-/* ssl/t1_lib.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
"SRTP_AES128_CM_SHA1_32",
SRTP_AES128_CM_SHA1_32,
},
+ {
+ "SRTP_AEAD_AES_128_GCM",
+ SRTP_AEAD_AES_128_GCM
+ },
+ {
+ "SRTP_AEAD_AES_256_GCM",
+ SRTP_AEAD_AES_256_GCM
+ },
{0}
};
return 0;
}
-int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,
- int *al)
+int ssl_parse_serverhello_use_srtp_ext(SSL *s, PACKET *pkt, int *al)
{
- unsigned id;
+ unsigned int id, ct, mki;
int i;
- int ct;
STACK_OF(SRTP_PROTECTION_PROFILE) *clnt;
SRTP_PROTECTION_PROFILE *prof;
- if (len != 5) {
- SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
- SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
- *al = SSL_AD_DECODE_ERROR;
- return 1;
- }
-
- n2s(d, ct);
- if (ct != 2) {
+ if (!PACKET_get_net_2(pkt, &ct)
+ || ct != 2
+ || !PACKET_get_net_2(pkt, &id)
+ || !PACKET_get_1(pkt, &mki)
+ || PACKET_remaining(pkt) != 0) {
SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
*al = SSL_AD_DECODE_ERROR;
return 1;
}
- n2s(d, id);
- if (*d) { /* Must be no MKI, since we never offer one */
+ if (mki != 0) {
+ /* Must be no MKI, since we never offer one */
SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
SSL_R_BAD_SRTP_MKI_VALUE);
*al = SSL_AD_ILLEGAL_PARAMETER;