Add new DTLS-SRTP protection profiles from RFC 7714
authorDmitry Sobinov <sobinoff@gmail.com>
Sat, 2 Jan 2016 11:32:36 +0000 (22:32 +1100)
committerMatt Caswell <matt@openssl.org>
Thu, 4 Feb 2016 22:52:21 +0000 (22:52 +0000)
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
include/openssl/srtp.h
ssl/d1_srtp.c

index 1f5aed2..da9369e 100644 (file)
@@ -129,6 +129,10 @@ extern "C" {
 # define SRTP_NULL_SHA1_80      0x0005
 # define SRTP_NULL_SHA1_32      0x0006
 
+/* AEAD SRTP protection profiles from RFC 7714 */
+# define SRTP_AEAD_AES_128_GCM  0x0007
+# define SRTP_AEAD_AES_256_GCM  0x0008
+
 # ifndef OPENSSL_NO_SRTP
 
 __owur int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
index 587a592..f969fb1 100644 (file)
@@ -128,6 +128,14 @@ static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = {
      "SRTP_AES128_CM_SHA1_32",
      SRTP_AES128_CM_SHA1_32,
      },
+    {
+     "SRTP_AEAD_AES_128_GCM",
+     SRTP_AEAD_AES_128_GCM
+     },
+    {
+     "SRTP_AEAD_AES_256_GCM",
+     SRTP_AEAD_AES_256_GCM
+     },
     {0}
 };