From 1d2173c7aed0587cdd434e69e89a3972a2642cd8 Mon Sep 17 00:00:00 2001 From: Alexander Traud Date: Wed, 13 Jul 2016 12:24:46 +0200 Subject: res_srtp: Enable AES-256 and AES-GCM. ASTERISK-26190 #close Change-Id: I11326d80edd656524a51a19450e586c583aa0a0b --- include/asterisk/autoconfig.h.in | 10 ++++++++++ include/asterisk/res_srtp.h | 14 ++++++++++++-- include/asterisk/sdp_srtp.h | 18 ++++++++++++------ 3 files changed, 34 insertions(+), 8 deletions(-) (limited to 'include') diff --git a/include/asterisk/autoconfig.h.in b/include/asterisk/autoconfig.h.in index cdcc4d006..380ac2efb 100644 --- a/include/asterisk/autoconfig.h.in +++ b/include/asterisk/autoconfig.h.in @@ -838,6 +838,16 @@ /* Define to 1 if you have the Secure RTP library. */ #undef HAVE_SRTP +/* Define to 1 if SRTP has the SRTP Library AES-192 (ICM) feature. */ +#undef HAVE_SRTP_192 + +/* Define to 1 if SRTP has the SRTP Library AES-256 (ICM) feature. */ +#undef HAVE_SRTP_256 + +/* Define to 1 if SRTP has the SRTP Library AES-128 (GCM) and AES-256 (GCM) + feature. */ +#undef HAVE_SRTP_GCM + /* Define to 1 if SRTP has the SRTP Library Shutdown Function feature. */ #undef HAVE_SRTP_SHUTDOWN diff --git a/include/asterisk/res_srtp.h b/include/asterisk/res_srtp.h index c7fdc40b7..741d4f9ac 100644 --- a/include/asterisk/res_srtp.h +++ b/include/asterisk/res_srtp.h @@ -21,6 +21,8 @@ #ifndef _ASTERISK_RES_SRTP_H #define _ASTERISK_RES_SRTP_H +#include "asterisk.h" /* for size_t */ + struct ast_srtp; struct ast_srtp_policy; struct ast_rtp_instance; @@ -52,9 +54,17 @@ struct ast_srtp_res { /* Crypto suites */ enum ast_srtp_suite { + /* https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml */ AST_AES_CM_128_HMAC_SHA1_80 = 1, - AST_AES_CM_128_HMAC_SHA1_32 = 2, - AST_F8_128_HMAC_SHA1_80 = 3 + AST_AES_CM_128_HMAC_SHA1_32, + AST_AES_CM_256_HMAC_SHA1_80, + AST_AES_CM_256_HMAC_SHA1_32, + AST_AES_GCM_128 = 7, + AST_AES_GCM_256, + AST_AES_GCM_128_8, + AST_AES_GCM_256_8, + AST_AES_CM_192_HMAC_SHA1_80, + AST_AES_CM_192_HMAC_SHA1_32, }; struct ast_srtp_policy_res { diff --git a/include/asterisk/sdp_srtp.h b/include/asterisk/sdp_srtp.h index 772c3c38d..5d8f0e7d1 100644 --- a/include/asterisk/sdp_srtp.h +++ b/include/asterisk/sdp_srtp.h @@ -20,8 +20,7 @@ * * \brief SRTP and SDP Security descriptions * - * Specified in RFC 4568 - * Specified in RFC 3711 + * Specified in RFC 3711, 6188, 7714, and 4568 * * \author Mikael Magnusson */ @@ -29,7 +28,8 @@ #ifndef _SDP_SRTP_H #define _SDP_SRTP_H -#include +#include "asterisk/linkedlists.h" /* for AST_LIST_ENTRY */ +#include "asterisk/rtp_engine.h" /* for ast_rtp_instance */ struct ast_sdp_crypto; @@ -37,12 +37,18 @@ struct ast_sdp_crypto; struct ast_sdp_srtp { unsigned int flags; struct ast_sdp_crypto *crypto; + AST_LIST_ENTRY(ast_sdp_srtp) sdp_srtp_list; }; /* SRTP flags */ -#define AST_SRTP_CRYPTO_OFFER_OK (1 << 1) -#define AST_SRTP_CRYPTO_TAG_32 (1 << 2) -#define AST_SRTP_CRYPTO_TAG_80 (1 << 3) +#define AST_SRTP_CRYPTO_OFFER_OK (1 << 1) +#define AST_SRTP_CRYPTO_TAG_32 (1 << 2) +#define AST_SRTP_CRYPTO_TAG_80 (1 << 3) +#define AST_SRTP_CRYPTO_TAG_16 (1 << 4) +#define AST_SRTP_CRYPTO_TAG_8 (1 << 5) +#define AST_SRTP_CRYPTO_AES_192 (1 << 6) +#define AST_SRTP_CRYPTO_AES_256 (1 << 7) +#define AST_SRTP_CRYPTO_OLD_NAME (1 << 8) /*! * \brief allocate a ast_sdp_srtp structure -- cgit v1.2.3