ddn.net.dtls.srtp

DTLS-SRTP key derivation (RFC 5764).

Implements the use_srtp DTLS extension and SRTP keying material export for WebRTC and VoIP applications. DTLS-SRTP uses the DTLS handshake to establish SRTP keys, allowing a single UDP socket to carry both DTLS and SRTP traffic.

Key derivation follows RFC 5764 §4.2:

key_material = PRF(master_secret, "EXTRACTOR-dtls_srtp",
                  client_random + server_random)
[client_master_key][server_master_key][client_master_salt][server_master_salt]

Demultiplexing (RFC 5764 §5.1.2):

DTLS records: ContentType 20-255 (first byte 20-255)
RTP/RTCP: Version field (first byte 128-191, i.e. 0x80-0xBF)

fn buildUseSrtpExtension deriveSrtpKeyingMaterial isDtlsPacket parseUseSrtpExtension prfSha256 selectSrtpProfile srtpProfileKeyLens

Functions 7

fnauto srtpProfileKeyLens(SrtpProfile profile) @safe pure nothrow @nogcReturns the key and salt lengths for a given SRTP profile.

fnubyte[] buildUseSrtpExtension(const(SrtpProfile[]) profiles, const(ubyte)[] mki = null)Builds the `use_srtp` extension body for ClientHello/ServerHello.

fnSrtpProfile[] parseUseSrtpExtension(const(ubyte)[] data)Parses the `use_srtp` extension body.

SrtpProfile selectSrtpProfile(const(SrtpProfile[])  offered,
       const(SrtpProfile[])  supported)

@safe pure nothrow @nogcSelects the best matching SRTP profile from offered profiles.

SrtpKeyingMaterial deriveSrtpKeyingMaterial(const(ubyte)[]  masterSecret,
       const(ubyte)[]  clientRandom,  const(ubyte)[]  serverRandom,
       SrtpProfile profile)

Derives SRTP keying material from DTLS handshake secrets.

private fnubyte[] prfSha256(const(ubyte)[] secret, const(ubyte)[] seed, size_t length)TLS 1.2 PRF-SHA256 (P_SHA256) implementation for SRTP key derivation.

fnbool isDtlsPacket(ubyte firstByte) @safe pure nothrow @nogcDemultiplexes DTLS and RTP/RTCP packets (RFC 5764 §5.1.2).