Allow to set a crypto policy

[vopatek]

Following policies are defined:
AES_CM_128_HMAC_SHA1_80
AES_CM_128_HMAC_SHA1_32
AES_CM_192_HMAC_SHA1_80
AES_CM_192_HMAC_SHA1_32
AES_CM_256_HMAC_SHA1_80
AES_CM_256_HMAC_SHA1_32
AES_GCM_128_16
AES_GCM_256_16

[codecov]

Codecov Report

Attention: Patch coverage is 91.83673% with 4 lines in your changes missing coverage. Please review.

Project coverage is 97.40%. Comparing base (c52c261) to head (4fb542a).
Report is 12 commits behind head on main.

Files with missing lines	Patch %	Lines
src/pylibsrtp/__init__.py	91.83%	4 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##              main      #46      +/-   ##
===========================================
- Coverage   100.00%   97.40%   -2.60%     
===========================================
  Files            1        1              
  Lines          108      154      +46     
===========================================
+ Hits           108      150      +42     
- Misses           0        4       +4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[jlaine]

Hi! First of all thank you :)

I'm not sure I understand how the srtp_profile and crypto_policy interact. Could we have some more context in the form both of docstrings and the commit message please?

Regarding the new constants you introduced, what are their exact names in libsrtp? Is it possible to extract them from the library as we do for SRTP_PROFILE_AES128_CM_SHA1_80 and friends?

[vopatek]

Hi,

Agreed, it's not obvious how they interact.

As I see it srtp_profile relates to DTLS-SRTP profiles. The srtp_profile_t enum values correspond to the ones listed here:
https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml

There used to be a note about it in srtp.h but it was removed by this commit:
cisco/libsrtp@82c8997

In libsrtp, these profiles will, in the end, make use of the underlying srtp_crypto_policy functions.

As I see it, you use one or the other depending on your use case.
That is, there should probably be an error check if you try to use both at the same time.

It doesn't look like crypto policies have a corresponding enumeration like profiles in libsrtp.
I think I just capitalized the policy part from the libsrtp function names.
Another option could be to use the SDP crypto suite names:
https://www.iana.org/assignments/sdp-security-descriptions/sdp-security-descriptions.xhtml

Hope this sheds some light on the difference.
I can try to explain it in both docstrings and the commit message and fix the ruff and coverage problems.