Commit bcada9eb authored by Erwan Croze's avatar Erwan Croze 👋🏻
Browse files

Adding AES_CM_256 to deprecated crypto suite

parent 3b23cf2d
...@@ -41,6 +41,7 @@ typedef enum _MSCryptoSuite{ ...@@ -41,6 +41,7 @@ typedef enum _MSCryptoSuite{
MS_AES_128_NO_AUTH, MS_AES_128_NO_AUTH,
MS_NO_CIPHER_SHA1_80, MS_NO_CIPHER_SHA1_80,
MS_AES_256_SHA1_80, MS_AES_256_SHA1_80,
MS_AES_CM_256_SHA1_80,
MS_AES_256_SHA1_32 MS_AES_256_SHA1_32
} MSCryptoSuite; } MSCryptoSuite;
......
...@@ -274,9 +274,10 @@ static int ms_set_srtp_crypto_policy(MSCryptoSuite suite, crypto_policy_t *polic ...@@ -274,9 +274,10 @@ static int ms_set_srtp_crypto_policy(MSCryptoSuite suite, crypto_policy_t *polic
case MS_AES_128_SHA1_80: /*default mode*/ case MS_AES_128_SHA1_80: /*default mode*/
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
break; break;
case MS_AES_256_SHA1_80: case MS_AES_256_SHA1_80: // For backward compatibility
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); case MS_AES_CM_256_SHA1_80:
break; crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
break;
case MS_AES_256_SHA1_32: case MS_AES_256_SHA1_32:
crypto_policy_set_aes_cm_256_hmac_sha1_32(policy); crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
break; break;
......
...@@ -502,41 +502,48 @@ MSCryptoSuite ms_crypto_suite_build_from_name_params(const MSCryptoSuiteNamePara ...@@ -502,41 +502,48 @@ MSCryptoSuite ms_crypto_suite_build_from_name_params(const MSCryptoSuiteNamePara
if (parameters && strstr(parameters,"UNENCRYPTED_SRTP")) goto error; if (parameters && strstr(parameters,"UNENCRYPTED_SRTP")) goto error;
if (parameters && strstr(parameters,"UNAUTHENTICATED_SRTP")) goto error; if (parameters && strstr(parameters,"UNAUTHENTICATED_SRTP")) goto error;
return MS_AES_256_SHA1_80; return MS_AES_256_SHA1_80;
} }else if ( keywordcmp ("AES_CM_256_HMAC_SHA1_80", name) == 0 ){
if (parameters && strstr(parameters,"UNENCRYPTED_SRTP")) goto error;
if (parameters && strstr(parameters,"UNAUTHENTICATED_SRTP")) goto error;
return MS_AES_CM_256_SHA1_80;
}
error: error:
ms_error("Unsupported crypto suite '%s' with parameters '%s'",name, parameters ? parameters : ""); ms_error("Unsupported crypto suite '%s' with parameters '%s'",name, parameters ? parameters : "");
return MS_CRYPTO_SUITE_INVALID; return MS_CRYPTO_SUITE_INVALID;
} }
int ms_crypto_suite_to_name_params(MSCryptoSuite cs, MSCryptoSuiteNameParams *params ){ int ms_crypto_suite_to_name_params(MSCryptoSuite cs, MSCryptoSuiteNameParams *params ){
params->name=NULL; params->name=NULL;
params->params=NULL; params->params=NULL;
switch(cs){ switch(cs){
case MS_CRYPTO_SUITE_INVALID: case MS_CRYPTO_SUITE_INVALID:
break; break;
case MS_AES_128_SHA1_80: case MS_AES_128_SHA1_80:
params->name= "AES_CM_128_HMAC_SHA1_80"; params->name= "AES_CM_128_HMAC_SHA1_80";
break; break;
case MS_AES_128_SHA1_32: case MS_AES_128_SHA1_32:
params->name="AES_CM_128_HMAC_SHA1_32"; params->name="AES_CM_128_HMAC_SHA1_32";
break; break;
case MS_AES_128_NO_AUTH: case MS_AES_128_NO_AUTH:
params->name="AES_CM_128_HMAC_SHA1_80"; params->name="AES_CM_128_HMAC_SHA1_80";
params->params="UNAUTHENTICATED_SRTP"; params->params="UNAUTHENTICATED_SRTP";
break; break;
case MS_NO_CIPHER_SHA1_80: case MS_NO_CIPHER_SHA1_80:
params->name="AES_CM_128_HMAC_SHA1_80"; params->name="AES_CM_128_HMAC_SHA1_80";
params->params="UNENCRYPTED_SRTP UNENCRYPTED_SRTCP"; params->params="UNENCRYPTED_SRTP UNENCRYPTED_SRTCP";
break; break;
case MS_AES_256_SHA1_80: case MS_AES_256_SHA1_80:
params->name="AES_256_CM_HMAC_SHA1_80"; params->name="AES_256_CM_HMAC_SHA1_80";
break; break;
case MS_AES_256_SHA1_32: case MS_AES_CM_256_SHA1_80:
params->name= "AES_256_CM_HMAC_SHA1_32"; params->name="AES_CM_256_HMAC_SHA1_80";
break; break;
} case MS_AES_256_SHA1_32:
if (params->name==NULL) return -1; params->name= "AES_256_CM_HMAC_SHA1_32";
return 0; break;
}
if (params->name==NULL) return -1;
return 0;
} }
OrtpEvDispatcher* media_stream_get_event_dispatcher(const MediaStream *stream) { OrtpEvDispatcher* media_stream_get_event_dispatcher(const MediaStream *stream) {
......
...@@ -281,6 +281,7 @@ static void encrypted_audio_stream_base( bool_t change_ssrc, ...@@ -281,6 +281,7 @@ static void encrypted_audio_stream_base( bool_t change_ssrc,
break; break;
case MS_AES_256_SHA1_32: case MS_AES_256_SHA1_32:
case MS_AES_256_SHA1_80: case MS_AES_256_SHA1_80:
case MS_AES_CM_256_SHA1_80:
send_key = aes_256_bits_send_key; send_key = aes_256_bits_send_key;
send_key_2 = aes_256_bits_send_key_2; send_key_2 = aes_256_bits_send_key_2;
recv_key = aes_256_bits_recv_key; recv_key = aes_256_bits_recv_key;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment