static {
ConfigurationService cfg = LibJitsi.getConfigurationService();
boolean dropUnencryptedPkts = false;
if (cfg == null) {
String s = System.getProperty(DROP_UNENCRYPTED_PKTS_PNAME);
if (s != null) dropUnencryptedPkts = Boolean.parseBoolean(s);
} else {
dropUnencryptedPkts = cfg.getBoolean(DROP_UNENCRYPTED_PKTS_PNAME, dropUnencryptedPkts);
}
DROP_UNENCRYPTED_PKTS = dropUnencryptedPkts;
}
/**
* Initializes a new <tt>SRTPTransformer</tt> instance with a specific (negotiated)
* <tt>SRTPProtectionProfile</tt> and the keying material specified by a specific
* <tt>TlsContext</tt>.
*
* @param srtpProtectionProfile the (negotiated) <tt>SRTPProtectionProfile</tt> to initialize the
* new instance with
* @param tlsContext the <tt>TlsContext</tt> which represents the keying material
* @return a new <tt>SRTPTransformer</tt> instance initialized with <tt>srtpProtectionProfile</tt>
* and <tt>tlsContext</tt>
*/
private SinglePacketTransformer initializeSRTPTransformer(
int srtpProtectionProfile, TlsContext tlsContext) {
boolean rtcp;
switch (componentID) {
case Component.RTCP:
rtcp = true;
break;
case Component.RTP:
rtcp = false;
break;
default:
throw new IllegalStateException("componentID");
}
int cipher_key_length;
int cipher_salt_length;
int cipher;
int auth_function;
int auth_key_length;
int RTCP_auth_tag_length, RTP_auth_tag_length;
switch (srtpProtectionProfile) {
case SRTPProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_32:
cipher_key_length = 128 / 8;
cipher_salt_length = 112 / 8;
cipher = SRTPPolicy.AESCM_ENCRYPTION;
auth_function = SRTPPolicy.HMACSHA1_AUTHENTICATION;
auth_key_length = 160 / 8;
RTCP_auth_tag_length = 80 / 8;
RTP_auth_tag_length = 32 / 8;
break;
case SRTPProtectionProfile.SRTP_AES128_CM_HMAC_SHA1_80:
cipher_key_length = 128 / 8;
cipher_salt_length = 112 / 8;
cipher = SRTPPolicy.AESCM_ENCRYPTION;
auth_function = SRTPPolicy.HMACSHA1_AUTHENTICATION;
auth_key_length = 160 / 8;
RTCP_auth_tag_length = RTP_auth_tag_length = 80 / 8;
break;
case SRTPProtectionProfile.SRTP_NULL_HMAC_SHA1_32:
cipher_key_length = 0;
cipher_salt_length = 0;
cipher = SRTPPolicy.NULL_ENCRYPTION;
auth_function = SRTPPolicy.HMACSHA1_AUTHENTICATION;
auth_key_length = 160 / 8;
RTCP_auth_tag_length = 80 / 8;
RTP_auth_tag_length = 32 / 8;
break;
case SRTPProtectionProfile.SRTP_NULL_HMAC_SHA1_80:
cipher_key_length = 0;
cipher_salt_length = 0;
cipher = SRTPPolicy.NULL_ENCRYPTION;
auth_function = SRTPPolicy.HMACSHA1_AUTHENTICATION;
auth_key_length = 160 / 8;
RTCP_auth_tag_length = RTP_auth_tag_length = 80 / 8;
break;
default:
throw new IllegalArgumentException("srtpProtectionProfile");
}
byte[] keyingMaterial =
tlsContext.exportKeyingMaterial(
ExporterLabel.dtls_srtp, null, 2 * (cipher_key_length + cipher_salt_length));
byte[] client_write_SRTP_master_key = new byte[cipher_key_length];
byte[] server_write_SRTP_master_key = new byte[cipher_key_length];
byte[] client_write_SRTP_master_salt = new byte[cipher_salt_length];
byte[] server_write_SRTP_master_salt = new byte[cipher_salt_length];
byte[][] keyingMaterialValues = {
client_write_SRTP_master_key,
server_write_SRTP_master_key,
client_write_SRTP_master_salt,
server_write_SRTP_master_salt
};
for (int i = 0, keyingMaterialOffset = 0; i < keyingMaterialValues.length; i++) {
byte[] keyingMaterialValue = keyingMaterialValues[i];
System.arraycopy(
keyingMaterial, keyingMaterialOffset, keyingMaterialValue, 0, keyingMaterialValue.length);
keyingMaterialOffset += keyingMaterialValue.length;
}
SRTPPolicy srtcpPolicy =
new SRTPPolicy(
cipher,
cipher_key_length,
auth_function,
auth_key_length,
RTCP_auth_tag_length,
cipher_salt_length);
SRTPPolicy srtpPolicy =
new SRTPPolicy(
cipher,
cipher_key_length,
auth_function,
auth_key_length,
RTP_auth_tag_length,
cipher_salt_length);
SRTPContextFactory clientSRTPContextFactory =
new SRTPContextFactory(
/* sender */ tlsContext instanceof TlsClientContext,
client_write_SRTP_master_key,
client_write_SRTP_master_salt,
srtpPolicy,
srtcpPolicy);
SRTPContextFactory serverSRTPContextFactory =
new SRTPContextFactory(
/* sender */ tlsContext instanceof TlsServerContext,
server_write_SRTP_master_key,
server_write_SRTP_master_salt,
srtpPolicy,
srtcpPolicy);
SRTPContextFactory forwardSRTPContextFactory;
SRTPContextFactory reverseSRTPContextFactory;
if (tlsContext instanceof TlsClientContext) {
forwardSRTPContextFactory = clientSRTPContextFactory;
reverseSRTPContextFactory = serverSRTPContextFactory;
} else if (tlsContext instanceof TlsServerContext) {
forwardSRTPContextFactory = serverSRTPContextFactory;
reverseSRTPContextFactory = clientSRTPContextFactory;
} else {
throw new IllegalArgumentException("tlsContext");
}
SinglePacketTransformer srtpTransformer;
if (rtcp) {
srtpTransformer = new SRTCPTransformer(forwardSRTPContextFactory, reverseSRTPContextFactory);
} else {
srtpTransformer = new SRTPTransformer(forwardSRTPContextFactory, reverseSRTPContextFactory);
}
return srtpTransformer;
}
