40 lines
1.7 KiB
Diff
40 lines
1.7 KiB
Diff
From 46fb1a2c2dc91e1410d3e9043fd088158bed4c92 Mon Sep 17 00:00:00 2001
|
|
From: Pascal Buhler <pabuhler@cisco.com>
|
|
Date: Mon, 12 Dec 2022 01:22:47 +0100
|
|
Subject: [PATCH] Include some information about supported ciphers
|
|
|
|
Provide a little info on the consequence of configuring different crypto backends, as request in #620 .
|
|
---
|
|
README.md | 10 ++++++++++
|
|
1 file changed, 10 insertions(+)
|
|
|
|
diff --git a/README.md b/README.md
|
|
index 1e42a0b..22cda48 100644
|
|
--- a/README.md
|
|
+++ b/README.md
|
|
@@ -220,11 +220,21 @@ will want to read the Security Considerations section of [RFC 3711](https://tool
|
|
In addition, it is important that you read and understand the
|
|
terms outlined in the [License and Disclaimer](#license-and-disclaimer) section.
|
|
|
|
+This library also supports the AES-GCM Authenticated Encryption methods
|
|
+described in [RFC 7714](https://tools.ietf.org/html/rfc7714)
|
|
+
|
|
--------------------------------------------------------------------------------
|
|
|
|
<a name="implementation-notes"></a>
|
|
## Implementation Notes
|
|
|
|
+ * It is possible to configure which 3rd party (ie openssl/nss/etc) crypto backend
|
|
+ libSRTP will be built with. If no 3rd party backend is set then libSRTP provides
|
|
+ an internal implementation of AES and Sha1. The internal implementation only
|
|
+ supports AES-128 & AES-256, so to use AES-192 or the AES-GCM group of ciphers a
|
|
+ 3rd party crypto backend must be configured. For this and performance reasons it
|
|
+ is highly recommended to use a 3rd party crypto backend.
|
|
+
|
|
* The `srtp_protect()` function assumes that the buffer holding the
|
|
rtp packet has enough storage allocated that the authentication
|
|
tag can be written to the end of that packet. If this assumption
|
|
--
|
|
2.42.0.windows.2
|
|
|