diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 84082f3af..398eb012a 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3257,7 +3257,8 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl, unsigned char *mki_value, uint16_t mki_len ); /** - * \brief Get the negotiated DTLS-SRTP Protection Profile. + * \brief Get the negotiated DTLS-SRTP informations: + * Protection profile and MKI value. * * \warning This function must be called after the handshake is * completed. The value returned by this function must @@ -3265,14 +3266,20 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl, * * \param ssl The SSL context to query. * - * \return The DTLS SRTP protection profile in use. The return type is - * a direct mapping of the iana defined value for protection + * \return The negotiated DTLS-SRTP informations: + * - Protection profile in use. + * A direct mapping of the iana defined value for protection * profile on an uint16_t. * http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml - * \return #MBEDTLS_TLS_SRTP_UNSET if the use of SRTP was not negotiated + * #MBEDTLS_TLS_SRTP_UNSET if the use of SRTP was not negotiated * or peer's Hello packet was not parsed yet. + * - mki size and value (if size is > 0). These informations are valid only + * if the protection profile returned is not MBEDTLS_TLS_SRTP_UNSET. + * Ownership of the returned structure is kept by the ssl context, + * the caller must duplicate any information that must live longer than + * the context (typically MKI size and value if any) */ -mbedtls_ssl_srtp_profile mbedtls_ssl_get_dtls_srtp_protection_profile +const mbedtls_dtls_srtp_info *mbedtls_ssl_get_dtls_srtp_negotiation_result ( const mbedtls_ssl_context *ssl ); #endif /* MBEDTLS_SSL_DTLS_SRTP */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index ddbe5ca67..56a71c696 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1925,6 +1925,14 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } + + /* If server does not use mki in its reply, make sure the client won't keep + * one as negotiated */ + if( len == 5 ) + { + ssl->dtls_srtp_info.mki_len = 0; + } + /* * RFC5764: * If the client detects a nonzero-length MKI in the server's response diff --git a/library/ssl_tls.c b/library/ssl_tls.c index a9e5523f6..cee8ba132 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4751,10 +4751,10 @@ int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf, return( 0 ); } -mbedtls_ssl_srtp_profile - mbedtls_ssl_get_dtls_srtp_protection_profile( const mbedtls_ssl_context *ssl ) +const mbedtls_dtls_srtp_info * + mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl ) { - return( ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); + return( &( ssl->dtls_srtp_info ) ); } #endif /* MBEDTLS_SSL_DTLS_SRTP */ diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index c70346a74..d53a40af8 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2754,8 +2754,10 @@ int main( int argc, char *argv[] ) else if( opt.use_srtp != 0 ) { size_t j = 0; + const mbedtls_dtls_srtp_info *dtls_srtp_negotiation_result = + mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl ); - if( ( mbedtls_ssl_get_dtls_srtp_protection_profile( &ssl ) + if( ( dtls_srtp_negotiation_result->chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) ) { mbedtls_printf( " Unable to negotiate " @@ -2797,6 +2799,20 @@ int main( int argc, char *argv[] ) mbedtls_printf( "%02X", dtls_srtp_key_material[j] ); } mbedtls_printf( "\n" ); + + if ( dtls_srtp_negotiation_result->mki_len > 0 ) + { + mbedtls_printf( " DTLS-SRTP mki value: " ); + for( j = 0; j < dtls_srtp_negotiation_result->mki_len; j++ ) + { + mbedtls_printf( "%02X", dtls_srtp_negotiation_result->mki_value[j] ); + } + } + else + { + mbedtls_printf( " DTLS-SRTP no mki value negociated" ); + } + mbedtls_printf( "\n" ); } } #endif /* MBEDTLS_SSL_DTLS_SRTP */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 97929cd65..126a64c0d 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -3865,8 +3865,10 @@ handshake: else if( opt.use_srtp != 0 ) { size_t j = 0; + const mbedtls_dtls_srtp_info *dtls_srtp_negotiation_result = + mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl ); - if( ( mbedtls_ssl_get_dtls_srtp_protection_profile( &ssl ) + if( ( dtls_srtp_negotiation_result->chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) ) { mbedtls_printf( " Unable to negotiate " @@ -3908,6 +3910,21 @@ handshake: mbedtls_printf( "%02X", dtls_srtp_key_material[j] ); } mbedtls_printf( "\n" ); + + if ( dtls_srtp_negotiation_result->mki_len > 0 ) + { + mbedtls_printf( " DTLS-SRTP mki value: " ); + for( j = 0; j < dtls_srtp_negotiation_result->mki_len; j++ ) + { + mbedtls_printf( "%02X", dtls_srtp_negotiation_result->mki_value[j] ); + } + } + else + { + mbedtls_printf( " DTLS-SRTP no mki value negociated" ); + } + mbedtls_printf( "\n" ); + } } #endif /* MBEDTLS_SSL_DTLS_SRTP */ diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index f84c48540..210108df3 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -8862,6 +8862,7 @@ run_test "DTLS-SRTP all profiles supported. mki used" \ -c "dumping 'received mki' (8 bytes)" \ -c "DTLS-SRTP key material is"\ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ + -g "find_in_both '^ *DTLS-SRTP mki value: [0-9A-F]*$'"\ -C "error" requires_config_enabled MBEDTLS_SSL_DTLS_SRTP @@ -8874,12 +8875,14 @@ run_test "DTLS-SRTP all profiles supported. server doesn't support mki." \ -s "selected srtp profile" \ -s "server hello, adding use_srtp extension" \ -s "DTLS-SRTP key material is"\ + -s "DTLS-SRTP no mki value negociated"\ -S "dumping 'using mki' (8 bytes)" \ -c "client hello, adding use_srtp extension" \ -c "found use_srtp extension" \ -c "found srtp profile" \ -c "selected srtp profile" \ -c "DTLS-SRTP key material is"\ + -c "DTLS-SRTP no mki value negociated"\ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ -c "dumping 'sending mki' (8 bytes)" \ -C "dumping 'received mki' (8 bytes)" \ @@ -9066,6 +9069,7 @@ run_test "DTLS-SRTP all profiles supported. server doesn't support mki. openssl -c "found srtp profile" \ -c "selected srtp profile" \ -c "DTLS-SRTP key material is"\ + -c "DTLS-SRTP no mki value negociated"\ -c "dumping 'sending mki' (8 bytes)" \ -C "dumping 'received mki' (8 bytes)" \ -C "error" @@ -9261,6 +9265,7 @@ run_test "DTLS-SRTP all profiles supported. mki used. gnutls server." \ -c "found srtp profile" \ -c "selected srtp profile" \ -c "DTLS-SRTP key material is"\ + -c "DTLS-SRTP mki value:"\ -c "dumping 'sending mki' (8 bytes)" \ -c "dumping 'received mki' (8 bytes)" \ -C "error"