Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- SinglePacketTransformer initializeSRTPTransformer(int srtpProtectionProfile, TlsContext tlsContext) {
- logger.debug("initializeSRTPTransformer");
- int cipher, cipher_key_length, cipher_salt_length;
- int auth_function, auth_key_length;
- int RTCP_auth_tag_length, RTP_auth_tag_length;
- // https://groups.google.com/forum/#!searchin/discuss-webrtc/dtls|sort:date/discuss-webrtc/DQnIWm5x5e0/CcRUadIyCAAJ
- switch (srtpProtectionProfile) {
- case SRTPProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_32:
- cipher_key_length = 128 / 8;
- cipher_salt_length = 112 / 8;
- cipher = SRTPPolicy.AESCM_ENCRYPTION;
- auth_function = SRTPPolicy.HMACSHA1_AUTHENTICATION;
- auth_key_length = 160 / 8;
- RTCP_auth_tag_length = 80 / 8;
- RTP_auth_tag_length = 32 / 8;
- break;
- case SRTPProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_80:
- cipher_key_length = 128 / 8;
- cipher_salt_length = 112 / 8;
- cipher = SRTPPolicy.AESCM_ENCRYPTION;
- auth_function = SRTPPolicy.HMACSHA1_AUTHENTICATION;
- auth_key_length = 160 / 8;
- RTCP_auth_tag_length = RTP_auth_tag_length = 80 / 8;
- break;
- case SRTPProtectionProfile.SRTP_NULL_HMAC_SHA1_32:
- cipher_key_length = 0;
- cipher_salt_length = 0;
- cipher = SRTPPolicy.NULL_ENCRYPTION;
- auth_function = SRTPPolicy.HMACSHA1_AUTHENTICATION;
- auth_key_length = 160 / 8;
- RTCP_auth_tag_length = 80 / 8;
- RTP_auth_tag_length = 32 / 8;
- break;
- case SRTPProtectionProfile.SRTP_NULL_HMAC_SHA1_80:
- cipher_key_length = 0;
- cipher_salt_length = 0;
- cipher = SRTPPolicy.NULL_ENCRYPTION;
- auth_function = SRTPPolicy.HMACSHA1_AUTHENTICATION;
- auth_key_length = 160 / 8;
- RTCP_auth_tag_length = RTP_auth_tag_length = 80 / 8;
- break;
- default:
- throw new IllegalArgumentException("srtpProtectionProfile");
- }
- // https://www.bouncycastle.org/docs/tlsdocs1.5on/org/bouncycastle/tls/package-summary.html
- // this may only be called inside notifyHandshakeComplete with BC > 1.55
- byte[] keyingMaterial = tlsContext.exportKeyingMaterial(ExporterLabel.dtls_srtp, null, 2 * (cipher_key_length + cipher_salt_length));
- byte[] client_write_SRTP_master_key = new byte[cipher_key_length];
- byte[] server_write_SRTP_master_key = new byte[cipher_key_length];
- byte[] client_write_SRTP_master_salt = new byte[cipher_salt_length];
- byte[] server_write_SRTP_master_salt = new byte[cipher_salt_length];
- byte[][] keyingMaterialValues = { client_write_SRTP_master_key, server_write_SRTP_master_key, client_write_SRTP_master_salt, server_write_SRTP_master_salt };
- for (int i = 0, keyingMaterialOffset = 0; i < keyingMaterialValues.length; i++) {
- byte[] keyingMaterialValue = keyingMaterialValues[i];
- System.arraycopy(keyingMaterial, keyingMaterialOffset, keyingMaterialValue, 0, keyingMaterialValue.length);
- keyingMaterialOffset += keyingMaterialValue.length;
- }
- SRTPPolicy srtpPolicy = new SRTPPolicy(cipher, cipher_key_length, auth_function, auth_key_length, RTP_auth_tag_length, cipher_salt_length);
- SRTPPolicy srtcpPolicy = new SRTPPolicy(cipher, cipher_key_length, auth_function, auth_key_length, RTCP_auth_tag_length, cipher_salt_length);
- SRTPContextFactory clientSRTPContextFactory = new SRTPContextFactory(tlsContext instanceof TlsClientContext, client_write_SRTP_master_key, client_write_SRTP_master_salt, srtpPolicy, srtcpPolicy);
- SRTPContextFactory serverSRTPContextFactory = new SRTPContextFactory(tlsContext instanceof TlsServerContext, server_write_SRTP_master_key, server_write_SRTP_master_salt, srtpPolicy, srtcpPolicy);
- SRTPContextFactory forwardSRTPContextFactory;
- SRTPContextFactory reverseSRTPContextFactory;
- if (tlsContext instanceof TlsClientContext) {
- forwardSRTPContextFactory = clientSRTPContextFactory;
- reverseSRTPContextFactory = serverSRTPContextFactory;
- } else if (tlsContext instanceof TlsServerContext) {
- forwardSRTPContextFactory = serverSRTPContextFactory;
- reverseSRTPContextFactory = clientSRTPContextFactory;
- } else {
- throw new IllegalArgumentException("tlsContext");
- }
- // handles rtp and rtcp
- return new SRTPTransformer(forwardSRTPContextFactory, reverseSRTPContextFactory);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement