* uint8 SRTPProtectionProfile[2];
|
||||||
|
@ -841,6 +843,10 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s", profile_info->name ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s", profile_info->name ) );
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
continue;
|
||||||
|
}
|
||||||
/* check if suggested profile is in our list */
|
/* check if suggested profile is in our list */
|
||||||
for( i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++)
|
for( i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++)
|
||||||
{
|
{
|
||||||
|
@ -858,7 +864,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
|
||||||
( len > ( profile_length + 2 ) ) )
|
( len > ( profile_length + 2 ) ) )
|
||||||
{
|
{
|
||||||
ssl->dtls_srtp_info.mki_len = buf[profile_length + 2];
|
ssl->dtls_srtp_info.mki_len = buf[profile_length + 2];
|
||||||
if( ssl->dtls_srtp_info.mki_len > MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH ||
|
if( ssl->dtls_srtp_info.mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH ||
|
||||||
ssl->dtls_srtp_info.mki_len + profile_length + size_of_lengths != len )
|
ssl->dtls_srtp_info.mki_len + profile_length + size_of_lengths != len )
|
||||||
{
|
{
|
||||||
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
|
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
|
||||||
|
|
|
@ -4749,7 +4749,7 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *mki_value,
|
unsigned char *mki_value,
|
||||||
size_t mki_len )
|
size_t mki_len )
|
||||||
{
|
{
|
||||||
if ( mki_len > MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH )
|
if ( mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH )
|
||||||
{
|
{
|
||||||
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
|
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1194,7 +1194,7 @@ int main( int argc, char *argv[] )
|
||||||
const mbedtls_ecp_curve_info *curve_cur;
|
const mbedtls_ecp_curve_info *curve_cur;
|
||||||
#endif
|
#endif
|
||||||
#if defined(MBEDTLS_SSL_DTLS_SRTP)
|
#if defined(MBEDTLS_SSL_DTLS_SRTP)
|
||||||
unsigned char mki[MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH];
|
unsigned char mki[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH];
|
||||||
size_t mki_len=0;
|
size_t mki_len=0;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
@ -1242,7 +1242,7 @@ int main( int argc, char *argv[] )
|
||||||
eap_tls_keys eap_tls_keying;
|
eap_tls_keys eap_tls_keying;
|
||||||
#if defined( MBEDTLS_SSL_DTLS_SRTP )
|
#if defined( MBEDTLS_SSL_DTLS_SRTP )
|
||||||
/*! master keys and master salt for SRTP generated during handshake */
|
/*! master keys and master salt for SRTP generated during handshake */
|
||||||
unsigned char dtls_srtp_key_material[MBEDTLS_DTLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
|
unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
|
||||||
const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
|
const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
|
||||||
dtls_srtp_keys dtls_srtp_keying;
|
dtls_srtp_keys dtls_srtp_keying;
|
||||||
#endif /* MBEDTLS_SSL_DTLS_SRTP */
|
#endif /* MBEDTLS_SSL_DTLS_SRTP */
|
||||||
|
|
|
@ -1873,7 +1873,7 @@ int main( int argc, char *argv[] )
|
||||||
eap_tls_keys eap_tls_keying;
|
eap_tls_keys eap_tls_keying;
|
||||||
#if defined( MBEDTLS_SSL_DTLS_SRTP )
|
#if defined( MBEDTLS_SSL_DTLS_SRTP )
|
||||||
/*! master keys and master salt for SRTP generated during handshake */
|
/*! master keys and master salt for SRTP generated during handshake */
|
||||||
unsigned char dtls_srtp_key_material[MBEDTLS_DTLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
|
unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
|
||||||
const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
|
const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
|
||||||
dtls_srtp_keys dtls_srtp_keying;
|
dtls_srtp_keys dtls_srtp_keying;
|
||||||
#endif /* MBEDTLS_SSL_DTLS_SRTP */
|
#endif /* MBEDTLS_SSL_DTLS_SRTP */
|
||||||
|
|
Loading…
Reference in a new issue