Beispiel #1
0
        public SrtpPolicy GetSrtcpPolicy()
        {
            SrtpPolicy sp = new SrtpPolicy(encType, encKeyLength, authType, authKeyLength, rtcpAuthTagLength,
                                           saltLength);

            return(sp);
        }
Beispiel #2
0
        protected virtual void PrepareSrtpSharedSecret()
        {
            //Set master secret back to security parameters (only works in old bouncy castle versions)
            //mContext.SecurityParameters.MasterSecret = masterSecret;

            SrtpParameters srtpParams =
                SrtpParameters.GetSrtpParametersForProfile(clientSrtpData.ProtectionProfiles[0]);
            int keyLen  = srtpParams.GetCipherKeyLength();
            int saltLen = srtpParams.GetCipherSaltLength();

            srtpPolicy  = srtpParams.GetSrtpPolicy();
            srtcpPolicy = srtpParams.GetSrtcpPolicy();

            srtpMasterClientKey  = new byte[keyLen];
            srtpMasterServerKey  = new byte[keyLen];
            srtpMasterClientSalt = new byte[saltLen];
            srtpMasterServerSalt = new byte[saltLen];

            // 2* (key + salt length) / 8. From http://tools.ietf.org/html/rfc5764#section-4-2
            // No need to divide by 8 here since lengths are already in bits
            byte[] sharedSecret = GetKeyingMaterial(2 * (keyLen + saltLen));

            /*
             *
             * See: http://tools.ietf.org/html/rfc5764#section-4.2
             *
             * sharedSecret is an equivalent of :
             *
             * struct {
             *     client_write_SRTP_master_key[SRTPSecurityParams.master_key_len];
             *     server_write_SRTP_master_key[SRTPSecurityParams.master_key_len];
             *     client_write_SRTP_master_salt[SRTPSecurityParams.master_salt_len];
             *     server_write_SRTP_master_salt[SRTPSecurityParams.master_salt_len];
             *  } ;
             *
             * Here, client = local configuration, server = remote.
             * NOTE [ivelin]: 'local' makes sense if this code is used from a DTLS SRTP client.
             *                Here we run as a server, so 'local' referring to the client is actually confusing.
             *
             * l(k) = KEY length
             * s(k) = salt lenght
             *
             * So we have the following repartition :
             *                           l(k)                                 2*l(k)+s(k)
             *                                                   2*l(k)                       2*(l(k)+s(k))
             * +------------------------+------------------------+---------------+-------------------+
             * + local key           |    remote key    | local salt   | remote salt   |
             * +------------------------+------------------------+---------------+-------------------+
             */
            Buffer.BlockCopy(sharedSecret, 0, srtpMasterClientKey, 0, keyLen);
            Buffer.BlockCopy(sharedSecret, keyLen, srtpMasterServerKey, 0, keyLen);
            Buffer.BlockCopy(sharedSecret, 2 * keyLen, srtpMasterClientSalt, 0, saltLen);
            Buffer.BlockCopy(sharedSecret, (2 * keyLen + saltLen), srtpMasterServerSalt, 0, saltLen);
        }
Beispiel #3
0
 /**
  * Construct an empty SRTPCryptoContext using ssrc.
  * The other parameters are set to default null value.
  *
  * @param ssrc SSRC of this SRTPCryptoContext
  */
 public SrtcpCryptoContext(long ssrcIn)
 {
     ssrcCtx    = ssrcIn;
     mki        = null;
     masterKey  = null;
     masterSalt = null;
     encKey     = null;
     authKey    = null;
     saltKey    = null;
     policy     = null;
     tagStore   = null;
 }
Beispiel #4
0
 /**
  * Construct an empty SRTPCryptoContext using ssrc. The other parameters are
  * set to default null value.
  *
  * @param ssrcIn
  *            SSRC of this SRTPCryptoContext
  */
 public SrtpCryptoContext(long ssrcIn)
 {
     ssrcCtx           = ssrcIn;
     mki               = null;
     roc               = 0;
     guessedROC        = 0;
     seqNum            = 0;
     keyDerivationRate = 0;
     masterKey         = null;
     masterSalt        = null;
     encKey            = null;
     authKey           = null;
     saltKey           = null;
     seqNumSet         = false;
     policy            = null;
     tagStore          = null;
 }
Beispiel #5
0
        /**
         * Construct a normal SRTPCryptoContext based on the given parameters.
         *
         * @param ssrcIn
         *            the RTP SSRC that this SRTP cryptographic context protects.
         * @param rocIn
         *            the initial Roll-Over-Counter according to RFC 3711. These are
         *            the upper 32 bit of the overall 48 bit SRTP packet index.
         *            Refer to chapter 3.2.1 of the RFC.
         * @param kdr
         *            the key derivation rate defines when to recompute the SRTP
         *            session keys. Refer to chapter 4.3.1 in the RFC.
         * @param masterK
         *            byte array holding the master key for this SRTP cryptographic
         *            context. Refer to chapter 3.2.1 of the RFC about the role of
         *            the master key.
         * @param masterS
         *            byte array holding the master salt for this SRTP cryptographic
         *            context. It is used to computer the initialization vector that
         *            in turn is input to compute the session key, session
         *            authentication key and the session salt.
         * @param policyIn
         *            SRTP policy for this SRTP cryptographic context, defined the
         *            encryption algorithm, the authentication algorithm, etc
         */
        public SrtpCryptoContext(long ssrcIn, int rocIn, long kdr, byte[] masterK,
                                 byte[] masterS, SrtpPolicy policyIn)
        {
            ssrcCtx           = ssrcIn;
            mki               = null;
            roc               = rocIn;
            guessedROC        = 0;
            seqNum            = 0;
            keyDerivationRate = kdr;
            seqNumSet         = false;

            policy = policyIn;

            masterKey = new byte[policy.EncKeyLength];
            Array.Copy(masterK, 0, masterKey, 0, masterK.Length);

            masterSalt = new byte[policy.SaltKeyLength];
            Array.Copy(masterS, 0, masterSalt, 0, masterS.Length);

            mac = new HMac(new Sha1Digest());

            switch (policy.EncType)
            {
            case SrtpPolicy.NULL_ENCRYPTION:
                encKey  = null;
                saltKey = null;
                break;

            case SrtpPolicy.AESF8_ENCRYPTION:
                cipherF8 = new AesEngine();
                cipher   = new AesEngine();
                encKey   = new byte[policy.EncKeyLength];
                saltKey  = new byte[policy.SaltKeyLength];
                break;
            //$FALL-THROUGH$

            case SrtpPolicy.AESCM_ENCRYPTION:
                cipher  = new AesEngine();
                encKey  = new byte[policy.EncKeyLength];
                saltKey = new byte[policy.SaltKeyLength];
                break;

            case SrtpPolicy.TWOFISHF8_ENCRYPTION:
                cipherF8 = new TwofishEngine();
                cipher   = new TwofishEngine();
                encKey   = new byte[this.policy.EncKeyLength];
                saltKey  = new byte[this.policy.SaltKeyLength];
                break;

            case SrtpPolicy.TWOFISH_ENCRYPTION:
                cipher  = new TwofishEngine();
                encKey  = new byte[this.policy.EncKeyLength];
                saltKey = new byte[this.policy.SaltKeyLength];
                break;
            }

            switch (policy.AuthType)
            {
            case SrtpPolicy.NULL_AUTHENTICATION:
                authKey  = null;
                tagStore = null;
                break;

            case SrtpPolicy.HMACSHA1_AUTHENTICATION:
                mac      = new HMac(new Sha1Digest());
                authKey  = new byte[policy.AuthKeyLength];
                tagStore = new byte[mac.GetMacSize()];
                break;

            default:
                tagStore = null;
                break;
            }
        }
Beispiel #6
0
        /**
         * Construct a normal SRTPCryptoContext based on the given parameters.
         *
         * @param ssrc
         *            the RTP SSRC that this SRTP cryptographic context protects.
         * @param masterKey
         *            byte array holding the master key for this SRTP cryptographic
         *            context. Refer to chapter 3.2.1 of the RFC about the role of
         *            the master key.
         * @param masterSalt
         *            byte array holding the master salt for this SRTP cryptographic
         *            context. It is used to computer the initialization vector that
         *            in turn is input to compute the session key, session
         *            authentication key and the session salt.
         * @param policy
         *            SRTP policy for this SRTP cryptographic context, defined the
         *            encryption algorithm, the authentication algorithm, etc
         */
        public SrtcpCryptoContext(long ssrcIn, byte[] masterK, byte[] masterS, SrtpPolicy policyIn)
        {
            ssrcCtx   = ssrcIn;
            mki       = null;
            policy    = policyIn;
            masterKey = new byte[policy.EncKeyLength];
            System.Array.Copy(masterK, 0, masterKey, 0, masterK.Length);
            masterSalt = new byte[policy.SaltKeyLength];
            System.Array.Copy(masterS, 0, masterSalt, 0, masterS.Length);

            switch (policy.EncType)
            {
            case SrtpPolicy.NULL_ENCRYPTION:
                encKey  = null;
                saltKey = null;
                break;

            case SrtpPolicy.AESF8_ENCRYPTION:
                cipherF8 = new AesEngine();
                cipher   = new AesEngine();
                encKey   = new byte[this.policy.EncKeyLength];
                saltKey  = new byte[this.policy.SaltKeyLength];
                break;

            case SrtpPolicy.AESCM_ENCRYPTION:
                cipher  = new AesEngine();
                encKey  = new byte[this.policy.EncKeyLength];
                saltKey = new byte[this.policy.SaltKeyLength];
                break;

            case SrtpPolicy.TWOFISHF8_ENCRYPTION:
                cipherF8 = new TwofishEngine();
                cipher   = new TwofishEngine();
                encKey   = new byte[this.policy.EncKeyLength];
                saltKey  = new byte[this.policy.SaltKeyLength];
                break;

            case SrtpPolicy.TWOFISH_ENCRYPTION:
                cipher  = new TwofishEngine();
                encKey  = new byte[this.policy.EncKeyLength];
                saltKey = new byte[this.policy.SaltKeyLength];
                break;
            }

            switch (policy.AuthType)
            {
            case SrtpPolicy.NULL_AUTHENTICATION:
                authKey  = null;
                tagStore = null;
                break;

            case SrtpPolicy.HMACSHA1_AUTHENTICATION:
                mac      = new HMac(new Sha1Digest());
                authKey  = new byte[policy.AuthKeyLength];
                tagStore = new byte[mac.GetMacSize()];
                break;

            case SrtpPolicy.SKEIN_AUTHENTICATION:
                authKey  = new byte[policy.AuthKeyLength];
                tagStore = new byte[policy.AuthTagLength];
                break;

            default:
                tagStore = null;
                break;
            }
        }