/**
* Perform F8 Mode AES encryption / decryption
*
* @param pkt the RTP packet to be encrypted / decrypted
*/
public void ProcessPacketAESF8(RawPacket pkt, int index)
{
// byte[] iv = new byte[16];
// 4 bytes of the iv are zero
// the first byte of the RTP header is not used.
ivStore[0] = 0;
ivStore[1] = 0;
ivStore[2] = 0;
ivStore[3] = 0;
// Need the encryption flag
index = (int)(index | 0x80000000);
// set the index and the encrypt flag in network order into IV
ivStore[4] = (byte)(index >> 24);
ivStore[5] = (byte)(index >> 16);
ivStore[6] = (byte)(index >> 8);
ivStore[7] = (byte)index;
// The fixed header follows and fills the rest of the IV
MemoryStream buf = pkt.GetBuffer();
buf.Position = 0;
buf.Read(ivStore, 8, 8);
// Encrypted part excludes fixed header (8 bytes), index (4 bytes), and
// authentication tag (variable according to policy)
int payloadOffset = 8;
int payloadLength = pkt.GetLength() - (4 + policy.AuthTagLength);
SrtpCipherF8.Process(cipher, pkt.GetBuffer(), payloadOffset, payloadLength, ivStore, cipherF8);
}
/**
* Derives the srtp session keys from the master key
*
* @param index
* the 48 bit SRTP packet index
*/
public void DeriveSrtpKeys(long index)
{
// compute the session encryption key
long label = 0;
ComputeIv(label, index);
KeyParameter encryptionKey = new KeyParameter(masterKey);
cipher.Init(true, encryptionKey);
Arrays.Fill(masterKey, (byte)0);
cipherCtr.GetCipherStream(cipher, encKey, policy.EncKeyLength, ivStore);
// compute the session authentication key
if (authKey != null)
{
label = 0x01;
ComputeIv(label, index);
cipherCtr.GetCipherStream(cipher, authKey, policy.AuthKeyLength, ivStore);
switch ((policy.AuthType))
{
case SrtpPolicy.HMACSHA1_AUTHENTICATION:
KeyParameter key = new KeyParameter(authKey);
mac.Init(key);
break;
default:
break;
}
}
Arrays.Fill(authKey, (byte)0);
// compute the session salt
label = 0x02;
ComputeIv(label, index);
cipherCtr.GetCipherStream(cipher, saltKey, policy.SaltKeyLength, ivStore);
Arrays.Fill(masterSalt, (byte)0);
// As last step: initialize cipher with derived encryption key.
if (cipherF8 != null)
{
SrtpCipherF8.DeriveForIV(cipherF8, encKey, saltKey);
}
encryptionKey = new KeyParameter(encKey);
cipher.Init(true, encryptionKey);
Arrays.Fill(encKey, (byte)0);
}
/**
* Perform F8 Mode AES encryption / decryption
*
* @param pkt
* the RTP packet to be encrypted / decrypted
*/
public void ProcessPacketAESF8(RawPacket pkt)
{
// 11 bytes of the RTP header are the 11 bytes of the iv
// the first byte of the RTP header is not used.
MemoryStream buf = pkt.GetBuffer();
buf.Read(ivStore, (int)buf.Position, 12);
ivStore[0] = 0;
// set the ROC in network order into IV
ivStore[12] = (byte)(this.roc >> 24);
ivStore[13] = (byte)(this.roc >> 16);
ivStore[14] = (byte)(this.roc >> 8);
ivStore[15] = (byte)this.roc;
int payloadOffset = pkt.GetHeaderLength();
int payloadLength = pkt.GetPayloadLength();
SrtpCipherF8.Process(cipher, pkt.GetBuffer(), payloadOffset, payloadLength, ivStore, cipherF8);
}
