public class DtlsControlImpl extends AbstractSrtpControl<DtlsTransformEngine> implements DtlsControl
DtlsControl
i.e. SrtpControl
for DTLS-SRTP.DtlsControl.Setup
SrtpControl.TransformEngine
Modifier and Type | Field and Description |
---|---|
static long |
CERT_CACHE_EXPIRE_TIME
The certificate cache expiration time to use, in milliseconds.
|
static java.lang.String |
CERT_CACHE_EXPIRE_TIME_PNAME
The name of the property to specify DTLS certificate cache expiration.
|
static long |
DEFAULT_CERT_CACHE_EXPIRE_TIME
The default certificate cache expiration time, when config properties
are not found.
|
static int |
DEFAULT_RSA_KEY_SIZE
The default RSA key size when configuration properties are not found.
|
static int |
DEFAULT_RSA_KEY_SIZE_CERTAINTY
The default RSA key size certainty when config properties are not found.
|
static java.lang.String |
PROP_SIGNATURE_ALGORITHM
The name of the property which specifies the signature algorithm used
during certificate creation.
|
static java.math.BigInteger |
RSA_KEY_PUBLIC_EXPONENT
The public exponent to always use for RSA key generation.
|
static int |
RSA_KEY_SIZE
The RSA key size to use.
|
static int |
RSA_KEY_SIZE_CERTAINTY
The RSA key size certainty to use.
|
static java.lang.String |
RSA_KEY_SIZE_CERTAINTY_PNAME
The name of the property to specify RSA key size certainty.
|
static java.lang.String |
RSA_KEY_SIZE_PNAME
The name of the property to specify RSA Key length.
|
(package private) static int[] |
SRTP_PROTECTION_PROFILES
The SRTPProtectionProfiles supported by
DtlsControlImpl.
|
transformEngine
UDP_TLS_RTP_SAVP, UDP_TLS_RTP_SAVPF
RTP_SAVP, RTP_SAVPF
Constructor and Description |
---|
DtlsControlImpl()
Initializes a new DtlsControlImpl instance.
|
DtlsControlImpl(boolean srtpDisabled)
Initializes a new DtlsControlImpl instance.
|
Modifier and Type | Method and Description |
---|---|
(package private) static int |
chooseSRTPProtectionProfile(int... theirs)
Chooses the first from a list of SRTPProtectionProfiles that is
supported by DtlsControlImpl.
|
protected DtlsTransformEngine |
createTransformEngine()
Initializes a new DtlsTransformEngine instance to be associated
with and used by this DtlsControlImpl instance.
|
protected void |
doCleanup()
Prepares this
SrtpControl for garbage collection. |
(package private) CertificateInfo |
getCertificateInfo()
Gets the certificate, hash function, fingerprint, etc.
|
java.lang.String |
getLocalFingerprint()
Gets the fingerprint of the local certificate that this instance uses to
authenticate its ends of DTLS sessions.
|
java.lang.String |
getLocalFingerprintHashFunction()
Gets the hash function with which the fingerprint of the local
certificate is computed i.e.
|
(package private) Properties |
getProperties()
Gets the properties of
DtlsControlImpl and their values which
this instance shares with DtlsTransformEngine and
DtlsPacketTransformer . |
boolean |
getSecureCommunicationStatus()
Gets the default secure/insecure communication status for the supported
call sessions.
|
DtlsControl.Setup |
getSetup()
Gets the value of the
setup SDP attribute defined by RFC 4145
"TCP-Based Media Transport in the Session Description Protocol
(SDP)" which determines whether this instance acts as a DTLS client
or a DTLS server. |
boolean |
requiresSecureSignalingTransport()
Indicates if the key exchange method is dependent on secure transport of
the signaling channel.
|
void |
setConnector(AbstractRTPConnector connector)
Sets the RTPConnector which is to use or uses this SRTP engine.
|
void |
setRemoteFingerprints(java.util.Map<java.lang.String,java.lang.String> remoteFingerprints)
Sets the certificate fingerprints presented by the remote endpoint via
the signaling path.
|
void |
setRtcpmux(boolean rtcpmux)
Enables/disables rtcp-mux.
|
void |
setSetup(DtlsControl.Setup setup)
Sets the value of the setup SDP attribute defined by RFC 4145
"TCP-Based Media Transport in the Session Description Protocol
(SDP)" which determines whether this instance is to act as a DTLS
client or a DTLS server.
|
void |
start(MediaType mediaType)
Starts and enables zrtp in the stream holding this control.
|
(package private) boolean |
verifyAndValidateCertificate(org.bouncycastle.crypto.tls.Certificate certificate)
Verifies and validates a specific certificate against the fingerprints
presented by the remote endpoint via the signaling path.
|
cleanup, getSrtpControlType, getSrtpListener, getTransformEngine, registerUser, setMasterSession, setMultistream, setSrtpListener
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
cleanup, getSrtpControlType, getSrtpListener, getTransformEngine, registerUser, setMasterSession, setMultistream, setSrtpListener
public static final java.lang.String PROP_SIGNATURE_ALGORITHM
public static final java.lang.String RSA_KEY_SIZE_PNAME
public static final int DEFAULT_RSA_KEY_SIZE
public static final int RSA_KEY_SIZE
DEFAULT_RSA_KEY_SIZE
but may be overridden
by the ConfigurationService
and/or System
property
RSA_KEY_SIZE_PNAME
.public static final java.lang.String RSA_KEY_SIZE_CERTAINTY_PNAME
public static final int RSA_KEY_SIZE_CERTAINTY
DEFAULT_RSA_KEY_SIZE_CERTAINTY
but may be
overridden by the ConfigurationService
and/or System
property RSA_KEY_SIZE_CERTAINTY_PNAME
.
For more on certainty, look at the three parameter constructor here:
https://docs.oracle.com/javase/7/docs/api/java/math/BigInteger.htmlpublic static final int DEFAULT_RSA_KEY_SIZE_CERTAINTY
public static final java.lang.String CERT_CACHE_EXPIRE_TIME_PNAME
public static final long CERT_CACHE_EXPIRE_TIME
DEFAULT_CERT_CACHE_EXPIRE_TIME
but may be
overridden by the ConfigurationService
and/or System
property CERT_CACHE_EXPIRE_TIME_PNAME
.public static final long DEFAULT_CERT_CACHE_EXPIRE_TIME
public static final java.math.BigInteger RSA_KEY_PUBLIC_EXPONENT
static final int[] SRTP_PROTECTION_PROFILES
public DtlsControlImpl()
public DtlsControlImpl(boolean srtpDisabled)
srtpDisabled
- true if pure DTLS mode without SRTP
extensions is to be used; otherwise, falsestatic int chooseSRTPProtectionProfile(int... theirs)
theirs
- the list of SRTPProtectionProfiles to choose fromprotected DtlsTransformEngine createTransformEngine()
createTransformEngine
in class AbstractSrtpControl<DtlsTransformEngine>
protected void doCleanup()
SrtpControl
for garbage collection.doCleanup
in class AbstractSrtpControl<DtlsTransformEngine>
CertificateInfo getCertificateInfo()
public java.lang.String getLocalFingerprint()
getLocalFingerprint
in interface DtlsControl
public java.lang.String getLocalFingerprintHashFunction()
getLocalFingerprintHashFunction
in interface DtlsControl
Properties getProperties()
DtlsControlImpl
and their values which
this instance shares with DtlsTransformEngine
and
DtlsPacketTransformer
.DtlsControlImpl
and their values which
this instance shares with DtlsTransformEngine
and
DtlsPacketTransformer
public boolean getSecureCommunicationStatus()
getSecureCommunicationStatus
in interface SrtpControl
public DtlsControl.Setup getSetup()
setup
SDP attribute defined by RFC 4145
"TCP-Based Media Transport in the Session Description Protocol
(SDP)" which determines whether this instance acts as a DTLS client
or a DTLS server.setup
SDP attribute defined by RFC 4145
"TCP-Based Media Transport in the Session Description Protocol
(SDP)" which determines whether this instance acts as a DTLS client
or a DTLS serverpublic boolean requiresSecureSignalingTransport()
requiresSecureSignalingTransport
in interface SrtpControl
public void setConnector(AbstractRTPConnector connector)
setConnector
in interface SrtpControl
connector
- the RTPConnector which is to use or uses this
SRTP enginepublic void setRemoteFingerprints(java.util.Map<java.lang.String,java.lang.String> remoteFingerprints)
setRemoteFingerprints
in interface DtlsControl
remoteFingerprints
- a Map of hash functions to certificate
fingerprints that have been presented by the remote endpoint via the
signaling pathpublic void setRtcpmux(boolean rtcpmux)
setRtcpmux
in interface DtlsControl
rtcpmux
- whether to enable or disable.public void setSetup(DtlsControl.Setup setup)
setSetup
in interface DtlsControl
setup
- the value of the setup SDP attribute to set on this
instance in order to determine whether this instance is to act as a DTLS
client or a DTLS serverpublic void start(MediaType mediaType)
start
in interface SrtpControl
mediaType
- the media type of the stream this control controls.boolean verifyAndValidateCertificate(org.bouncycastle.crypto.tls.Certificate certificate) throws java.lang.Exception
certificate
- the certificate to be verified and validated against
the fingerprints presented by the remote endpoint via the signaling pathjava.lang.Exception
- if the specified certificate failed to verify
and validate against the fingerprints presented by the remote endpoint
over the signaling path
Jitsi, the OpenSource Java VoIP and Instant Messaging client.
Distributable under Apache license.