d1_srtp.c revision eeffacea337ec6a275e4c496acd12ca67a244533
14ee2ad04344446e610172a0e73949212923014dfSebastian Redl/* ssl/t1_lib.c */ 22cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 32cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * All rights reserved. 42cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * 52cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * This package is an SSL implementation written 62cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * by Eric Young (eay@cryptsoft.com). 72cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * The implementation was written so as to conform with Netscapes SSL. 82cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * 92cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * This library is free for commercial and non-commercial use as long as 10a4232eb646d89e7d52424bb42eb87d9061f39e63Sebastian Redl * the following conditions are aheared to. The following conditions 112cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * apply to all code found in this distribution, be it the RC4, RSA, 122cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * lhash, DES, etc., code; not just the SSL code. The SSL documentation 132cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * included with this distribution is covered by the same copyright terms 147faa2ec03a7ef120ac165bb45b6c70a8b20c9f1cSebastian Redl * except that the holder is Tim Hudson (tjh@cryptsoft.com). 150eca89e9890db4d8336ce762a5b359a1d58ca02bArgyrios Kyrtzidis * 16e737f5041a36d0befb39ffeed8d50ba15916d3daDouglas Gregor * Copyright remains Eric Young's, and as such any Copyright notices in 17e737f5041a36d0befb39ffeed8d50ba15916d3daDouglas Gregor * the code are not to be removed. 182cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * If this package is used in a product, Eric Young should be given attribution 192cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * as the author of the parts of the library used. 202cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * This can be in the form of a textual message at program startup or 212a7fb27913999d132cf9e10e03dc5271faa2e9d3John McCall * in documentation (online or textual) provided with the package. 2289eaf3af92c72c0c1aae807644e39cabc461d685Argyrios Kyrtzidis * 230b7489194f9f89fac39d57211c1e7953ae50251fDouglas Gregor * Redistribution and use in source and binary forms, with or without 247a1fad38256eb4c5129359be85ba1ea1678eb5c9John McCall * modification, are permitted provided that the following conditions 252cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * are met: 26a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall * 1. Redistributions of source code must retain the copyright 276ab7cd853e9c15cf986a8a7c3db1f8d20e275409Sebastian Redl * notice, this list of conditions and the following disclaimer. 287c5d24efcd2e505b5739f7def08dfe25ce59a1b2Chris Lattner * 2. Redistributions in binary form must reproduce the above copyright 296a5a23f8e7fb65e028c8092bc1d1a1d9dfe2e9bcDouglas Gregor * notice, this list of conditions and the following disclaimer in the 307c5d24efcd2e505b5739f7def08dfe25ce59a1b2Chris Lattner * documentation and/or other materials provided with the distribution. 3183d63c78810556d26b62ac4cbae2eda6cdd2570cSteve Naroff * 3. All advertising materials mentioning features or use of this software 3214f79002e58556798e86168c63e48d533287eda5Douglas Gregor * must display the following acknowledgement: 3310e286aa8d39fb51a21412850265d9dae74613eeChris Lattner * "This product includes cryptographic software written by 343251ceb90b3fec68e86d6dcfa58836e20a7205c3Douglas Gregor * Eric Young (eay@cryptsoft.com)" 3514f79002e58556798e86168c63e48d533287eda5Douglas Gregor * The word 'cryptographic' can be left out if the rouines from the library 36bd94500d3aa60092fb0f1e90f53fb0d03fa502a8Douglas Gregor * being used are not cryptographic related :-). 372bec0410d268779f601bd509e0302a500af7ac6aDouglas Gregor * 4. If you include any Windows specific code (or a derivative thereof) from 38ab41e63821dc60ad144d0684df8d79a9eef86b75Douglas Gregor * the apps directory (application code) you must include an acknowledgement: 390a0d2b179085a52c10402feebeb6db8b4d96a140Douglas Gregor * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4017fc223395d51be582fc666bb6ea21bd1dff26dcDouglas Gregor * 4117fc223395d51be582fc666bb6ea21bd1dff26dcDouglas Gregor * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 422596e429a61602312bdd149786045b8a90cd2d10Daniel Dunbar * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 432cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44fbfd180495e7800975c6d9bdc6d24e706ef70e34Michael J. Spencer * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4514f79002e58556798e86168c63e48d533287eda5Douglas Gregor * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4603013fa9a0bf1ef4b907f5fec006c8f4000fdd21Michael J. Spencer * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47f62d43d2afe1960755a1b5813cae1e5983bcac1bDouglas Gregor * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 483c304bd9ec2b4611572d4cbae9e1727bbecb5dc9Chris Lattner * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49cfbf1c7536e016dc275139dd842d4a5f059a749fDouglas Gregor * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50f62d43d2afe1960755a1b5813cae1e5983bcac1bDouglas Gregor * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 512cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * SUCH DAMAGE. 528538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl * 532cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * The licence and distribution terms for any publically available version or 54ade5000c8763f4bec41f452d7efa3a9b2a6d4712Sebastian Redl * derivative of this code cannot be changed. i.e. this code cannot simply be 555f9e272e632e951b1efe824cd16acb4d96077930Chris Lattner * copied and put under another distribution licence 565f9e272e632e951b1efe824cd16acb4d96077930Chris Lattner * [including the GNU Public Licence.] 575f9e272e632e951b1efe824cd16acb4d96077930Chris Lattner */ 586e089c687cc2b914c46859ab7e46fe4c3c6b0afbBenjamin Kramer/* ==================================================================== 59ade5000c8763f4bec41f452d7efa3a9b2a6d4712Sebastian Redl * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 606e089c687cc2b914c46859ab7e46fe4c3c6b0afbBenjamin Kramer * 616e089c687cc2b914c46859ab7e46fe4c3c6b0afbBenjamin Kramer * Redistribution and use in source and binary forms, with or without 625f9e272e632e951b1efe824cd16acb4d96077930Chris Lattner * modification, are permitted provided that the following conditions 635f9e272e632e951b1efe824cd16acb4d96077930Chris Lattner * are met: 646e089c687cc2b914c46859ab7e46fe4c3c6b0afbBenjamin Kramer * 65ade5000c8763f4bec41f452d7efa3a9b2a6d4712Sebastian Redl * 1. Redistributions of source code must retain the above copyright 66ade5000c8763f4bec41f452d7efa3a9b2a6d4712Sebastian Redl * notice, this list of conditions and the following disclaimer. 672cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * 682cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * 2. Redistributions in binary form must reproduce the above copyright 692cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * notice, this list of conditions and the following disclaimer in 7012b1c7615d4f9a2edc544be499f895f16ac100edChris Lattner * the documentation and/or other materials provided with the 712cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * distribution. 723397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl * 73a4232eb646d89e7d52424bb42eb87d9061f39e63Sebastian Redl * 3. All advertising materials mentioning features or use of this 7489eaf3af92c72c0c1aae807644e39cabc461d685Argyrios Kyrtzidis * software must display the following acknowledgment: 752cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * "This product includes software developed by the OpenSSL Project 762cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 772cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * 788538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 792cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * endorse or promote products derived from this software without 8089eaf3af92c72c0c1aae807644e39cabc461d685Argyrios Kyrtzidis * prior written permission. For written permission, please contact 818538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl * openssl-core@openssl.org. 822cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * 832cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * 5. Products derived from this software may not be called "OpenSSL" 842cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * nor may "OpenSSL" appear in their names without prior written 852cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * permission of the OpenSSL Project. 862cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * 872cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * 6. Redistributions of any form whatsoever must retain the following 882cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * acknowledgment: 892cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * "This product includes software developed by the OpenSSL Project 902cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 912cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * 922cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 933397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94b219cfc4d75f0a03630b7c4509ef791b7e97b2c8David Blaikie * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 952cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 962cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 973397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 982cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 998538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 1002cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 1012cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 1023397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 1032cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * OF THE POSSIBILITY OF SUCH DAMAGE. 1048538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl * ==================================================================== 1052cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * 1062cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor * This product includes cryptographic software written by Eric Young 1073397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl * (eay@cryptsoft.com). This product includes software written by Tim 1081eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump * Hudson (tjh@cryptsoft.com). 1098538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl * 1102cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor */ 1112cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor/* 1123397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl DTLS code by Eric Rescorla <ekr@rtfm.com> 113df1550fc59b51681d37225934fe4e3acac321621Richard Smith 114df1550fc59b51681d37225934fe4e3acac321621Richard Smith Copyright (C) 2006, Network Resonance, Inc. 1158538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl Copyright (C) 2011, RTFM, Inc. 1162cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor*/ 1172cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor 1183397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl#include <stdio.h> 119df1550fc59b51681d37225934fe4e3acac321621Richard Smith#include <openssl/objects.h> 1208538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl#include "ssl_locl.h" 1212cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor 1222cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor#ifndef OPENSSL_NO_SRTP 1233397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl 1241eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump#include "srtp.h" 1251eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1268538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl 1272cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregorstatic SRTP_PROTECTION_PROFILE srtp_known_profiles[]= 1282cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor { 1293397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl { 1302cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor "SRTP_AES128_CM_SHA1_80", 1312cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor SRTP_AES128_CM_SHA1_80, 1320953e767ff7817f97b3ab20896b229891eeff45bJohn McCall }, 1332cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor { 1342cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor "SRTP_AES128_CM_SHA1_32", 1353397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl SRTP_AES128_CM_SHA1_32, 1362cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor }, 1372cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor#if 0 1388538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl { 1392cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor "SRTP_NULL_SHA1_80", 1402cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor SRTP_NULL_SHA1_80, 1413397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl }, 1422cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor { 1438538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl "SRTP_NULL_SHA1_32", 1442cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor SRTP_NULL_SHA1_32, 1452cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor }, 1463397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl#endif 1472cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor {0} 1487e7eb3da052a6d80ddf2377cab0384c798f73f75Douglas Gregor }; 1497e7eb3da052a6d80ddf2377cab0384c798f73f75Douglas Gregor 150c9490c000f515c29f200a1215328d8ab9a0f3818Douglas Gregorstatic int find_profile_by_name(char *profile_name, 1518538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl SRTP_PROTECTION_PROFILE **pptr,unsigned len) 1522cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor { 1532cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor SRTP_PROTECTION_PROFILE *p; 1543397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl 1552cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor p=srtp_known_profiles; 1562cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor while(p->name) 157e86d78cf4754a6aef2cf9a33d847aa15338e276fBob Wilson { 1588538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl if((len == strlen(p->name)) && !strncmp(p->name,profile_name, 1592cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor len)) 1602cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor { 1613397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl *pptr=p; 1622cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor return 0; 1638538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl } 1642cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor 1652cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor p++; 1663397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl } 1672cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor 168264ba48dc98f3f843935a485d5b086f7e0fdc4f1Rafael Espindola return 1; 169264ba48dc98f3f843935a485d5b086f7e0fdc4f1Rafael Espindola } 170a49218e17bcbb1acde0245773173e2c0c42f4f19Eli Friedman 171425ef72306d4ff6b3698b744353e5f0e56b4b884Rafael Espindolastatic int find_profile_by_num(unsigned profile_num, 172ab8bbf4ebd3e3e6eab913cb044772a62b7581941Douglas Gregor SRTP_PROTECTION_PROFILE **pptr) 173264ba48dc98f3f843935a485d5b086f7e0fdc4f1Rafael Espindola { 174f85e193739c953358c865005855253af4f68a497John McCall SRTP_PROTECTION_PROFILE *p; 1752cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor 1762cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor p=srtp_known_profiles; 1773397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl while(p->name) 1782cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor { 1798538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl if(p->id == profile_num) 1802cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor { 1812cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor *pptr=p; 1823397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl return 0; 1832cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor } 1842cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor p++; 1852cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor } 1862cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor 1872cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor return 1; 1882cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor } 189c938c1668b4fd12af154e965dd935a89e4801a70Douglas Gregor 19060618fa7f88d5162bb5b40988b6b38d4d75d6fc6Sebastian Redlstatic int ssl_ctx_make_profiles(const char *profiles_string,STACK_OF(SRTP_PROTECTION_PROFILE) **out) 19160618fa7f88d5162bb5b40988b6b38d4d75d6fc6Sebastian Redl { 19260618fa7f88d5162bb5b40988b6b38d4d75d6fc6Sebastian Redl STACK_OF(SRTP_PROTECTION_PROFILE) *profiles; 19360618fa7f88d5162bb5b40988b6b38d4d75d6fc6Sebastian Redl 19460618fa7f88d5162bb5b40988b6b38d4d75d6fc6Sebastian Redl char *col; 19560618fa7f88d5162bb5b40988b6b38d4d75d6fc6Sebastian Redl char *ptr=(char *)profiles_string; 19660618fa7f88d5162bb5b40988b6b38d4d75d6fc6Sebastian Redl 19760618fa7f88d5162bb5b40988b6b38d4d75d6fc6Sebastian Redl SRTP_PROTECTION_PROFILE *p; 1988538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl 1992cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor if(!(profiles=sk_SRTP_PROTECTION_PROFILE_new_null())) 2002cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor { 2013397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); 202ed97649e9574b9d854fa4d6109c9333ae0993554John McCall return 1; 2038538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl } 204ed97649e9574b9d854fa4d6109c9333ae0993554John McCall 205ed97649e9574b9d854fa4d6109c9333ae0993554John McCall do 2063397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl { 2072cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor col=strchr(ptr,':'); 2089763e221e16026ddf487d2564ed349d2c874a1a1Argyrios Kyrtzidis 2099763e221e16026ddf487d2564ed349d2c874a1a1Argyrios Kyrtzidis if(!find_profile_by_name(ptr,&p, 2108538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl col ? col-ptr : (int)strlen(ptr))) 2112cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor { 2122cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor sk_SRTP_PROTECTION_PROFILE_push(profiles,p); 2133397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl } 214c9490c000f515c29f200a1215328d8ab9a0f3818Douglas Gregor else 2158538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl { 2162cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); 2172cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor return 1; 2183397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl } 2192cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor 2208538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl if(col) ptr=col+1; 2212cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor } while (col); 2222cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor 2233397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl *out=profiles; 224395b475a4474f1c7574d927ad142ca0c7997cbcaAnders Carlsson 2258538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl return 0; 226395b475a4474f1c7574d927ad142ca0c7997cbcaAnders Carlsson } 227395b475a4474f1c7574d927ad142ca0c7997cbcaAnders Carlsson 228ca63c200346c0ca9e00194ec6e34a5a7b0ed9321Sean Huntint SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx,const char *profiles) 229ca63c200346c0ca9e00194ec6e34a5a7b0ed9321Sean Hunt { 230ca63c200346c0ca9e00194ec6e34a5a7b0ed9321Sean Hunt return ssl_ctx_make_profiles(profiles,&ctx->srtp_profiles); 231ca63c200346c0ca9e00194ec6e34a5a7b0ed9321Sean Hunt } 232ca63c200346c0ca9e00194ec6e34a5a7b0ed9321Sean Hunt 233ca63c200346c0ca9e00194ec6e34a5a7b0ed9321Sean Huntint SSL_set_tlsext_use_srtp(SSL *s,const char *profiles) 234ca63c200346c0ca9e00194ec6e34a5a7b0ed9321Sean Hunt { 23534b41d939a1328f484511c6002ba2456db879a29Richard Smith return ssl_ctx_make_profiles(profiles,&s->srtp_profiles); 23634b41d939a1328f484511c6002ba2456db879a29Richard Smith } 23734b41d939a1328f484511c6002ba2456db879a29Richard Smith 23834b41d939a1328f484511c6002ba2456db879a29Richard Smith 23934b41d939a1328f484511c6002ba2456db879a29Richard SmithSTACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *s) 2403397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl { 241be191100e034b23a3e13053757a57b7f5068c24aArgyrios Kyrtzidis if(s != NULL) 2422cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor { 2431eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump if(s->srtp_profiles != NULL) 2442cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor { 2452cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor return s->srtp_profiles; 2462cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor } 2473397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl else if((s->ctx != NULL) && 2482cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor (s->ctx->srtp_profiles != NULL)) 2498538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl { 2502cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor return s->ctx->srtp_profiles; 2512cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor } 2523397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl } 2532cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor 2548538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl return NULL; 2552cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor } 2562cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor 2579d156a7b1b2771e191f2f5a45a7b7a694129463bJohn McCallSRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s) 2589d156a7b1b2771e191f2f5a45a7b7a694129463bJohn McCall { 2599d156a7b1b2771e191f2f5a45a7b7a694129463bJohn McCall return s->srtp_profile; 2609d156a7b1b2771e191f2f5a45a7b7a694129463bJohn McCall } 2619d156a7b1b2771e191f2f5a45a7b7a694129463bJohn McCall 2629d156a7b1b2771e191f2f5a45a7b7a694129463bJohn McCall/* Note: this function returns 0 length if there are no 2639d156a7b1b2771e191f2f5a45a7b7a694129463bJohn McCall profiles specified */ 2641eb4433ac451dc16f4133a88af2d002ac26c58efMike Stumpint ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) 2653397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl { 26649a832bd499d6f61c23655f1fac99f0dd229756eJohn McCall int ct=0; 26749a832bd499d6f61c23655f1fac99f0dd229756eJohn McCall int i; 26849a832bd499d6f61c23655f1fac99f0dd229756eJohn McCall STACK_OF(SRTP_PROTECTION_PROFILE) *clnt=0; 2698538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl SRTP_PROTECTION_PROFILE *prof; 27049a832bd499d6f61c23655f1fac99f0dd229756eJohn McCall 27149a832bd499d6f61c23655f1fac99f0dd229756eJohn McCall clnt=SSL_get_srtp_profiles(s); 27249a832bd499d6f61c23655f1fac99f0dd229756eJohn McCall ct=sk_SRTP_PROTECTION_PROFILE_num(clnt); /* -1 if clnt == 0 */ 273c3069d618f4661d923cb1b5c4525b082fce73b04Douglas Gregor 274c3069d618f4661d923cb1b5c4525b082fce73b04Douglas Gregor if(p) 275c3069d618f4661d923cb1b5c4525b082fce73b04Douglas Gregor { 276c3069d618f4661d923cb1b5c4525b082fce73b04Douglas Gregor if(ct==0) 277c3069d618f4661d923cb1b5c4525b082fce73b04Douglas Gregor { 278c3069d618f4661d923cb1b5c4525b082fce73b04Douglas Gregor SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT,SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST); 279c3069d618f4661d923cb1b5c4525b082fce73b04Douglas Gregor return 1; 280c3069d618f4661d923cb1b5c4525b082fce73b04Douglas Gregor } 2813397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl 2822cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor if((2 + ct*2 + 1) > maxlen) 283be191100e034b23a3e13053757a57b7f5068c24aArgyrios Kyrtzidis { 28490b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT,SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); 28590b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis return 1; 28690b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis } 28790b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis 28890b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis /* Add the length */ 2893e4c6c4c79a03f5cb0c4671d7c282d623c6dc35eRichard Smith s2n(ct * 2, p); 2903e4c6c4c79a03f5cb0c4671d7c282d623c6dc35eRichard Smith for(i=0;i<ct;i++) 2919763e221e16026ddf487d2564ed349d2c874a1a1Argyrios Kyrtzidis { 2929763e221e16026ddf487d2564ed349d2c874a1a1Argyrios Kyrtzidis prof=sk_SRTP_PROTECTION_PROFILE_value(clnt,i); 2938538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl s2n(prof->id,p); 29490b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis } 29590b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis 29690b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis /* Add an empty use_mki value */ 2973397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl *p++ = 0; 298ae8b17f1d5d303af53db5a4f4a375ea6b9356566Argyrios Kyrtzidis } 299ae8b17f1d5d303af53db5a4f4a375ea6b9356566Argyrios Kyrtzidis 300ae8b17f1d5d303af53db5a4f4a375ea6b9356566Argyrios Kyrtzidis *len=2 + ct*2 + 1; 3018538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl 30290b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis return 0; 30390b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis } 30490b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis 3053397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl 30690b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidisint ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al) 30790b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis { 308b219cfc4d75f0a03630b7c4509ef791b7e97b2c8David Blaikie SRTP_PROTECTION_PROFILE *cprof,*sprof; 30990b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis STACK_OF(SRTP_PROTECTION_PROFILE) *clnt=0,*srvr; 31090b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis int ct; 31190b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis int mki_len; 3123397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl int i,j; 31390b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis int id; 31490b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis int ret; 31590b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis 3164fb86f8c4585e53c21c847ad3de9e3b2de123cd9Chandler Carruth /* Length value + the MKI length */ 3178538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl if(len < 3) 31890b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis { 31990b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); 32090b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis *al=SSL_AD_DECODE_ERROR; 3213397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl return 1; 3228dfbd8b252ba4e6cf4b7a3422f6ef0ca21312dfeArgyrios Kyrtzidis } 3238dfbd8b252ba4e6cf4b7a3422f6ef0ca21312dfeArgyrios Kyrtzidis 3248dfbd8b252ba4e6cf4b7a3422f6ef0ca21312dfeArgyrios Kyrtzidis /* Pull off the length of the cipher suite list */ 325f48d45e3e36c132bdee3373beec4e8b19ae3f9c4Argyrios Kyrtzidis n2s(d, ct); 326f48d45e3e36c132bdee3373beec4e8b19ae3f9c4Argyrios Kyrtzidis len -= 2; 327f48d45e3e36c132bdee3373beec4e8b19ae3f9c4Argyrios Kyrtzidis 3288538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl /* Check that it is even */ 32990b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis if(ct%2) 33090b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis { 33190b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); 3323397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl *al=SSL_AD_DECODE_ERROR; 33390b715e0df34eae2b50b9b43ec60828ed31dcf94Argyrios Kyrtzidis return 1; 3343acad62a239448bef0f5848b2a0d5f7dfefd3d14Argyrios Kyrtzidis } 3353acad62a239448bef0f5848b2a0d5f7dfefd3d14Argyrios Kyrtzidis 3363acad62a239448bef0f5848b2a0d5f7dfefd3d14Argyrios Kyrtzidis /* Check that lengths are consistent */ 3373acad62a239448bef0f5848b2a0d5f7dfefd3d14Argyrios Kyrtzidis if(len < (ct + 1)) 3383acad62a239448bef0f5848b2a0d5f7dfefd3d14Argyrios Kyrtzidis { 3393acad62a239448bef0f5848b2a0d5f7dfefd3d14Argyrios Kyrtzidis SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); 3403acad62a239448bef0f5848b2a0d5f7dfefd3d14Argyrios Kyrtzidis *al=SSL_AD_DECODE_ERROR; 3418538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl return 1; 3422cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor } 3432cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor 3447536dd5e6c99584481b7dab68b7e7d8df9c54054Douglas Gregor 3457536dd5e6c99584481b7dab68b7e7d8df9c54054Douglas Gregor clnt=sk_SRTP_PROTECTION_PROFILE_new_null(); 346cded4f649cd4b7ba7d461c25c6482ef52b8d3a2aDouglas Gregor 347cded4f649cd4b7ba7d461c25c6482ef52b8d3a2aDouglas Gregor while(ct) 348cded4f649cd4b7ba7d461c25c6482ef52b8d3a2aDouglas Gregor { 349cded4f649cd4b7ba7d461c25c6482ef52b8d3a2aDouglas Gregor n2s(d,id); 3507536dd5e6c99584481b7dab68b7e7d8df9c54054Douglas Gregor ct-=2; 3517536dd5e6c99584481b7dab68b7e7d8df9c54054Douglas Gregor len-=2; 3527536dd5e6c99584481b7dab68b7e7d8df9c54054Douglas Gregor 353075f8f1b6bed4d1b224c74f87508534cc6392ce6Abramo Bagnara if(!find_profile_by_num(id,&cprof)) 354075f8f1b6bed4d1b224c74f87508534cc6392ce6Abramo Bagnara { 355075f8f1b6bed4d1b224c74f87508534cc6392ce6Abramo Bagnara sk_SRTP_PROTECTION_PROFILE_push(clnt,cprof); 356075f8f1b6bed4d1b224c74f87508534cc6392ce6Abramo Bagnara } 357075f8f1b6bed4d1b224c74f87508534cc6392ce6Abramo Bagnara else 3583397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl { 359465d41b92b2c862f3062c412a0538db65c6a2661Abramo Bagnara ; /* Ignore */ 3603acad62a239448bef0f5848b2a0d5f7dfefd3d14Argyrios Kyrtzidis } 3613acad62a239448bef0f5848b2a0d5f7dfefd3d14Argyrios Kyrtzidis } 3628538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl 3632cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor /* Now extract the MKI value as a sanity check, but discard it for now */ 3642cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor mki_len = *d; 3653397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl d++; len--; 3663cb0ebd5f76abcb776f7cb4062bd79e3268c0dc4John McCall 36731f17ecbef57b5679c017c375db330546b7b5145John McCall if (mki_len != len) 3688538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl { 3693cb0ebd5f76abcb776f7cb4062bd79e3268c0dc4John McCall SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_MKI_VALUE); 3703cb0ebd5f76abcb776f7cb4062bd79e3268c0dc4John McCall *al=SSL_AD_DECODE_ERROR; 3713397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl return 1; 372deacbdca554298ccdf636f19c6094a8825ec6b34Douglas Gregor } 3738538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl 374c12c5bba6ceb6acd4e51e7a0fc03257da9cfd44eJohn McCall srvr=SSL_get_srtp_profiles(s); 375c12c5bba6ceb6acd4e51e7a0fc03257da9cfd44eJohn McCall 3763397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl /* Pick our most preferred profile. If no profiles have been 377c12c5bba6ceb6acd4e51e7a0fc03257da9cfd44eJohn McCall configured then the outer loop doesn't run 3782cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor (sk_SRTP_PROTECTION_PROFILE_num() = -1) 379c12c5bba6ceb6acd4e51e7a0fc03257da9cfd44eJohn McCall and so we just return without doing anything */ 380446ee4eb4fc4c705a59365252df7a5c253daafa1Steve Naroff for(i=0;i<sk_SRTP_PROTECTION_PROFILE_num(srvr);i++) 381446ee4eb4fc4c705a59365252df7a5c253daafa1Steve Naroff { 3828538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl sprof=sk_SRTP_PROTECTION_PROFILE_value(srvr,i); 3832cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor 3842cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor for(j=0;j<sk_SRTP_PROTECTION_PROFILE_num(clnt);j++) 385d1b3c2dd5bc1f3103bee6137957aa7c5f8f2f0bcSteve Naroff { 3863397c5570369f19b2d6c52e898f708d75ceede1fSebastian Redl cprof=sk_SRTP_PROTECTION_PROFILE_value(clnt,j); 3871eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3888538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl if(cprof->id==sprof->id) 3892cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor { 3902cf2634ffdb4f7c8d46cef3f8e60a55993f1c57aDouglas Gregor s->srtp_profile=sprof; 391b001de7458d17c17e6d8b8034c7cfcefd3b70c00Eli Friedman *al=0; 392b001de7458d17c17e6d8b8034c7cfcefd3b70c00Eli Friedman ret=0; 393b001de7458d17c17e6d8b8034c7cfcefd3b70c00Eli Friedman goto done; 394b001de7458d17c17e6d8b8034c7cfcefd3b70c00Eli Friedman } 395b001de7458d17c17e6d8b8034c7cfcefd3b70c00Eli Friedman } 396b001de7458d17c17e6d8b8034c7cfcefd3b70c00Eli Friedman } 397a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall 398a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall ret=0; 399a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall 400a4232eb646d89e7d52424bb42eb87d9061f39e63Sebastian Redldone: 40189eaf3af92c72c0c1aae807644e39cabc461d685Argyrios Kyrtzidis if(clnt) sk_SRTP_PROTECTION_PROFILE_free(clnt); 402a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall 403a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall return ret; 40489eaf3af92c72c0c1aae807644e39cabc461d685Argyrios Kyrtzidis } 405a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall 406a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCallint ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) 40751bd803fbdade51d674598ed45da3d54190a656cJohn McCall { 408a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall if(p) 40951bd803fbdade51d674598ed45da3d54190a656cJohn McCall { 410a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall if(maxlen < 5) 411a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall { 41251bd803fbdade51d674598ed45da3d54190a656cJohn McCall SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); 41351bd803fbdade51d674598ed45da3d54190a656cJohn McCall return 1; 414a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall } 415a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall 416a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall if(s->srtp_profile==0) 417a1ee0c548b8aa4aaf93d1917e304e3da13171a08John McCall { 41851bd803fbdade51d674598ed45da3d54190a656cJohn McCall SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,SSL_R_USE_SRTP_NOT_NEGOTIATED); 41951bd803fbdade51d674598ed45da3d54190a656cJohn McCall return 1; 42051bd803fbdade51d674598ed45da3d54190a656cJohn McCall } 42151bd803fbdade51d674598ed45da3d54190a656cJohn McCall s2n(2, p); 422ddf889a2ad2888f1dea573987bbe952d9912c1a0Douglas Gregor s2n(s->srtp_profile->id,p); 423ddf889a2ad2888f1dea573987bbe952d9912c1a0Douglas Gregor *p++ = 0; 424ddf889a2ad2888f1dea573987bbe952d9912c1a0Douglas Gregor } 425ddf889a2ad2888f1dea573987bbe952d9912c1a0Douglas Gregor *len=5; 426ddf889a2ad2888f1dea573987bbe952d9912c1a0Douglas Gregor 427ddf889a2ad2888f1dea573987bbe952d9912c1a0Douglas Gregor return 0; 428ddf889a2ad2888f1dea573987bbe952d9912c1a0Douglas Gregor } 42951bd803fbdade51d674598ed45da3d54190a656cJohn McCall 43051bd803fbdade51d674598ed45da3d54190a656cJohn McCall 43151bd803fbdade51d674598ed45da3d54190a656cJohn McCallint ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al) 43251bd803fbdade51d674598ed45da3d54190a656cJohn McCall { 43351bd803fbdade51d674598ed45da3d54190a656cJohn McCall unsigned id; 43451bd803fbdade51d674598ed45da3d54190a656cJohn McCall int i; 43551bd803fbdade51d674598ed45da3d54190a656cJohn McCall int ct; 43651bd803fbdade51d674598ed45da3d54190a656cJohn McCall 43751bd803fbdade51d674598ed45da3d54190a656cJohn McCall STACK_OF(SRTP_PROTECTION_PROFILE) *clnt; 43851bd803fbdade51d674598ed45da3d54190a656cJohn McCall SRTP_PROTECTION_PROFILE *prof; 43951bd803fbdade51d674598ed45da3d54190a656cJohn McCall 44051bd803fbdade51d674598ed45da3d54190a656cJohn McCall if(len!=5) 44151bd803fbdade51d674598ed45da3d54190a656cJohn McCall { 44251bd803fbdade51d674598ed45da3d54190a656cJohn McCall SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); 44351bd803fbdade51d674598ed45da3d54190a656cJohn McCall *al=SSL_AD_DECODE_ERROR; 44451bd803fbdade51d674598ed45da3d54190a656cJohn McCall return 1; 44551bd803fbdade51d674598ed45da3d54190a656cJohn McCall } 44651bd803fbdade51d674598ed45da3d54190a656cJohn McCall 447b6ab6c1ca733fda2302a1c5066bdfc6218c89e41Abramo Bagnara n2s(d, ct); 44851bd803fbdade51d674598ed45da3d54190a656cJohn McCall if(ct!=2) 44951bd803fbdade51d674598ed45da3d54190a656cJohn McCall { 45051bd803fbdade51d674598ed45da3d54190a656cJohn McCall SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); 45151bd803fbdade51d674598ed45da3d54190a656cJohn McCall *al=SSL_AD_DECODE_ERROR; 45251bd803fbdade51d674598ed45da3d54190a656cJohn McCall return 1; 45351bd803fbdade51d674598ed45da3d54190a656cJohn McCall } 45451bd803fbdade51d674598ed45da3d54190a656cJohn McCall 45551bd803fbdade51d674598ed45da3d54190a656cJohn McCall n2s(d,id); 45651bd803fbdade51d674598ed45da3d54190a656cJohn McCall if (*d) /* Must be no MKI, since we never offer one */ 45751bd803fbdade51d674598ed45da3d54190a656cJohn McCall { 45851bd803fbdade51d674598ed45da3d54190a656cJohn McCall SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_MKI_VALUE); 45951bd803fbdade51d674598ed45da3d54190a656cJohn McCall *al=SSL_AD_ILLEGAL_PARAMETER; 46051bd803fbdade51d674598ed45da3d54190a656cJohn McCall return 1; 46151bd803fbdade51d674598ed45da3d54190a656cJohn McCall } 46251bd803fbdade51d674598ed45da3d54190a656cJohn McCall 46351bd803fbdade51d674598ed45da3d54190a656cJohn McCall clnt=SSL_get_srtp_profiles(s); 46451bd803fbdade51d674598ed45da3d54190a656cJohn McCall 46551bd803fbdade51d674598ed45da3d54190a656cJohn McCall /* Throw an error if the server gave us an unsolicited extension */ 46651bd803fbdade51d674598ed45da3d54190a656cJohn McCall if (clnt == NULL) 46751bd803fbdade51d674598ed45da3d54190a656cJohn McCall { 46851bd803fbdade51d674598ed45da3d54190a656cJohn McCall SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_NO_SRTP_PROFILES); 46951bd803fbdade51d674598ed45da3d54190a656cJohn McCall *al=SSL_AD_DECODE_ERROR; 47051bd803fbdade51d674598ed45da3d54190a656cJohn McCall return 1; 47151bd803fbdade51d674598ed45da3d54190a656cJohn McCall } 47251bd803fbdade51d674598ed45da3d54190a656cJohn McCall 47351bd803fbdade51d674598ed45da3d54190a656cJohn McCall /* Check to see if the server gave us something we support 47451bd803fbdade51d674598ed45da3d54190a656cJohn McCall (and presumably offered) 47551bd803fbdade51d674598ed45da3d54190a656cJohn McCall */ 47651bd803fbdade51d674598ed45da3d54190a656cJohn McCall for(i=0;i<sk_SRTP_PROTECTION_PROFILE_num(clnt);i++) 47751bd803fbdade51d674598ed45da3d54190a656cJohn McCall { 47851bd803fbdade51d674598ed45da3d54190a656cJohn McCall prof=sk_SRTP_PROTECTION_PROFILE_value(clnt,i); 47951bd803fbdade51d674598ed45da3d54190a656cJohn McCall 480796aa443ab5ed036f42ef33fed629e1b4b34871bAbramo Bagnara if(prof->id == id) 481796aa443ab5ed036f42ef33fed629e1b4b34871bAbramo Bagnara { 482dab60ad68a3a98d687305941a3852e793705f945Douglas Gregor s->srtp_profile=prof; 48351bd803fbdade51d674598ed45da3d54190a656cJohn McCall *al=0; 48451bd803fbdade51d674598ed45da3d54190a656cJohn McCall return 0; 48551bd803fbdade51d674598ed45da3d54190a656cJohn McCall } 48651bd803fbdade51d674598ed45da3d54190a656cJohn McCall } 48751bd803fbdade51d674598ed45da3d54190a656cJohn McCall 48851bd803fbdade51d674598ed45da3d54190a656cJohn McCall SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); 48951bd803fbdade51d674598ed45da3d54190a656cJohn McCall *al=SSL_AD_DECODE_ERROR; 49051bd803fbdade51d674598ed45da3d54190a656cJohn McCall return 1; 49151bd803fbdade51d674598ed45da3d54190a656cJohn McCall } 492ed97649e9574b9d854fa4d6109c9333ae0993554John McCall 493ed97649e9574b9d854fa4d6109c9333ae0993554John McCall 494ed97649e9574b9d854fa4d6109c9333ae0993554John McCall#endif 49551bd803fbdade51d674598ed45da3d54190a656cJohn McCall