MBEDTLS_SSL_DTLS_SRTP macro

\def MBEDTLS_SSL_DTLS_SRTP Enable support for negotiation of DTLS-SRTP (RFC 5764) through the use_srtp extension. Setting this option enables the runtime API mbedtls_ssl_conf_dtls_srtp_protection_profiles() through which the supported DTLS-SRTP protection profiles can be configured. You must call this API at runtime if you wish to negotiate the use of DTLS-SRTP. Requires: MBEDTLS_SSL_PROTO_DTLS Uncomment this to enable support for use_srtp extension.

Syntax

Show:

Summary

Declaration

from esp_config.h:1503

#define MBEDTLS_SSL_DTLS_SRTP

Notes

This feature provides the minimum functionality required to negotiate the use of DTLS-SRTP and to allow the derivation of the associated SRTP packet protection key material. In particular, the SRTP packet protection itself, as well as the demultiplexing of RTP and DTLS packets at the datagram layer (see Section 5 of RFC 5764), are not handled by this feature. Instead, after successful completion of a handshake negotiating the use of DTLS-SRTP, the extended key exporter API mbedtls_ssl_conf_export_keys_ext_cb() should be used to implement the key exporter described in Section 4.2 of RFC 5764 and RFC 5705 (this is implemented in the SSL example programs). The resulting key should then be passed to an SRTP stack.