diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-11-06 15:52:16 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-11-06 15:52:16 +0100 |
| commit | 885e339e5542cac1266e21b710d7419fa813b8e5 (patch) | |
| tree | 8a0ebe3350e1343b341e45e43ed39b50681755c5 | |
| parent | c5bd1cab82a0963327244788df3ac5c42ffea68d (diff) | |
| download | gnutls-885e339e5542cac1266e21b710d7419fa813b8e5.tar.gz | |
Added gnutls_srtp_get_mki() and gnutls_srtp_set_mki().
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | lib/ext/srtp.c | 116 | ||||
| -rw-r--r-- | lib/ext/srtp.h | 2 | ||||
| -rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 3 | ||||
| -rw-r--r-- | lib/libgnutls.map | 2 |
5 files changed, 121 insertions, 4 deletions
@@ -48,6 +48,8 @@ gnutls_srtp_get_selected_profile: Added gnutls_srtp_get_profile_name: Added gnutls_srtp_get_profile_id: Added gnutls_srtp_get_keys: Added +gnutls_srtp_get_mki: Added +gnutls_srtp_set_mki: Added gnutls_srtp_profile_t: Added dane_cert_type_name: Added dane_match_type_name: Added diff --git a/lib/ext/srtp.c b/lib/ext/srtp.c index 48df7d4872..0dc7cf18eb 100644 --- a/lib/ext/srtp.c +++ b/lib/ext/srtp.c @@ -1,5 +1,6 @@ /* * Copyright (C) 2012 Martin Storsjo + * Copyright (C) 2012 Free Software Foundation * * Author: Martin Storsjo * @@ -197,8 +198,16 @@ _gnutls_srtp_recv_params (gnutls_session_t session, if (len+1 > data_size) return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); - if (len > MAX_PROFILES_IN_SRTP_EXTENSION*2) - return 0; + if (session->security_parameters.entity == GNUTLS_SERVER) + { + if (len > MAX_PROFILES_IN_SRTP_EXTENSION*2) + return 0; + } + else + { + if (len != 2) + return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); + } while (len > 0) { @@ -217,6 +226,16 @@ _gnutls_srtp_recv_params (gnutls_session_t session, len -= 2; } + DECR_LEN (data_size, 1); + priv->mki_size = *p; + p++; + + if (priv->mki_size > 0) + { + DECR_LEN (data_size, priv->mki_size); + memcpy(priv->mki, p, priv->mki_size); + } + return 0; } @@ -269,8 +288,8 @@ _gnutls_srtp_send_params (gnutls_session_t session, total_size = 2 + 2 * priv->profiles_size; } - /* use_mki, not supported yet */ - ret = _gnutls_buffer_append_prefix(extdata, 8, 0); + /* use_mki */ + ret = _gnutls_buffer_append_data_prefix(extdata, 8, priv->mki, priv->mki_size); if (ret < 0) return gnutls_assert_val(ret); @@ -319,6 +338,95 @@ gnutls_srtp_get_selected_profile (gnutls_session_t session, } /** + * gnutls_srtp_get_mki: + * @session: is a #gnutls_session_t structure. + * @mki: will hold the MKI + * + * This function exports the negotiated Master Key Identifier, + * if any. The returned value in @mki should be treated as + * constant and valid only during the session's lifetime. + * + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, + * otherwise a negative error code is returned. + * + * Since 3.1.4 + **/ +int +gnutls_srtp_get_mki (gnutls_session_t session, + gnutls_datum_t *mki) +{ + srtp_ext_st *priv; + int ret; + extension_priv_data_t epriv; + + ret = + _gnutls_ext_get_session_data (session, GNUTLS_EXTENSION_SRTP, + &epriv); + if (ret < 0) + { + gnutls_assert (); + return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; + } + + priv = epriv.ptr; + + mki->data = priv->mki; + mki->size = priv->mki_size; + + return 0; +} + +/** + * gnutls_srtp_set_mki: + * @session: is a #gnutls_session_t structure. + * @mki: holds the MKI + * + * This function sets the Master Key Identifier, to be + * used by this session (if any). + * + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, + * otherwise a negative error code is returned. + * + * Since 3.1.4 + **/ +int +gnutls_srtp_set_mki (gnutls_session_t session, + const gnutls_datum_t *mki) +{ + int ret; + srtp_ext_st *priv; + extension_priv_data_t epriv; + + ret = + _gnutls_ext_get_session_data (session, GNUTLS_EXTENSION_SRTP, + &epriv); + if (ret < 0) + { + priv = gnutls_calloc (1, sizeof (*priv)); + if (priv == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + epriv.ptr = priv; + _gnutls_ext_set_session_data (session, GNUTLS_EXTENSION_SRTP, + epriv); + } + else + priv = epriv.ptr; + + if (mki->size > 0 && mki->size <= sizeof(priv->mki)) + { + priv->mki_size = mki->size; + memcpy(priv->mki, mki->data, mki->size); + } + else + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + + return 0; +} + +/** * gnutls_srtp_set_profile: * @session: is a #gnutls_session_t structure. * @profile: is the profile id to add. diff --git a/lib/ext/srtp.h b/lib/ext/srtp.h index 42a097e143..73552f716b 100644 --- a/lib/ext/srtp.h +++ b/lib/ext/srtp.h @@ -31,6 +31,8 @@ typedef struct gnutls_srtp_profile_t profiles[MAX_SRTP_PROFILES]; unsigned profiles_size; gnutls_srtp_profile_t selected_profile; + uint8_t mki[256]; + unsigned mki_size; } srtp_ext_st; extern extension_entry_st ext_mod_srtp; diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 565e5bea4a..d7f07f21dd 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -1005,6 +1005,9 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); gnutls_datum_t *server_key, gnutls_datum_t *server_salt); + int gnutls_srtp_set_mki (gnutls_session_t session, const gnutls_datum_t *mki); + int gnutls_srtp_get_mki (gnutls_session_t session, gnutls_datum_t *mki); + int gnutls_key_generate (gnutls_datum_t * key, unsigned int key_size); /* if you just want some defaults, use the following. diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 33a9762751..afc2dd4c62 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -866,6 +866,8 @@ GNUTLS_3_1_0 { gnutls_srtp_set_profile; gnutls_srtp_set_profile_direct; gnutls_srtp_get_keys; + gnutls_srtp_get_mki; + gnutls_srtp_set_mki; } GNUTLS_3_0_0; GNUTLS_PRIVATE { |