cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-30 19:20:40 -04:00
Code Issues Packages Projects Releases Wiki Activity

Minor style modifications

Browse Source 
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
This commit is contained in:
Johan Pascal 2020-08-25 10:01:54 +02:00
parent 48f62e98a8
commit 8526957cd5
6 changed files with 41 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
include/mbedtls/ssl.h
View File

@ -418,10 +418,10 @@
* Use_srtp extension protection profiles values as defined in * Use_srtp extension protection profiles values as defined in
* http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml * http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
*/ */
#define MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80_IANA_VALUE 0x0001 #define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80 0x0001
#define MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32_IANA_VALUE 0x0002 #define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32 0x0002
#define MBEDTLS_SRTP_NULL_HMAC_SHA1_80_IANA_VALUE 0x0005 #define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80 0x0005
#define MBEDTLS_SRTP_NULL_HMAC_SHA1_32_IANA_VALUE 0x0006 #define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 0x0006
/* /*
* Size defines * Size defines
@ -867,8 +867,8 @@ typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );
#if defined(MBEDTLS_SSL_DTLS_SRTP) #if defined(MBEDTLS_SSL_DTLS_SRTP)
#define MBEDTLS_DTLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60 #define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
#define MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH 255 #define MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH 255
/* /*
* List of SRTP profiles for DTLS-SRTP * List of SRTP profiles for DTLS-SRTP
*/ */
@ -894,7 +894,7 @@ typedef struct mbedtls_dtls_srtp_info_t
/*! The SRTP profile that was negotiated*/ /*! The SRTP profile that was negotiated*/
mbedtls_ssl_srtp_profile chosen_dtls_srtp_profile; mbedtls_ssl_srtp_profile chosen_dtls_srtp_profile;
/*! The mki_value used, with max size of 256 bytes */ /*! The mki_value used, with max size of 256 bytes */
unsigned char mki_value[MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH]; unsigned char mki_value[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH];
/*! The length of mki_value */ /*! The length of mki_value */
size_t mki_len; size_t mki_len;
} }
@ -3190,7 +3190,9 @@ const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl );
#if defined(MBEDTLS_SSL_DTLS_SRTP) #if defined(MBEDTLS_SSL_DTLS_SRTP)
/** /**
* \brief Add support for mki value in use_srtp extension. * \brief Add support for mki(master key id) value in use_srtp extension.
* MKI is an optional part of SRTP used for key management and
* re-keying. See RFC3711 section 3.1 for details
* The default value is * The default value is
* #MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED. * #MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED.
* *
@ -3210,7 +3212,8 @@ void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
* in decreasing preference order. * in decreasing preference order.
* \param profiles_number Number of supported profiles. * \param profiles_number Number of supported profiles.
* *
* \return 0 on success, or #MBEDTLS_ERR_SSL_BAD_INPUT_DATA. * \return 0 on success
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA when the list of protection profiles is incorrect
*/ */
int mbedtls_ssl_conf_dtls_srtp_protection_profiles int mbedtls_ssl_conf_dtls_srtp_protection_profiles
( mbedtls_ssl_config *conf, ( mbedtls_ssl_config *conf,
@ -3224,8 +3227,9 @@ int mbedtls_ssl_conf_dtls_srtp_protection_profiles
* \param mki_value The MKI value to set. * \param mki_value The MKI value to set.
* \param mki_len The length of the MKI value. * \param mki_len The length of the MKI value.
* *
* \return 0 on success, #MBEDTLS_ERR_SSL_BAD_INPUT_DATA * \return 0 on success
* or #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE on failure * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA
* \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
*/ */
int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl, int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
unsigned char *mki_value, unsigned char *mki_value,
@ -3235,10 +3239,11 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
* This function should be called after the handshake is * This function should be called after the handshake is
* completed. * completed.
* *
* \param ssl SSL context * \param ssl The SSL context to query
* *
* \return Protection Profile enum member, * \return The DTLS SRTP protection profile in use
* #MBEDTLS_SRTP_UNSET_PROFILE if no protocol was negotiated. * \return #MBEDTLS_SRTP_UNSET_PROFILE if no protocol was negotiated or the handshake is still on
* early stage
*/ */
mbedtls_ssl_srtp_profile mbedtls_ssl_get_dtls_srtp_protection_profile mbedtls_ssl_srtp_profile mbedtls_ssl_get_dtls_srtp_protection_profile
( const mbedtls_ssl_context *ssl ); ( const mbedtls_ssl_context *ssl );
@ -3246,10 +3251,11 @@ mbedtls_ssl_srtp_profile mbedtls_ssl_get_dtls_srtp_protection_profile
/** /**
* \brief Utility function to get information on DTLS-SRTP profile. * \brief Utility function to get information on DTLS-SRTP profile.
* *
* \param profile The dtls-srtp profile id to get info on. * \param profile The DTLS-SRTP profile id to get info on.
* *
* \return Address of the SRTP profile information structure on * \return Address of the SRTP profile information structure on
* success,NULL if not found. * success
* \return \c NULL if not found.
*/ */
const mbedtls_ssl_srtp_profile_info *mbedtls_ssl_dtls_srtp_profile_info_from_id const mbedtls_ssl_srtp_profile_info *mbedtls_ssl_dtls_srtp_profile_info_from_id
( mbedtls_ssl_srtp_profile profile ); ( mbedtls_ssl_srtp_profile profile );

16
include/mbedtls/ssl_internal.h
View File

@ -1103,16 +1103,16 @@ static inline uint16_t mbedtls_ssl_get_srtp_profile_iana_value
switch( profile ) switch( profile )
{ {
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80: case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80:
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80_IANA_VALUE; profile_value = MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80;
break; break;
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32: case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32:
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32_IANA_VALUE; profile_value = MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32;
break; break;
case MBEDTLS_SRTP_NULL_HMAC_SHA1_80: case MBEDTLS_SRTP_NULL_HMAC_SHA1_80:
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_80_IANA_VALUE; profile_value = MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80;
break; break;
case MBEDTLS_SRTP_NULL_HMAC_SHA1_32: case MBEDTLS_SRTP_NULL_HMAC_SHA1_32:
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_32_IANA_VALUE; profile_value = MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32;
break; break;
default: break; default: break;
} }
@ -1125,16 +1125,16 @@ static inline mbedtls_ssl_srtp_profile mbedtls_ssl_get_srtp_profile_value
mbedtls_ssl_srtp_profile profile_value = MBEDTLS_SRTP_UNSET_PROFILE; mbedtls_ssl_srtp_profile profile_value = MBEDTLS_SRTP_UNSET_PROFILE;
switch( srtp_iana_value ) switch( srtp_iana_value )
{ {
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80_IANA_VALUE: case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80; profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80;
break; break;
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32_IANA_VALUE: case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32; profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32;
break; break;
case MBEDTLS_SRTP_NULL_HMAC_SHA1_80_IANA_VALUE: case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_80; profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_80;
break; break;
case MBEDTLS_SRTP_NULL_HMAC_SHA1_32_IANA_VALUE: case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32:
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_32; profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_32;
break; break;
default: break; default: break;

8
library/ssl_srv.c
View File

@ -791,7 +791,9 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
/* If use_srtp is not configured, just ignore the extension */ /* If use_srtp is not configured, just ignore the extension */
if( ssl->conf->dtls_srtp_profile_list == NULL || if( ssl->conf->dtls_srtp_profile_list == NULL ||
ssl->conf->dtls_srtp_profile_list_len == 0 ) ssl->conf->dtls_srtp_profile_list_len == 0 )
{
return( 0 ); return( 0 );
}
/* RFC5764 section 4.1.1 /* RFC5764 section 4.1.1
* uint8 SRTPProtectionProfile[2]; * uint8 SRTPProtectionProfile[2];
@ -841,6 +843,10 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
{ {
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s", profile_info->name ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s", profile_info->name ) );
} }
else
{
continue;
}
/* check if suggested profile is in our list */ /* check if suggested profile is in our list */
for( i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++) for( i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++)
{ {
@ -858,7 +864,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
( len > ( profile_length + 2 ) ) ) ( len > ( profile_length + 2 ) ) )
{ {
ssl->dtls_srtp_info.mki_len = buf[profile_length + 2]; ssl->dtls_srtp_info.mki_len = buf[profile_length + 2];
if( ssl->dtls_srtp_info.mki_len > MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH || if( ssl->dtls_srtp_info.mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH ||
ssl->dtls_srtp_info.mki_len + profile_length + size_of_lengths != len ) ssl->dtls_srtp_info.mki_len + profile_length + size_of_lengths != len )
{ {
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,

2
library/ssl_tls.c
View File

@ -4749,7 +4749,7 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
unsigned char *mki_value, unsigned char *mki_value,
size_t mki_len ) size_t mki_len )
{ {
if ( mki_len > MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH ) if ( mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH )
{ {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
} }

4
programs/ssl/ssl_client2.c
View File

@ -1194,7 +1194,7 @@ int main( int argc, char *argv[] )
const mbedtls_ecp_curve_info *curve_cur; const mbedtls_ecp_curve_info *curve_cur;
#endif #endif
#if defined(MBEDTLS_SSL_DTLS_SRTP) #if defined(MBEDTLS_SSL_DTLS_SRTP)
unsigned char mki[MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH]; unsigned char mki[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH];
size_t mki_len=0; size_t mki_len=0;
#endif #endif
@ -1242,7 +1242,7 @@ int main( int argc, char *argv[] )
eap_tls_keys eap_tls_keying; eap_tls_keys eap_tls_keying;
#if defined( MBEDTLS_SSL_DTLS_SRTP ) #if defined( MBEDTLS_SSL_DTLS_SRTP )
/*! master keys and master salt for SRTP generated during handshake */ /*! master keys and master salt for SRTP generated during handshake */
unsigned char dtls_srtp_key_material[MBEDTLS_DTLS_SRTP_MAX_KEY_MATERIAL_LENGTH]; unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp"; const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
dtls_srtp_keys dtls_srtp_keying; dtls_srtp_keys dtls_srtp_keying;
#endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_DTLS_SRTP */

2
programs/ssl/ssl_server2.c
View File

@ -1873,7 +1873,7 @@ int main( int argc, char *argv[] )
eap_tls_keys eap_tls_keying; eap_tls_keys eap_tls_keying;
#if defined( MBEDTLS_SSL_DTLS_SRTP ) #if defined( MBEDTLS_SSL_DTLS_SRTP )
/*! master keys and master salt for SRTP generated during handshake */ /*! master keys and master salt for SRTP generated during handshake */
unsigned char dtls_srtp_key_material[MBEDTLS_DTLS_SRTP_MAX_KEY_MATERIAL_LENGTH]; unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp"; const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
dtls_srtp_keys dtls_srtp_keying; dtls_srtp_keys dtls_srtp_keying;
#endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_DTLS_SRTP */