public override void ProcessServerExtensions(IDictionary clientExtensions) { base.ProcessServerExtensions(clientExtensions); // set to some reasonable default value int chosenProfile = SrtpProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_80; UseSrtpData clientSrtpData = TlsSRTPUtils.GetUseSrtpExtension(clientExtensions); foreach (int profile in clientSrtpData.ProtectionProfiles) { switch (profile) { case SrtpProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_32: case SrtpProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_80: case SrtpProtectionProfile.SRTP_NULL_HMAC_SHA1_32: case SrtpProtectionProfile.SRTP_NULL_HMAC_SHA1_80: chosenProfile = profile; break; } } // server chooses a mutually supported SRTP protection profile // http://tools.ietf.org/html/draft-ietf-avt-dtls-srtp-07#section-4.1.2 int[] protectionProfiles = { chosenProfile }; // server agrees to use the MKI offered by the client clientSrtpData = new UseSrtpData(protectionProfiles, clientSrtpData.Mki); }
public DtlsSrtpClient(Certificate certificateChain, AsymmetricKeyParameter privateKey, UseSrtpData clientSrtpData) { if (certificateChain == null && privateKey == null) { (certificateChain, privateKey) = DtlsUtils.CreateSelfSignedTlsCert(); } if (clientSrtpData == null) { SecureRandom random = new SecureRandom(); int[] protectionProfiles = { SrtpProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_80 }; byte[] mki = new byte[(SrtpParameters.SRTP_AES128_CM_HMAC_SHA1_80.GetCipherKeyLength() + SrtpParameters.SRTP_AES128_CM_HMAC_SHA1_80.GetCipherSaltLength()) / 8]; random.NextBytes(mki); // Reusing our secure random for generating the key. this.clientSrtpData = new UseSrtpData(protectionProfiles, mki); } else { this.clientSrtpData = clientSrtpData; } this.mPrivateKey = privateKey; mCertificateChain = certificateChain; //Generate FingerPrint var certificate = mCertificateChain.GetCertificateAt(0); Fingerprint = certificate != null?DtlsUtils.Fingerprint(certificate) : null; }
public DtlsSrtpClient(UseSrtpData clientSrtpData) : this(null, null, clientSrtpData) { }
public DtlsSrtpClient(UseSrtpData clientSrtpData) : this(DtlsUtils.CreateSelfSignedCert()) { this.clientSrtpData = clientSrtpData; }