diff --git a/src/include/switch_types.h b/src/include/switch_types.h index 24f278f041..133422764b 100644 --- a/src/include/switch_types.h +++ b/src/include/switch_types.h @@ -2642,7 +2642,9 @@ typedef enum { typedef enum { AEAD_AES_256_GCM_8, + AEAD_AES_256_GCM, AEAD_AES_128_GCM_8, + AEAD_AES_128_GCM, AES_CM_256_HMAC_SHA1_80, AES_CM_192_HMAC_SHA1_80, AES_CM_128_HMAC_SHA1_80, diff --git a/src/switch_core_media.c b/src/switch_core_media.c index 65ea2f3a6b..ca6be2c16d 100644 --- a/src/switch_core_media.c +++ b/src/switch_core_media.c @@ -279,7 +279,9 @@ struct switch_media_handle_s { switch_srtp_crypto_suite_t SUITES[CRYPTO_INVALID] = { { "AEAD_AES_256_GCM_8", "", AEAD_AES_256_GCM_8, 44, 12}, + { "AEAD_AES_256_GCM", "", AEAD_AES_256_GCM, 44, 12}, { "AEAD_AES_128_GCM_8", "", AEAD_AES_128_GCM_8, 28, 12}, + { "AEAD_AES_128_GCM", "", AEAD_AES_128_GCM, 28, 12}, { "AES_256_CM_HMAC_SHA1_80", "AES_CM_256_HMAC_SHA1_80", AES_CM_256_HMAC_SHA1_80, 46, 14}, { "AES_192_CM_HMAC_SHA1_80", "AES_CM_192_HMAC_SHA1_80", AES_CM_192_HMAC_SHA1_80, 38, 14}, { "AES_CM_128_HMAC_SHA1_80", "", AES_CM_128_HMAC_SHA1_80, 30, 14}, diff --git a/src/switch_rtp.c b/src/switch_rtp.c index 28a91ee328..080aee637a 100644 --- a/src/switch_rtp.c +++ b/src/switch_rtp.c @@ -4075,6 +4075,15 @@ SWITCH_DECLARE(switch_status_t) switch_rtp_add_crypto_key(switch_rtp_t *rtp_sess } break; + case AEAD_AES_256_GCM: + srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy->rtp); + srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy->rtcp); + + if (switch_channel_direction(channel) == SWITCH_CALL_DIRECTION_OUTBOUND) { + switch_channel_set_variable(channel, "rtp_has_crypto", "AEAD_AES_256_GCM"); + } + break; + case AEAD_AES_128_GCM_8: srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy->rtp); srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy->rtcp); @@ -4084,6 +4093,15 @@ SWITCH_DECLARE(switch_status_t) switch_rtp_add_crypto_key(switch_rtp_t *rtp_sess } break; + case AEAD_AES_128_GCM: + srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy->rtp); + srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy->rtcp); + + if (switch_channel_direction(channel) == SWITCH_CALL_DIRECTION_OUTBOUND) { + switch_channel_set_variable(channel, "rtp_has_crypto", "AEAD_AES_128_GCM"); + } + break; + case AES_CM_256_HMAC_SHA1_80: srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy->rtp); srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy->rtcp);