-
Notifications
You must be signed in to change notification settings - Fork 418
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for retrieving negotiated SRTP profile #1278
Comments
If an SRTP profile was negotiated as part of the handshake, make it possible to retrieve the name of the profile. This is needed to determine which profiles were offered using `Context.set_tlsext_use_srtp` was actually selected.
If an SRTP profile was negotiated as part of the handshake, make it possible to retrieve the name of the profile. This is needed to determine which profiles were offered using `Context.set_tlsext_use_srtp` was actually selected.
If an SRTP profile was negotiated as part of the handshake, make it possible to retrieve the name of the profile. This is needed to determine which profiles were offered using `Context.set_tlsext_use_srtp` was actually selected.
I think I borked the change log, I added my change at the bottom of what I assumed was the "latest" code but it looks as though I added it to an existing release!! |
Ooops, if you can send a cleanup PR moving it ot the right place, that'd be great. |
Sure, what's the usual phrasing for the "next release" section? |
It'll be |
The
aiortc
project usespyOpenSSL
to perform a DTLS handshake and export SRTP keying material. Currently, the only enable a single SRTP profile usingctx.set_tlsext_use_srtp(b"SRTP_AES128_CM_SHA1_80")
but we would like to start enabling GCM profiles (aiortc/aiortc#1012).Enabling multiple SRTP profiles means that when the handshake completes, we need to know which SRTP profile was selected, for which OpenSSL provides
SSL_get_selected_srtp_profile
:https://www.openssl.org/docs/man3.0/man3/SSL_get_selected_srtp_profile.html
This function is present in
cryptography
's bindings, so I would like to add aConnection.get_selected_srtp_profile
method to wrap it, and returnbytes
:None
?Using
bytes
as the return value makes the API consistent withContext.set_tlsext_use_srtp
.I'm happy to submit a PR if this sounds acceptable.
The text was updated successfully, but these errors were encountered: