Add DTLS-SRTP key establishment from RFC 5764 (required for WebRTC).

Github issue 27.

Refactor server hello handling to make it easier to handle other extensions.

The manual specified that 224 bit NIST primes were disabled by default
for TLS but they were not. Additionaly disable the 256k1 curve and
reorder the remaining curves by size.

Rewrite the max fragment length extension code to roughly what an
ideal compiler would have turned the original code into, using a
switch instead of a lookup into a small constant std::map.

1 files changed, 9 insertions, 1 deletions

diff --git a/src/lib/tls/tls_client.cpp b/src/lib/tls/tls_client.cpp
index 7c3e48ca6..1e858a0b0 100644
--- a/src/lib/tls/tls_client.cpp
+++ b/src/lib/tls/tls_client.cpp
@@ -233,6 +233,13 @@ void Client::process_handshake_msg(const Handshake_State* active_state,
                              " but we did not request it");
          }
 
+      if(u16bit srtp = state.server_hello()->srtp_profile())
+         {
+         if(!value_exists(state.client_hello()->srtp_profiles(), srtp))
+            throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
+                                "Server replied with DTLS-SRTP alg we did not send");
+         }
+
       state.set_version(state.server_hello()->version());
 
       secure_renegotiation_check(state.server_hello());
@@ -516,7 +523,8 @@ void Client::process_handshake_msg(const Handshake_State* active_state,
          get_peer_cert_chain(state),
          session_ticket,
          m_info,
-         ""
+         "",
+         state.server_hello()->srtp_profile()
          );
 
       const bool should_save = save_session(session_info);