diff options
| author | Daiki Ueno <ueno@gnu.org> | 2022-12-24 17:37:24 +0900 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2022-12-24 17:37:24 +0900 |
| commit | bfef061bb878f6632e18037156599d746eaadd4f (patch) | |
| tree | 152f26bc0eb964ca4bfa3554d080aa0e412f4d39 | |
| parent | d39640db956af253bc97e33981bfee3e65434b33 (diff) | |
| download | gnutls-bfef061bb878f6632e18037156599d746eaadd4f.tar.gz | |
srtp: support AES-GCM profiles
This adds support for SRTP_AEAD_AES_128_GCM and SRTP_AEAD_AES_256_GCM
profiles defined in RFC 7714.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | lib/ext/srtp.c | 38 | ||||
| -rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 6 |
3 files changed, 33 insertions, 13 deletions
@@ -31,6 +31,8 @@ and to simplify maintenance, see <https://gitlab.com/gnutls/guile/>. ** API and ABI modifications: GNUTLS_NO_STATUS_REQUEST: New flag +GNUTLS_SRTP_AEAD_AES_128_GCM: New gnutls_srtp_profile_t enum member +GNUTLS_SRTP_AEAD_AES_256_GCM: New gnutls_srtp_profile_t enum member * Version 3.7.8 (released 2022-09-27) diff --git a/lib/ext/srtp.c b/lib/ext/srtp.c index b2e36b3a06..ec9ae31acb 100644 --- a/lib/ext/srtp.c +++ b/lib/ext/srtp.c @@ -64,21 +64,35 @@ typedef struct { static const srtp_profile_st profile_names[] = { { - "SRTP_AES128_CM_HMAC_SHA1_80", - GNUTLS_SRTP_AES128_CM_HMAC_SHA1_80, - 16, 14}, + "SRTP_AES128_CM_HMAC_SHA1_80", + GNUTLS_SRTP_AES128_CM_HMAC_SHA1_80, + 16, 14 + }, { - "SRTP_AES128_CM_HMAC_SHA1_32", - GNUTLS_SRTP_AES128_CM_HMAC_SHA1_32, - 16, 14}, + "SRTP_AES128_CM_HMAC_SHA1_32", + GNUTLS_SRTP_AES128_CM_HMAC_SHA1_32, + 16, 14 + }, { - "SRTP_NULL_HMAC_SHA1_80", - GNUTLS_SRTP_NULL_HMAC_SHA1_80, - 16, 14}, + "SRTP_NULL_HMAC_SHA1_80", + GNUTLS_SRTP_NULL_HMAC_SHA1_80, + 16, 14 + }, { - "SRTP_NULL_SHA1_32", - GNUTLS_SRTP_NULL_HMAC_SHA1_32, - 16, 14}, + "SRTP_NULL_SHA1_32", + GNUTLS_SRTP_NULL_HMAC_SHA1_32, + 16, 14 + }, + { + "SRTP_AEAD_AES_128_GCM", + GNUTLS_SRTP_AEAD_AES_128_GCM, + 16, 12 + }, + { + "SRTP_AEAD_AES_256_GCM", + GNUTLS_SRTP_AEAD_AES_256_GCM, + 32, 12 + }, { NULL, 0, 0, 0} diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 830ce5f95c..bbb4336ae9 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -1704,6 +1704,8 @@ int gnutls_session_ticket_send(gnutls_session_t session, unsigned nr, unsigned f * @GNUTLS_SRTP_AES128_CM_HMAC_SHA1_32: 128 bit AES with a 32 bit HMAC-SHA1 * @GNUTLS_SRTP_NULL_HMAC_SHA1_80: NULL cipher with a 80 bit HMAC-SHA1 * @GNUTLS_SRTP_NULL_HMAC_SHA1_32: NULL cipher with a 32 bit HMAC-SHA1 + * @GNUTLS_SRTP_AEAD_AES_128_GCM: 128 bit AES with GCM + * @GNUTLS_SRTP_AEAD_AES_256_GCM: 256 bit AES with GCM * * Enumeration of different SRTP protection profiles. */ @@ -1711,7 +1713,9 @@ typedef enum { GNUTLS_SRTP_AES128_CM_HMAC_SHA1_80 = 0x0001, GNUTLS_SRTP_AES128_CM_HMAC_SHA1_32 = 0x0002, GNUTLS_SRTP_NULL_HMAC_SHA1_80 = 0x0005, - GNUTLS_SRTP_NULL_HMAC_SHA1_32 = 0x0006 + GNUTLS_SRTP_NULL_HMAC_SHA1_32 = 0x0006, + GNUTLS_SRTP_AEAD_AES_128_GCM = 0x0007, + GNUTLS_SRTP_AEAD_AES_256_GCM = 0x0008 } gnutls_srtp_profile_t; int gnutls_srtp_set_profile(gnutls_session_t session, |