[erlang-questions] use_srtp extension for DTLS

Andreas Schultz andreas.schultz@REDACTED
Mon Oct 8 12:48:03 CEST 2018


Hi Ingela,

Ingela Andin <ingela.andin@REDACTED> schrieb am Mo., 8. Okt. 2018 um
12:27 Uhr:

> Hi!
>
> Sorry for late answer. Yes there are plans to include it. It extension is
> also part of TLS-1.3 that has priority over DTLS at the moment. We have
> already  done
>

Can't speak for others, but I would prefer if DTLS-1.3 where give the same
priority as TLS-1.3.

Regards
Andreas

some internal changes to extension handling to facilitate the
> implementation of TLS-1.3 and its co-existing with previous versions.  This
> is in first hand planned for OTP-22.
>
> Regards Ingela Erlang/OTP Team - Ericsson AB
>
>
> Den mån 8 okt. 2018 kl 06:58 skrev Ben Browitt <ben.browitt@REDACTED>:
>
>> USE_SRTP is defined in dtls_handshake.hrl [1] but it says it's not
>> supported.
>> Are there plans to support it?
>>
>> [1]
>> https://github.com/erlang/otp/blob/master/lib/ssl/src/dtls_handshake.hrl#L64
>>
>> On Mon, Oct 1, 2018 at 11:27 AM Ben Browitt <ben.browitt@REDACTED>
>> wrote:
>>
>>> DTLS is missing the use_srtp extension required for DTLS-SRTP [1].
>>> What's the best way to add it?
>>>
>>> We need to encode the extension in ssl_handshake.erl
>>> encode_hello_extensions([use_srtp | Rest], Acc) ->
>>>     ExtData = <<0,2,0,1,0>>,
>>>     Len = byte_size(ExtData),
>>>     encode_hello_extensions(Rest, <<?UINT16(?USE_SRTP_EXT),
>>> ?UINT16(Len), ExtData/binary, Acc/binary>>).
>>>
>>> https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_handshake.erl#L657
>>>
>>> Define USE_SRTP_EXT in ssl_handshake.hrl
>>> -define(USE_SRTP_EXT, 14).
>>>
>>> Add use_srtp to the hello_extensions record:
>>>
>>> https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_handshake.hrl#L100
>>>
>>> Add use_srtp to hello_extensions_list
>>>
>>> https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_handshake.erl#L1826
>>>
>>> Add use_srtp to client_hello_extensions
>>>
>>> https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_handshake.erl#L968
>>>
>>> Add use_srtp to the #ssl_options record
>>>
>>> https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_internal.hrl#L111
>>>
>>> [1] https://tools.ietf.org/html/rfc5764#section-4.1
>>>
>>> Thanks
>>>
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
>>
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
-- 
-- 
Dipl.-Inform. Andreas Schultz

----------------------- enabling your networks ----------------------
Travelping GmbH                     Phone:  +49-391-81 90 99 0
Roentgenstr. 13                     Fax:    +49-391-81 90 99 299
39108 Magdeburg                     Email:  info@REDACTED
GERMANY                             Web:    http://www.travelping.com

Company Registration: Amtsgericht Stendal        Reg No.:   HRB 10578
Geschaeftsfuehrer: Holger Winkelmann          VAT ID No.: DE236673780
---------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20181008/ade35d93/attachment.htm>


More information about the erlang-questions mailing list