/** * {@inheritDoc} * * Includes the <tt>use_srtp</tt> extension in the DTLS extended client * hello. */ @Override @SuppressWarnings("rawtypes") public Hashtable getClientExtensions() throws IOException { Hashtable clientExtensions = super.getClientExtensions(); if (!isSrtpDisabled() && TlsSRTPUtils.getUseSRTPExtension(clientExtensions) == null) { if (clientExtensions == null) clientExtensions = new Hashtable(); TlsSRTPUtils.addUseSRTPExtension( clientExtensions, new UseSRTPData( DtlsControlImpl.SRTP_PROTECTION_PROFILES, mki)); } return clientExtensions; }
public static UseSRTPData readUseSRTPExtension(byte[] extensionData) throws IOException { if (extensionData == null) { throw new IllegalArgumentException("'extensionData' cannot be null"); } ByteArrayInputStream buf = new ByteArrayInputStream(extensionData); // SRTPProtectionProfiles int length = TlsUtils.readUint16(buf); if (length < 2 || (length & 1) != 0) { throw new TlsFatalAlert(AlertDescription.decode_error); } int[] protectionProfiles = TlsUtils.readUint16Array(length / 2, buf); // srtp_mki byte[] mki = TlsUtils.readOpaque8(buf); TlsProtocol.assertEmpty(buf); return new UseSRTPData(protectionProfiles, mki); } }
public static UseSRTPData readUseSRTPExtension(byte[] extensionData) throws IOException { if (extensionData == null) { throw new IllegalArgumentException("'extensionData' cannot be null"); } ByteArrayInputStream buf = new ByteArrayInputStream(extensionData); // SRTPProtectionProfiles int length = TlsUtils.readUint16(buf); if (length < 2 || (length & 1) != 0) { throw new TlsFatalAlert(AlertDescription.decode_error); } int[] protectionProfiles = TlsUtils.readUint16Array(length / 2, buf); // srtp_mki byte[] mki = TlsUtils.readOpaque8(buf); TlsProtocol.assertEmpty(buf); return new UseSRTPData(protectionProfiles, mki); } }
@SuppressWarnings("rawtypes") @Override public void processClientExtensions(Hashtable newClientExtensions) throws IOException { super.processClientExtensions(newClientExtensions); // set to some reasonable default value int chosenProfile = SRTPProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_80; UseSRTPData clientSrtpData = TlsSRTPUtils.getUseSRTPExtension(newClientExtensions); for (int profile : clientSrtpData.getProtectionProfiles()) { switch (profile) { case SRTPProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_32: case SRTPProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_80: case SRTPProtectionProfile.SRTP_NULL_HMAC_SHA1_32: case SRTPProtectionProfile.SRTP_NULL_HMAC_SHA1_80: chosenProfile = profile; break; default: } } // server chooses a mutually supported SRTP protection profile // http://tools.ietf.org/html/draft-ietf-avt-dtls-srtp-07#section-4.1.2 int[] protectionProfiles = { chosenProfile }; // server agrees to use the MKI offered by the client serverSrtpData = new UseSRTPData(protectionProfiles, clientSrtpData.getMki()); }
@SuppressWarnings("rawtypes") @Override public void processClientExtensions(Hashtable newClientExtensions) throws IOException { super.processClientExtensions(newClientExtensions); // set to some reasonable default value int chosenProfile = SRTPProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_80; UseSRTPData clientSrtpData = TlsSRTPUtils.getUseSRTPExtension(newClientExtensions); for (int profile : clientSrtpData.getProtectionProfiles()) { switch (profile) { case SRTPProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_32: case SRTPProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_80: case SRTPProtectionProfile.SRTP_NULL_HMAC_SHA1_32: case SRTPProtectionProfile.SRTP_NULL_HMAC_SHA1_80: chosenProfile = profile; break; default: } } // server chooses a mutually supported SRTP protection profile // http://tools.ietf.org/html/draft-ietf-avt-dtls-srtp-07#section-4.1.2 int[] protectionProfiles = { chosenProfile }; // server agrees to use the MKI offered by the client serverSrtpData = new UseSRTPData(protectionProfiles, clientSrtpData.getMki()); }
new UseSRTPData( new int[] { chosenProtectionProfile }, useSRTPData.getMki()));