Minor style modifications

Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
This commit is contained in:
Johan Pascal 2020-08-25 10:01:54 +02:00
parent 48f62e98a8
commit 8526957cd5
6 changed files with 41 additions and 29 deletions

View File

@ -418,10 +418,10 @@
* Use_srtp extension protection profiles values as defined in
* http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
*/
#define MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80_IANA_VALUE 0x0001
#define MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32_IANA_VALUE 0x0002
#define MBEDTLS_SRTP_NULL_HMAC_SHA1_80_IANA_VALUE 0x0005
#define MBEDTLS_SRTP_NULL_HMAC_SHA1_32_IANA_VALUE 0x0006
#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80 0x0001
#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32 0x0002
#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80 0x0005
#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 0x0006
/*
* Size defines
@ -867,8 +867,8 @@ typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );
#if defined(MBEDTLS_SSL_DTLS_SRTP)
#define MBEDTLS_DTLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
#define MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH 255
#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
#define MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH 255
/*
* List of SRTP profiles for DTLS-SRTP
*/
@ -894,7 +894,7 @@ typedef struct mbedtls_dtls_srtp_info_t
/*! The SRTP profile that was negotiated*/
mbedtls_ssl_srtp_profile chosen_dtls_srtp_profile;
/*! The mki_value used, with max size of 256 bytes */
unsigned char mki_value[MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH];
unsigned char mki_value[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH];
/*! The length of mki_value */
size_t mki_len;
}
@ -3190,7 +3190,9 @@ const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl );
#if defined(MBEDTLS_SSL_DTLS_SRTP)
/**
* \brief Add support for mki value in use_srtp extension.
* \brief Add support for mki(master key id) value in use_srtp extension.
* MKI is an optional part of SRTP used for key management and
* re-keying. See RFC3711 section 3.1 for details
* The default value is
* #MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED.
*
@ -3210,7 +3212,8 @@ void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
* in decreasing preference order.
* \param profiles_number Number of supported profiles.
*
* \return 0 on success, or #MBEDTLS_ERR_SSL_BAD_INPUT_DATA.
* \return 0 on success
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA when the list of protection profiles is incorrect
*/
int mbedtls_ssl_conf_dtls_srtp_protection_profiles
( mbedtls_ssl_config *conf,
@ -3224,8 +3227,9 @@ int mbedtls_ssl_conf_dtls_srtp_protection_profiles
* \param mki_value The MKI value to set.
* \param mki_len The length of the MKI value.
*
* \return 0 on success, #MBEDTLS_ERR_SSL_BAD_INPUT_DATA
* or #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE on failure
* \return 0 on success
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA
* \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
*/
int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
unsigned char *mki_value,
@ -3235,10 +3239,11 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
* This function should be called after the handshake is
* completed.
*
* \param ssl SSL context
* \param ssl The SSL context to query
*
* \return Protection Profile enum member,
* #MBEDTLS_SRTP_UNSET_PROFILE if no protocol was negotiated.
* \return The DTLS SRTP protection profile in use
* \return #MBEDTLS_SRTP_UNSET_PROFILE if no protocol was negotiated or the handshake is still on
* early stage
*/
mbedtls_ssl_srtp_profile mbedtls_ssl_get_dtls_srtp_protection_profile
( const mbedtls_ssl_context *ssl );
@ -3246,10 +3251,11 @@ mbedtls_ssl_srtp_profile mbedtls_ssl_get_dtls_srtp_protection_profile
/**
* \brief Utility function to get information on DTLS-SRTP profile.
*
* \param profile The dtls-srtp profile id to get info on.
* \param profile The DTLS-SRTP profile id to get info on.
*
* \return Address of the SRTP profile information structure on
* success,NULL if not found.
* success
* \return \c NULL if not found.
*/
const mbedtls_ssl_srtp_profile_info *mbedtls_ssl_dtls_srtp_profile_info_from_id
( mbedtls_ssl_srtp_profile profile );

View File

@ -1103,16 +1103,16 @@ static inline uint16_t mbedtls_ssl_get_srtp_profile_iana_value
switch( profile )
{
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80:
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80_IANA_VALUE;
profile_value = MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80;
break;
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32:
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32_IANA_VALUE;
profile_value = MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32;
break;
case MBEDTLS_SRTP_NULL_HMAC_SHA1_80:
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_80_IANA_VALUE;
profile_value = MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80;
break;
case MBEDTLS_SRTP_NULL_HMAC_SHA1_32:
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_32_IANA_VALUE;
profile_value = MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32;
break;
default: break;
}
@ -1125,16 +1125,16 @@ static inline mbedtls_ssl_srtp_profile mbedtls_ssl_get_srtp_profile_value
mbedtls_ssl_srtp_profile profile_value = MBEDTLS_SRTP_UNSET_PROFILE;
switch( srtp_iana_value )
{
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80_IANA_VALUE:
case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80;
break;
case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32_IANA_VALUE:
case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
profile_value = MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32;
break;
case MBEDTLS_SRTP_NULL_HMAC_SHA1_80_IANA_VALUE:
case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_80;
break;
case MBEDTLS_SRTP_NULL_HMAC_SHA1_32_IANA_VALUE:
case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32:
profile_value = MBEDTLS_SRTP_NULL_HMAC_SHA1_32;
break;
default: break;

View File

@ -791,7 +791,9 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
/* If use_srtp is not configured, just ignore the extension */
if( ssl->conf->dtls_srtp_profile_list == NULL ||
ssl->conf->dtls_srtp_profile_list_len == 0 )
{
return( 0 );
}
/* RFC5764 section 4.1.1
* uint8 SRTPProtectionProfile[2];
@ -841,6 +843,10 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s", profile_info->name ) );
}
else
{
continue;
}
/* check if suggested profile is in our list */
for( i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++)
{
@ -858,7 +864,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
( len > ( profile_length + 2 ) ) )
{
ssl->dtls_srtp_info.mki_len = buf[profile_length + 2];
if( ssl->dtls_srtp_info.mki_len > MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH ||
if( ssl->dtls_srtp_info.mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH ||
ssl->dtls_srtp_info.mki_len + profile_length + size_of_lengths != len )
{
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,

View File

@ -4749,7 +4749,7 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
unsigned char *mki_value,
size_t mki_len )
{
if ( mki_len > MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH )
if ( mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH )
{
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}

View File

@ -1194,7 +1194,7 @@ int main( int argc, char *argv[] )
const mbedtls_ecp_curve_info *curve_cur;
#endif
#if defined(MBEDTLS_SSL_DTLS_SRTP)
unsigned char mki[MBEDTLS_DTLS_SRTP_MAX_MKI_LENGTH];
unsigned char mki[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH];
size_t mki_len=0;
#endif
@ -1242,7 +1242,7 @@ int main( int argc, char *argv[] )
eap_tls_keys eap_tls_keying;
#if defined( MBEDTLS_SSL_DTLS_SRTP )
/*! master keys and master salt for SRTP generated during handshake */
unsigned char dtls_srtp_key_material[MBEDTLS_DTLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
dtls_srtp_keys dtls_srtp_keying;
#endif /* MBEDTLS_SSL_DTLS_SRTP */

View File

@ -1873,7 +1873,7 @@ int main( int argc, char *argv[] )
eap_tls_keys eap_tls_keying;
#if defined( MBEDTLS_SSL_DTLS_SRTP )
/*! master keys and master salt for SRTP generated during handshake */
unsigned char dtls_srtp_key_material[MBEDTLS_DTLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
dtls_srtp_keys dtls_srtp_keying;
#endif /* MBEDTLS_SSL_DTLS_SRTP */