From bb5ceb93a5ec91b4bde5fd2340b4e74691720354 Mon Sep 17 00:00:00 2001 From: "wtc@chromium.org" Date: Tue, 5 Jun 2012 16:39:00 +0000 Subject: Implement RFC 5764 (DTLS-SRTP). The patch is contributed by Eric Rescorla. R=rsleevi@chromium.org,ekr@rtfm.com BUG=120938 TEST=none (eventually covered by libjingle tests) Review URL: https://chromiumcodereview.appspot.com/9982019 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@140535 0039d316-1c4b-4281-b951-d872f2087c98 --- net/third_party/nss/ssl/ssl.h | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'net/third_party/nss/ssl/ssl.h') diff --git a/net/third_party/nss/ssl/ssl.h b/net/third_party/nss/ssl/ssl.h index 3d8fdcb..4cfede3 100644 --- a/net/third_party/nss/ssl/ssl.h +++ b/net/third_party/nss/ssl/ssl.h @@ -834,6 +834,28 @@ NSS_GetClientAuthData(void * arg, struct SECKEYPrivateKeyStr **pRetKey); /* +** Configure DTLS-SRTP (RFC 5764) cipher suite preferences. +** Input is a list of ciphers in descending preference order and a length +** of the list. As a side effect, this causes the use_srtp extension to be +** negotiated. +** +** Invalid or unimplemented cipher suites in |ciphers| are ignored. If at +** least one cipher suite in |ciphers| is implemented, returns SECSuccess. +** Otherwise returns SECFailure. +*/ +SSL_IMPORT SECStatus SSL_SetSRTPCiphers(PRFileDesc *fd, + const PRUint16 *ciphers, + unsigned int numCiphers); + +/* +** Get the selected DTLS-SRTP cipher suite (if any). +** To be called after the handshake completes. +** Returns SECFailure if not negotiated. +*/ +SSL_IMPORT SECStatus SSL_GetSRTPCipher(PRFileDesc *fd, + PRUint16 *cipher); + +/* * Look to see if any of the signers in the cert chain for "cert" are found * in the list of caNames. * Returns SECSuccess if so, SECFailure if not. -- cgit v1.1