openssl/ssl/d1_srtp.c

*1f13597dSJung-uk Kim/* ssl/t1_lib.c */
*1f13597dSJung-uk Kim/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
*1f13597dSJung-uk Kim * All rights reserved.
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * This package is an SSL implementation written
*1f13597dSJung-uk Kim * by Eric Young (eay@cryptsoft.com).
*1f13597dSJung-uk Kim * The implementation was written so as to conform with Netscapes SSL.
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * This library is free for commercial and non-commercial use as long as
*1f13597dSJung-uk Kim * the following conditions are aheared to.  The following conditions
*1f13597dSJung-uk Kim * apply to all code found in this distribution, be it the RC4, RSA,
*1f13597dSJung-uk Kim * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
*1f13597dSJung-uk Kim * included with this distribution is covered by the same copyright terms
*1f13597dSJung-uk Kim * except that the holder is Tim Hudson (tjh@cryptsoft.com).
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * Copyright remains Eric Young's, and as such any Copyright notices in
*1f13597dSJung-uk Kim * the code are not to be removed.
*1f13597dSJung-uk Kim * If this package is used in a product, Eric Young should be given attribution
*1f13597dSJung-uk Kim * as the author of the parts of the library used.
*1f13597dSJung-uk Kim * This can be in the form of a textual message at program startup or
*1f13597dSJung-uk Kim * in documentation (online or textual) provided with the package.
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * Redistribution and use in source and binary forms, with or without
*1f13597dSJung-uk Kim * modification, are permitted provided that the following conditions
*1f13597dSJung-uk Kim * are met:
*1f13597dSJung-uk Kim * 1. Redistributions of source code must retain the copyright
*1f13597dSJung-uk Kim *    notice, this list of conditions and the following disclaimer.
*1f13597dSJung-uk Kim * 2. Redistributions in binary form must reproduce the above copyright
*1f13597dSJung-uk Kim *    notice, this list of conditions and the following disclaimer in the
*1f13597dSJung-uk Kim *    documentation and/or other materials provided with the distribution.
*1f13597dSJung-uk Kim * 3. All advertising materials mentioning features or use of this software
*1f13597dSJung-uk Kim *    must display the following acknowledgement:
*1f13597dSJung-uk Kim *    "This product includes cryptographic software written by
*1f13597dSJung-uk Kim *     Eric Young (eay@cryptsoft.com)"
*1f13597dSJung-uk Kim *    The word 'cryptographic' can be left out if the rouines from the library
*1f13597dSJung-uk Kim *    being used are not cryptographic related :-).
*1f13597dSJung-uk Kim * 4. If you include any Windows specific code (or a derivative thereof) from
*1f13597dSJung-uk Kim *    the apps directory (application code) you must include an acknowledgement:
*1f13597dSJung-uk Kim *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
*1f13597dSJung-uk Kim * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
*1f13597dSJung-uk Kim * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
*1f13597dSJung-uk Kim * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
*1f13597dSJung-uk Kim * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
*1f13597dSJung-uk Kim * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
*1f13597dSJung-uk Kim * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
*1f13597dSJung-uk Kim * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
*1f13597dSJung-uk Kim * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
*1f13597dSJung-uk Kim * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
*1f13597dSJung-uk Kim * SUCH DAMAGE.
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * The licence and distribution terms for any publically available version or
*1f13597dSJung-uk Kim * derivative of this code cannot be changed.  i.e. this code cannot simply be
*1f13597dSJung-uk Kim * copied and put under another distribution licence
*1f13597dSJung-uk Kim * [including the GNU Public Licence.]
*1f13597dSJung-uk Kim */
*1f13597dSJung-uk Kim/* ====================================================================
*1f13597dSJung-uk Kim * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * Redistribution and use in source and binary forms, with or without
*1f13597dSJung-uk Kim * modification, are permitted provided that the following conditions
*1f13597dSJung-uk Kim * are met:
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * 1. Redistributions of source code must retain the above copyright
*1f13597dSJung-uk Kim *    notice, this list of conditions and the following disclaimer.
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * 2. Redistributions in binary form must reproduce the above copyright
*1f13597dSJung-uk Kim *    notice, this list of conditions and the following disclaimer in
*1f13597dSJung-uk Kim *    the documentation and/or other materials provided with the
*1f13597dSJung-uk Kim *    distribution.
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * 3. All advertising materials mentioning features or use of this
*1f13597dSJung-uk Kim *    software must display the following acknowledgment:
*1f13597dSJung-uk Kim *    "This product includes software developed by the OpenSSL Project
*1f13597dSJung-uk Kim *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
*1f13597dSJung-uk Kim *    endorse or promote products derived from this software without
*1f13597dSJung-uk Kim *    prior written permission. For written permission, please contact
*1f13597dSJung-uk Kim *    openssl-core@openssl.org.
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * 5. Products derived from this software may not be called "OpenSSL"
*1f13597dSJung-uk Kim *    nor may "OpenSSL" appear in their names without prior written
*1f13597dSJung-uk Kim *    permission of the OpenSSL Project.
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * 6. Redistributions of any form whatsoever must retain the following
*1f13597dSJung-uk Kim *    acknowledgment:
*1f13597dSJung-uk Kim *    "This product includes software developed by the OpenSSL Project
*1f13597dSJung-uk Kim *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
*1f13597dSJung-uk Kim * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
*1f13597dSJung-uk Kim * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
*1f13597dSJung-uk Kim * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
*1f13597dSJung-uk Kim * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
*1f13597dSJung-uk Kim * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
*1f13597dSJung-uk Kim * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
*1f13597dSJung-uk Kim * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
*1f13597dSJung-uk Kim * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
*1f13597dSJung-uk Kim * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
*1f13597dSJung-uk Kim * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
*1f13597dSJung-uk Kim * OF THE POSSIBILITY OF SUCH DAMAGE.
*1f13597dSJung-uk Kim * ====================================================================
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim * This product includes cryptographic software written by Eric Young
*1f13597dSJung-uk Kim * (eay@cryptsoft.com).  This product includes software written by Tim
*1f13597dSJung-uk Kim * Hudson (tjh@cryptsoft.com).
*1f13597dSJung-uk Kim *
*1f13597dSJung-uk Kim */
*1f13597dSJung-uk Kim/*
*1f13597dSJung-uk Kim  DTLS code by Eric Rescorla <ekr@rtfm.com>
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim  Copyright (C) 2006, Network Resonance, Inc.
*1f13597dSJung-uk Kim  Copyright (C) 2011, RTFM, Inc.
*1f13597dSJung-uk Kim*/
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim#ifndef OPENSSL_NO_SRTP
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim#include <stdio.h>
*1f13597dSJung-uk Kim#include <openssl/objects.h>
*1f13597dSJung-uk Kim#include "ssl_locl.h"
*1f13597dSJung-uk Kim#include "srtp.h"
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kimstatic SRTP_PROTECTION_PROFILE srtp_known_profiles[]=
*1f13597dSJung-uk Kim    {
*1f13597dSJung-uk Kim    {
*1f13597dSJung-uk Kim    "SRTP_AES128_CM_SHA1_80",
*1f13597dSJung-uk Kim    SRTP_AES128_CM_SHA1_80,
*1f13597dSJung-uk Kim    },
*1f13597dSJung-uk Kim    {
*1f13597dSJung-uk Kim    "SRTP_AES128_CM_SHA1_32",
*1f13597dSJung-uk Kim    SRTP_AES128_CM_SHA1_32,
*1f13597dSJung-uk Kim    },
*1f13597dSJung-uk Kim#if 0
*1f13597dSJung-uk Kim    {
*1f13597dSJung-uk Kim    "SRTP_NULL_SHA1_80",
*1f13597dSJung-uk Kim    SRTP_NULL_SHA1_80,
*1f13597dSJung-uk Kim    },
*1f13597dSJung-uk Kim    {
*1f13597dSJung-uk Kim    "SRTP_NULL_SHA1_32",
*1f13597dSJung-uk Kim    SRTP_NULL_SHA1_32,
*1f13597dSJung-uk Kim    },
*1f13597dSJung-uk Kim#endif
*1f13597dSJung-uk Kim    {0}
*1f13597dSJung-uk Kim    };
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kimstatic int find_profile_by_name(char *profile_name,
*1f13597dSJung-uk Kim				SRTP_PROTECTION_PROFILE **pptr,unsigned len)
*1f13597dSJung-uk Kim	{
*1f13597dSJung-uk Kim	SRTP_PROTECTION_PROFILE *p;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	p=srtp_known_profiles;
*1f13597dSJung-uk Kim	while(p->name)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		if((len == strlen(p->name)) && !strncmp(p->name,profile_name,
*1f13597dSJung-uk Kim							len))
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			*pptr=p;
*1f13597dSJung-uk Kim			return 0;
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim		p++;
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	return 1;
*1f13597dSJung-uk Kim	}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kimstatic int find_profile_by_num(unsigned profile_num,
*1f13597dSJung-uk Kim			       SRTP_PROTECTION_PROFILE **pptr)
*1f13597dSJung-uk Kim	{
*1f13597dSJung-uk Kim	SRTP_PROTECTION_PROFILE *p;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	p=srtp_known_profiles;
*1f13597dSJung-uk Kim	while(p->name)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		if(p->id == profile_num)
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			*pptr=p;
*1f13597dSJung-uk Kim			return 0;
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim		p++;
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	return 1;
*1f13597dSJung-uk Kim	}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kimstatic int ssl_ctx_make_profiles(const char *profiles_string,STACK_OF(SRTP_PROTECTION_PROFILE) **out)
*1f13597dSJung-uk Kim	{
*1f13597dSJung-uk Kim	STACK_OF(SRTP_PROTECTION_PROFILE) *profiles;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	char *col;
*1f13597dSJung-uk Kim	char *ptr=(char *)profiles_string;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	SRTP_PROTECTION_PROFILE *p;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	if(!(profiles=sk_SRTP_PROTECTION_PROFILE_new_null()))
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);
*1f13597dSJung-uk Kim		return 1;
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	do
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		col=strchr(ptr,':');
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim		if(!find_profile_by_name(ptr,&p,
*1f13597dSJung-uk Kim					 col ? col-ptr : (int)strlen(ptr)))
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			sk_SRTP_PROTECTION_PROFILE_push(profiles,p);
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim		else
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE);
*1f13597dSJung-uk Kim			return 1;
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim		if(col) ptr=col+1;
*1f13597dSJung-uk Kim		} while (col);
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	*out=profiles;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	return 0;
*1f13597dSJung-uk Kim	}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kimint SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx,const char *profiles)
*1f13597dSJung-uk Kim	{
*1f13597dSJung-uk Kim	return ssl_ctx_make_profiles(profiles,&ctx->srtp_profiles);
*1f13597dSJung-uk Kim	}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kimint SSL_set_tlsext_use_srtp(SSL *s,const char *profiles)
*1f13597dSJung-uk Kim	{
*1f13597dSJung-uk Kim	return ssl_ctx_make_profiles(profiles,&s->srtp_profiles);
*1f13597dSJung-uk Kim	}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim
*1f13597dSJung-uk KimSTACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *s)
*1f13597dSJung-uk Kim	{
*1f13597dSJung-uk Kim	if(s != NULL)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		if(s->srtp_profiles != NULL)
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			return s->srtp_profiles;
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim		else if((s->ctx != NULL) &&
*1f13597dSJung-uk Kim			(s->ctx->srtp_profiles != NULL))
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			return s->ctx->srtp_profiles;
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	return NULL;
*1f13597dSJung-uk Kim	}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk KimSRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s)
*1f13597dSJung-uk Kim	{
*1f13597dSJung-uk Kim	return s->srtp_profile;
*1f13597dSJung-uk Kim	}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim/* Note: this function returns 0 length if there are no
*1f13597dSJung-uk Kim   profiles specified */
*1f13597dSJung-uk Kimint ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen)
*1f13597dSJung-uk Kim	{
*1f13597dSJung-uk Kim	int ct=0;
*1f13597dSJung-uk Kim	int i;
*1f13597dSJung-uk Kim	STACK_OF(SRTP_PROTECTION_PROFILE) *clnt=0;
*1f13597dSJung-uk Kim	SRTP_PROTECTION_PROFILE *prof;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	clnt=SSL_get_srtp_profiles(s);
*1f13597dSJung-uk Kim	ct=sk_SRTP_PROTECTION_PROFILE_num(clnt); /* -1 if clnt == 0 */
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	if(p)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		if(ct==0)
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT,SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST);
*1f13597dSJung-uk Kim			return 1;
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim		if((2 + ct*2 + 1) > maxlen)
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT,SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
*1f13597dSJung-uk Kim			return 1;
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim                /* Add the length */
*1f13597dSJung-uk Kim                s2n(ct * 2, p);
*1f13597dSJung-uk Kim		for(i=0;i<ct;i++)
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			prof=sk_SRTP_PROTECTION_PROFILE_value(clnt,i);
*1f13597dSJung-uk Kim			s2n(prof->id,p);
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim                /* Add an empty use_mki value */
*1f13597dSJung-uk Kim                *p++ = 0;
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	*len=2 + ct*2 + 1;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	return 0;
*1f13597dSJung-uk Kim	}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kimint ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al)
*1f13597dSJung-uk Kim	{
*1f13597dSJung-uk Kim	SRTP_PROTECTION_PROFILE *cprof,*sprof;
*1f13597dSJung-uk Kim	STACK_OF(SRTP_PROTECTION_PROFILE) *clnt=0,*srvr;
*1f13597dSJung-uk Kim        int ct;
*1f13597dSJung-uk Kim        int mki_len;
*1f13597dSJung-uk Kim	int i,j;
*1f13597dSJung-uk Kim	int id;
*1f13597dSJung-uk Kim	int ret;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim         /* Length value + the MKI length */
*1f13597dSJung-uk Kim        if(len < 3)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
*1f13597dSJung-uk Kim		*al=SSL_AD_DECODE_ERROR;
*1f13597dSJung-uk Kim		return 1;
*1f13597dSJung-uk Kim                }
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim        /* Pull off the length of the cipher suite list */
*1f13597dSJung-uk Kim        n2s(d, ct);
*1f13597dSJung-uk Kim        len -= 2;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim        /* Check that it is even */
*1f13597dSJung-uk Kim	if(ct%2)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
*1f13597dSJung-uk Kim		*al=SSL_AD_DECODE_ERROR;
*1f13597dSJung-uk Kim		return 1;
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim        /* Check that lengths are consistent */
*1f13597dSJung-uk Kim	if(len < (ct + 1))
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
*1f13597dSJung-uk Kim		*al=SSL_AD_DECODE_ERROR;
*1f13597dSJung-uk Kim		return 1;
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	clnt=sk_SRTP_PROTECTION_PROFILE_new_null();
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	while(ct)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		n2s(d,id);
*1f13597dSJung-uk Kim		ct-=2;
*1f13597dSJung-uk Kim                len-=2;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim		if(!find_profile_by_num(id,&cprof))
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			sk_SRTP_PROTECTION_PROFILE_push(clnt,cprof);
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim		else
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			; /* Ignore */
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim        /* Now extract the MKI value as a sanity check, but discard it for now */
*1f13597dSJung-uk Kim        mki_len = *d;
*1f13597dSJung-uk Kim        d++; len--;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim        if (mki_len != len)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_MKI_VALUE);
*1f13597dSJung-uk Kim		*al=SSL_AD_DECODE_ERROR;
*1f13597dSJung-uk Kim		return 1;
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	srvr=SSL_get_srtp_profiles(s);
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	/* Pick our most preferred profile. If no profiles have been
*1f13597dSJung-uk Kim	 configured then the outer loop doesn't run
*1f13597dSJung-uk Kim	 (sk_SRTP_PROTECTION_PROFILE_num() = -1)
*1f13597dSJung-uk Kim	 and so we just return without doing anything */
*1f13597dSJung-uk Kim	for(i=0;i<sk_SRTP_PROTECTION_PROFILE_num(srvr);i++)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		sprof=sk_SRTP_PROTECTION_PROFILE_value(srvr,i);
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim		for(j=0;j<sk_SRTP_PROTECTION_PROFILE_num(clnt);j++)
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			cprof=sk_SRTP_PROTECTION_PROFILE_value(clnt,j);
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim			if(cprof->id==sprof->id)
*1f13597dSJung-uk Kim				{
*1f13597dSJung-uk Kim				s->srtp_profile=sprof;
*1f13597dSJung-uk Kim				*al=0;
*1f13597dSJung-uk Kim				ret=0;
*1f13597dSJung-uk Kim				goto done;
*1f13597dSJung-uk Kim				}
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	ret=0;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kimdone:
*1f13597dSJung-uk Kim	if(clnt) sk_SRTP_PROTECTION_PROFILE_free(clnt);
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	return ret;
*1f13597dSJung-uk Kim	}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kimint ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen)
*1f13597dSJung-uk Kim	{
*1f13597dSJung-uk Kim	if(p)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		if(maxlen < 5)
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
*1f13597dSJung-uk Kim			return 1;
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim		if(s->srtp_profile==0)
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,SSL_R_USE_SRTP_NOT_NEGOTIATED);
*1f13597dSJung-uk Kim			return 1;
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim                s2n(2, p);
*1f13597dSJung-uk Kim		s2n(s->srtp_profile->id,p);
*1f13597dSJung-uk Kim                *p++ = 0;
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim	*len=5;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	return 0;
*1f13597dSJung-uk Kim	}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kimint ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al)
*1f13597dSJung-uk Kim	{
*1f13597dSJung-uk Kim	unsigned id;
*1f13597dSJung-uk Kim	int i;
*1f13597dSJung-uk Kim        int ct;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	STACK_OF(SRTP_PROTECTION_PROFILE) *clnt;
*1f13597dSJung-uk Kim	SRTP_PROTECTION_PROFILE *prof;
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	if(len!=5)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
*1f13597dSJung-uk Kim		*al=SSL_AD_DECODE_ERROR;
*1f13597dSJung-uk Kim		return 1;
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim        n2s(d, ct);
*1f13597dSJung-uk Kim	if(ct!=2)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
*1f13597dSJung-uk Kim		*al=SSL_AD_DECODE_ERROR;
*1f13597dSJung-uk Kim		return 1;
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	n2s(d,id);
*1f13597dSJung-uk Kim        if (*d)  /* Must be no MKI, since we never offer one */
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_MKI_VALUE);
*1f13597dSJung-uk Kim		*al=SSL_AD_ILLEGAL_PARAMETER;
*1f13597dSJung-uk Kim		return 1;
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	clnt=SSL_get_srtp_profiles(s);
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	/* Throw an error if the server gave us an unsolicited extension */
*1f13597dSJung-uk Kim	if (clnt == NULL)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_NO_SRTP_PROFILES);
*1f13597dSJung-uk Kim		*al=SSL_AD_DECODE_ERROR;
*1f13597dSJung-uk Kim		return 1;
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	/* Check to see if the server gave us something we support
*1f13597dSJung-uk Kim	   (and presumably offered)
*1f13597dSJung-uk Kim	*/
*1f13597dSJung-uk Kim	for(i=0;i<sk_SRTP_PROTECTION_PROFILE_num(clnt);i++)
*1f13597dSJung-uk Kim		{
*1f13597dSJung-uk Kim		prof=sk_SRTP_PROTECTION_PROFILE_value(clnt,i);
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim		if(prof->id == id)
*1f13597dSJung-uk Kim			{
*1f13597dSJung-uk Kim			s->srtp_profile=prof;
*1f13597dSJung-uk Kim			*al=0;
*1f13597dSJung-uk Kim			return 0;
*1f13597dSJung-uk Kim			}
*1f13597dSJung-uk Kim		}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim	SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
*1f13597dSJung-uk Kim	*al=SSL_AD_DECODE_ERROR;
*1f13597dSJung-uk Kim	return 1;
*1f13597dSJung-uk Kim	}
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim
*1f13597dSJung-uk Kim#endif