Add new DTLS-SRTP protection profiles from RFC 7714

Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
2016-01-02 22:32:36 +11:00 · 2016-01-02 22:32:36 +11:00 · 43e5faa253
commit 43e5faa253
parent b7be6d2290
2 changed files with 12 additions and 0 deletions
--- a/include/openssl/srtp.h
+++ b/include/openssl/srtp.h
@ -129,6 +129,10 @@ extern "C" {
 # define SRTP_NULL_SHA1_80      0x0005
 # define SRTP_NULL_SHA1_32      0x0006

+/* AEAD SRTP protection profiles from RFC 7714 */
+# define SRTP_AEAD_AES_128_GCM  0x0007
+# define SRTP_AEAD_AES_256_GCM  0x0008
+
 # ifndef OPENSSL_NO_SRTP

 __owur int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
--- a/ssl/d1_srtp.c
+++ b/ssl/d1_srtp.c
@ -128,6 +128,14 @@ static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = {
     "SRTP_AES128_CM_SHA1_32",
     SRTP_AES128_CM_SHA1_32,
     },
+    {
+     "SRTP_AEAD_AES_128_GCM",
+     SRTP_AEAD_AES_128_GCM
+     },
+    {
+     "SRTP_AEAD_AES_256_GCM",
+     SRTP_AEAD_AES_256_GCM
+     },
    {0}
 };