|
|
98e5b5 |
diff --git a/srtp/srtp.c b/srtp/srtp.c
|
|
|
98e5b5 |
index 3722fc1..a0dd047 100644
|
|
|
98e5b5 |
--- a/srtp/srtp.c
|
|
|
98e5b5 |
+++ b/srtp/srtp.c
|
|
|
98e5b5 |
@@ -2046,24 +2046,19 @@ crypto_policy_set_from_profile_for_rtp(crypto_policy_t *policy,
|
|
|
98e5b5 |
/* set SRTP policy from the SRTP profile in the key set */
|
|
|
98e5b5 |
switch(profile) {
|
|
|
98e5b5 |
case srtp_profile_aes128_cm_sha1_80:
|
|
|
98e5b5 |
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
|
|
|
98e5b5 |
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
|
|
|
98e5b5 |
break;
|
|
|
98e5b5 |
case srtp_profile_aes128_cm_sha1_32:
|
|
|
98e5b5 |
crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
|
|
|
98e5b5 |
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
|
|
|
98e5b5 |
break;
|
|
|
98e5b5 |
case srtp_profile_null_sha1_80:
|
|
|
98e5b5 |
- crypto_policy_set_null_cipher_hmac_sha1_80(policy);
|
|
|
98e5b5 |
crypto_policy_set_null_cipher_hmac_sha1_80(policy);
|
|
|
98e5b5 |
break;
|
|
|
98e5b5 |
case srtp_profile_aes256_cm_sha1_80:
|
|
|
98e5b5 |
- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
|
|
|
98e5b5 |
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
|
|
|
98e5b5 |
break;
|
|
|
98e5b5 |
case srtp_profile_aes256_cm_sha1_32:
|
|
|
98e5b5 |
crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
|
|
|
98e5b5 |
- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
|
|
|
98e5b5 |
break;
|
|
|
98e5b5 |
/* the following profiles are not (yet) supported */
|
|
|
98e5b5 |
case srtp_profile_null_sha1_32:
|
|
|
98e5b5 |
@@ -2084,6 +2079,8 @@ crypto_policy_set_from_profile_for_rtcp(crypto_policy_t *policy,
|
|
|
98e5b5 |
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
|
|
|
98e5b5 |
break;
|
|
|
98e5b5 |
case srtp_profile_aes128_cm_sha1_32:
|
|
|
98e5b5 |
+ /* We do not honor the 32-bit auth tag request since
|
|
|
98e5b5 |
+ * this is not compliant with RFC 3711 */
|
|
|
98e5b5 |
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
|
|
|
98e5b5 |
break;
|
|
|
98e5b5 |
case srtp_profile_null_sha1_80:
|
|
|
98e5b5 |
@@ -2093,6 +2090,8 @@ crypto_policy_set_from_profile_for_rtcp(crypto_policy_t *policy,
|
|
|
98e5b5 |
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
|
|
|
98e5b5 |
break;
|
|
|
98e5b5 |
case srtp_profile_aes256_cm_sha1_32:
|
|
|
98e5b5 |
+ /* We do not honor the 32-bit auth tag request since
|
|
|
98e5b5 |
+ * this is not compliant with RFC 3711 */
|
|
|
98e5b5 |
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
|
|
|
98e5b5 |
break;
|
|
|
98e5b5 |
/* the following profiles are not (yet) supported */
|