From 43e5faa2539ae8aae6ef55be2239b9b1a77fea45 Mon Sep 17 00:00:00 2001
From: Dmitry Sobinov <sobinoff@gmail.com>
Date: Sat, 2 Jan 2016 22:32:36 +1100
Subject: Add new DTLS-SRTP protection profiles from RFC 7714

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
---
 include/openssl/srtp.h | 4 ++++
 ssl/d1_srtp.c          | 8 ++++++++
 2 files changed, 12 insertions(+)

diff --git a/include/openssl/srtp.h b/include/openssl/srtp.h
index 1f5aed21ff..da9369ec2e 100644
--- a/include/openssl/srtp.h
+++ b/include/openssl/srtp.h
@@ -129,6 +129,10 @@ extern "C" {
 # define SRTP_NULL_SHA1_80      0x0005
 # define SRTP_NULL_SHA1_32      0x0006
 
+/* AEAD SRTP protection profiles from RFC 7714 */
+# define SRTP_AEAD_AES_128_GCM  0x0007
+# define SRTP_AEAD_AES_256_GCM  0x0008
+
 # ifndef OPENSSL_NO_SRTP
 
 __owur int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c
index 587a592e82..f969fb10b1 100644
--- a/ssl/d1_srtp.c
+++ b/ssl/d1_srtp.c
@@ -128,6 +128,14 @@ static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = {
      "SRTP_AES128_CM_SHA1_32",
      SRTP_AES128_CM_SHA1_32,
      },
+    {
+     "SRTP_AEAD_AES_128_GCM",
+     SRTP_AEAD_AES_128_GCM
+     },
+    {
+     "SRTP_AEAD_AES_256_GCM",
+     SRTP_AEAD_AES_256_GCM
+     },
     {0}
 };
 
-- 
cgit v1.2.3