/** * Perform F8 Mode AES encryption / decryption * * @param pkt the RTP packet to be encrypted / decrypted */ public void ProcessPacketAESF8(RawPacket pkt, int index) { // byte[] iv = new byte[16]; // 4 bytes of the iv are zero // the first byte of the RTP header is not used. ivStore[0] = 0; ivStore[1] = 0; ivStore[2] = 0; ivStore[3] = 0; // Need the encryption flag index = (int)(index | 0x80000000); // set the index and the encrypt flag in network order into IV ivStore[4] = (byte)(index >> 24); ivStore[5] = (byte)(index >> 16); ivStore[6] = (byte)(index >> 8); ivStore[7] = (byte)index; // The fixed header follows and fills the rest of the IV MemoryStream buf = pkt.GetBuffer(); buf.Position = 0; buf.Read(ivStore, 8, 8); // Encrypted part excludes fixed header (8 bytes), index (4 bytes), and // authentication tag (variable according to policy) int payloadOffset = 8; int payloadLength = pkt.GetLength() - (4 + policy.AuthTagLength); SrtpCipherF8.Process(cipher, pkt.GetBuffer(), payloadOffset, payloadLength, ivStore, cipherF8); }
/** * Derives the srtp session keys from the master key * * @param index * the 48 bit SRTP packet index */ public void DeriveSrtpKeys(long index) { // compute the session encryption key long label = 0; ComputeIv(label, index); KeyParameter encryptionKey = new KeyParameter(masterKey); cipher.Init(true, encryptionKey); Arrays.Fill(masterKey, (byte)0); cipherCtr.GetCipherStream(cipher, encKey, policy.EncKeyLength, ivStore); // compute the session authentication key if (authKey != null) { label = 0x01; ComputeIv(label, index); cipherCtr.GetCipherStream(cipher, authKey, policy.AuthKeyLength, ivStore); switch ((policy.AuthType)) { case SrtpPolicy.HMACSHA1_AUTHENTICATION: KeyParameter key = new KeyParameter(authKey); mac.Init(key); break; default: break; } } Arrays.Fill(authKey, (byte)0); // compute the session salt label = 0x02; ComputeIv(label, index); cipherCtr.GetCipherStream(cipher, saltKey, policy.SaltKeyLength, ivStore); Arrays.Fill(masterSalt, (byte)0); // As last step: initialize cipher with derived encryption key. if (cipherF8 != null) { SrtpCipherF8.DeriveForIV(cipherF8, encKey, saltKey); } encryptionKey = new KeyParameter(encKey); cipher.Init(true, encryptionKey); Arrays.Fill(encKey, (byte)0); }
/** * Perform F8 Mode AES encryption / decryption * * @param pkt * the RTP packet to be encrypted / decrypted */ public void ProcessPacketAESF8(RawPacket pkt) { // 11 bytes of the RTP header are the 11 bytes of the iv // the first byte of the RTP header is not used. MemoryStream buf = pkt.GetBuffer(); buf.Read(ivStore, (int)buf.Position, 12); ivStore[0] = 0; // set the ROC in network order into IV ivStore[12] = (byte)(this.roc >> 24); ivStore[13] = (byte)(this.roc >> 16); ivStore[14] = (byte)(this.roc >> 8); ivStore[15] = (byte)this.roc; int payloadOffset = pkt.GetHeaderLength(); int payloadLength = pkt.GetPayloadLength(); SrtpCipherF8.Process(cipher, pkt.GetBuffer(), payloadOffset, payloadLength, ivStore, cipherF8); }