SRTP Performance improvements and bugfixes #1555

SRTP Performance improvements and bugfixes

Author: jimm98y

src/SIPSorcery/net/DtlsSrtp/DtlsSrtpTransport.cs

@@ -71,7 +71,7 @@ private void DtlsSrtpTransport_OnAlert(object sender, DtlsAlertEventArgs args)
 
         public bool DoHandshake(out string handshakeError)
         {
-            DtlsTransport transport = _connection.DoHandshake(out handshakeError, this, null, (remoteEndpoint) => this);
+            DtlsTransport transport = _connection.DoHandshake(out handshakeError, this, null);
             Transport = transport;
             return string.IsNullOrEmpty(handshakeError);
         }

src/SIPSorcery/net/DtlsSrtp/Lib/BouncyCastleExtensions.cs

@@ -0,0 +1,85 @@
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using System;
+using System.Runtime.CompilerServices;
+
+public static class BouncyCastleExtensions
+{
+    extension(KeyParameter)
+    {
+#if NET8_0_OR_GREATER
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        public static KeyParameter Create(ReadOnlyMemory<byte> key)
+        {
+            return new KeyParameter(key.Span);
+        }
+
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        public static KeyParameter Create(ReadOnlySpan<byte> key)
+        {
+            return new KeyParameter(key);
+        }
+#else
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        public static KeyParameter Create(ReadOnlyMemory<byte> memory)
+        {
+            if (System.Runtime.InteropServices.MemoryMarshal.TryGetArray(memory, out ArraySegment<byte> segment))
+            {
+                return KeyParameter.Create(segment);
+            }
+            // Fallback for non-array-backed memory
+            return new KeyParameter(memory.ToArray());
+        }
+#endif
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        public static KeyParameter Create(ArraySegment<byte> key)
+        {
+            return new KeyParameter(key.Array, key.Offset, key.Count);
+        }
+    }
+
+#if !NET8_0_OR_GREATER
+    extension(IBlockCipher engine)
+    {
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        public int ProcessBlock(ArraySegment<byte> input, ArraySegment<byte> output)
+        {
+            return engine.ProcessBlock(input.Array, input.Offset, output.Array, output.Offset);
+        }
+
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        public int ProcessBlock(byte[] input, byte[] output)
+        {
+            return engine.ProcessBlock(input, 0, output, 0);
+        }
+
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        public int ProcessBlock(byte[] input, ArraySegment<byte> output)
+        {
+            return engine.ProcessBlock(input, 0, output.Array, output.Offset);
+        }
+    }
+
+    extension(IAeadBlockCipher engine)
+    {
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        public int ProcessBytes(ArraySegment<byte> input, ArraySegment<byte> output)
+        {
+            return engine.ProcessBytes(input.Array, input.Offset, input.Count, output.Array, output.Offset);
+        }
+
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        public void ProcessAadBytes(ArraySegment<byte> input)
+        {
+            engine.ProcessAadBytes(input.Array, input.Offset, input.Count);
+        }
+
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        public int DoFinal(ArraySegment<byte> output)
+        {
+            return engine.DoFinal(output.Array, output.Offset);
+        }
+    }
+#endif
+}

src/SIPSorcery/net/DtlsSrtp/Lib/DTLS/DtlsCertificateUtils.cs

@@ -107,7 +107,9 @@ public static (Certificate Certificate, AsymmetricKeyParameter PrivateKey) Gener
 
             var crypto = new BcTlsCrypto();
             var tlsCertificate = crypto.CreateCertificate(x509Certificate.GetEncoded());
-            var certificate = new Certificate(new TlsCertificate[] { tlsCertificate });
+
+            // certificateRequestContext = TlsUtilities.EmptyBytes for TLS/DTLS 1.3, null for TLS/DTLS 1.2
+            var certificate = new Certificate(null, new[] { new CertificateEntry(tlsCertificate, null) });
 
             return (certificate, privateKey);
         }
@@ -166,7 +168,9 @@ public static (Certificate certificate, AsymmetricKeyParameter key) GenerateECDS
 
             var crypto = new BcTlsCrypto();
             var tlsCertificate = crypto.CreateCertificate(x509Certificate.GetEncoded());
-            var certificate = new Certificate(new[] { tlsCertificate });
+
+            // certificateRequestContext = TlsUtilities.EmptyBytes for TLS/DTLS 1.3, null for TLS/DTLS 1.2
+            var certificate = new Certificate(null, new[] { new CertificateEntry(tlsCertificate, null) });
 
             return (certificate, privateKey);
         }
@@ -204,7 +208,7 @@ public static bool IsHashSupported(string algStr)
                 // This method has an unfortunate consequence of actually creating the digest, so the call is expensive.
                 digest = DigestUtilities.GetDigest(algStr.ToUpperInvariant());
             }
-            catch(Exception)
+            catch (Exception)
             {
                 return false;
             }

src/SIPSorcery/net/DtlsSrtp/Lib/DTLS/DtlsClient.cs

@@ -33,8 +33,8 @@ namespace SIPSorcery.Net.SharpSRTP.DTLS
 {
     public class DtlsClient : DefaultTlsClient, IDtlsPeer
     {
-        protected DatagramTransport _clientDatagramTransport; // valid only for the current session
-
+        private readonly object _syncRoot = new object();
+        protected DatagramTransport _clientDatagramTransport = null;
         private TlsSession _session;
 
         public bool AutogenerateCertificate { get; set; } = true;
@@ -136,26 +136,28 @@ protected override int[] GetSupportedCipherSuites()
             }
         }
 
-        public virtual DtlsTransport DoHandshake(out string handshakeError, DatagramTransport datagramTransport, Func<string> getRemoteEndpoint = null, Func<string, DatagramTransport> createClientDatagramTransport = null)
+        public virtual DtlsTransport DoHandshake(out string handshakeError, DatagramTransport datagramTransport, DtlsRequest request = null)
         {
-            DtlsTransport transport = null;
-                        
-            try
+            lock (_syncRoot)
             {
-                DtlsClientProtocol clientProtocol = new DtlsClientProtocol();
+                DtlsTransport transport = null;
 
-                _clientDatagramTransport = datagramTransport;
-                transport = clientProtocol.Connect(this, datagramTransport);
-                _clientDatagramTransport = null;
-            }
-            catch (Exception ex)
-            {
-                handshakeError = ex.Message;
-                return null;
-            }
+                try
+                {
+                    DtlsClientProtocol clientProtocol = new DtlsClientProtocol();
+                    _clientDatagramTransport = datagramTransport;
+                    transport = clientProtocol.Connect(this, datagramTransport);
+                    _clientDatagramTransport = null;
+                }
+                catch (Exception ex)
+                {
+                    handshakeError = ex.Message;
+                    return null;
+                }
 
-            handshakeError = null;
-            return transport;
+                handshakeError = null;
+                return transport;
+            }
         }
 
         public override TlsSession GetSessionToResume()

src/SIPSorcery/net/DtlsSrtp/Lib/DTLS/DtlsServer.cs

@@ -27,13 +27,13 @@
 using Org.BouncyCastle.Utilities.Encoders;
 using System;
 using System.Collections.Generic;
-using System.Text;
 
 namespace SIPSorcery.Net.SharpSRTP.DTLS
 {
     public class DtlsServer : DefaultTlsServer, IDtlsPeer
     {
-        protected DatagramTransport _clientDatagramTransport; // valid only for the current session
+        private readonly object _syncRoot = new object();
+        protected DatagramTransport _clientDatagramTransport = null;
 
         public int TimeoutMilliseconds { get; set; } = 20000;
 
@@ -131,81 +131,33 @@ protected override int[] GetSupportedCipherSuites()
             }
         }
 
-        public virtual DtlsTransport DoHandshake(out string handshakeError, DatagramTransport datagramTransport, Func<string> getRemoteEndpoint, Func<string, DatagramTransport> createClientDatagramTransport)
+        public virtual DtlsTransport DoHandshake(out string handshakeError, DatagramTransport datagramTransport, DtlsRequest request = null)
         {
-            if (datagramTransport == null)
+            lock (_syncRoot)
             {
-                throw new ArgumentNullException(nameof(datagramTransport));
-            }
-
-            if (createClientDatagramTransport == null)
-            {
-                throw new ArgumentNullException(nameof(createClientDatagramTransport));
-            }
-
-            DtlsTransport transport = null;
-
-            try
-            {
-                DtlsServerProtocol serverProtocol = new DtlsServerProtocol();
-                DtlsRequest request = null;
-                string remoteEndpoint = null;
-
-                if (getRemoteEndpoint != null)
+                if (datagramTransport == null)
                 {
-                    // Use DtlsVerifier to require a HelloVerifyRequest cookie exchange before accepting
-                    DtlsVerifier verifier = new DtlsVerifier(Crypto);
-                    int receiveLimit = datagramTransport.GetReceiveLimit();
-                    byte[] buf = new byte[receiveLimit];
-                    int receiveAttemptCounter = 0;
-
-                    do
-                    {
-                        const int RECEIVE_TIMEOUT = 100;
-                        int length = datagramTransport.Receive(buf, 0, receiveLimit, RECEIVE_TIMEOUT);
-                        if (length > 0)
-                        {
-                            remoteEndpoint = getRemoteEndpoint();
-                            if (string.IsNullOrEmpty(remoteEndpoint))
-                            {
-                                throw new InvalidOperationException();
-                            }
-
-                            byte[] clientID = Encoding.UTF8.GetBytes(remoteEndpoint);
-                            request = verifier.VerifyRequest(clientID, buf, 0, length, datagramTransport);
-                        }
-                        else
-                        {
-                            receiveAttemptCounter++;
-
-                            if (receiveAttemptCounter * RECEIVE_TIMEOUT >= TimeoutMilliseconds) // 20 seconds so that we don't wait forever
-                            {
-                                handshakeError = "HelloVerifyRequest cookie exchange could not be verified due to a timeout";
-                                return null;
-                            }
-                        }
-                    }
-                    while (request == null);
+                    throw new ArgumentNullException(nameof(datagramTransport));
                 }
 
-                var clientDatagramTransport = createClientDatagramTransport(remoteEndpoint);
+                DtlsTransport transport = null;
 
-                // store the current client datagram transport for this session
-                _clientDatagramTransport = clientDatagramTransport;
-
-                transport = serverProtocol.Accept(this, clientDatagramTransport, request);
+                try
+                {
+                    DtlsServerProtocol serverProtocol = new DtlsServerProtocol();
+                    _clientDatagramTransport = datagramTransport;
+                    transport = serverProtocol.Accept(this, datagramTransport, request);
+                    _clientDatagramTransport = null;
+                }
+                catch (Exception ex)
+                {
+                    handshakeError = ex.Message;
+                    return null;
+                }
 
-                // clear the reference to the transport after handshake is done
-                _clientDatagramTransport = null;
-            }
-            catch (Exception ex)
-            {
-                handshakeError = ex.Message;
-                return null;
+                handshakeError = null;
+                return transport;
             }
-            
-            handshakeError = null;
-            return transport;
         }
 
         public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, Exception cause)

src/SIPSorcery/net/DtlsSrtp/Lib/DTLS/IDtlsPeer.cs

@@ -123,6 +123,6 @@ public interface IDtlsPeer
         short CertificateHashAlgorithm { get; }
         void SetCertificate(Certificate certificate, AsymmetricKeyParameter privateKey, short signatureAlgorithm, short hashAlgorithm);
 
-        DtlsTransport DoHandshake(out string handshakeError, DatagramTransport datagramTransport, Func<string> getRemoteEndpoint, Func<string, DatagramTransport> createClientDatagramTransport);
+        DtlsTransport DoHandshake(out string handshakeError, DatagramTransport datagramTransport, DtlsRequest request = null);
     }
 }

src/SIPSorcery/net/DtlsSrtp/Lib/DTLSSRTP/DtlsSrtpClient.cs

@@ -27,7 +27,6 @@
 using SIPSorcery.Net.SharpSRTP.SRTP;
 using System;
 using System.Collections.Generic;
-using System.Linq;
 
 namespace SIPSorcery.Net.SharpSRTP.DTLSSRTP
 {
@@ -42,11 +41,11 @@ public DtlsSrtpClient(Certificate certificate = null, AsymmetricKeyParameter pri
            this(new BcTlsCrypto(), certificate, privateKey, certificateSignatureAlgorithm, certificateHashAlgorithm, session)
         { }
 
-        public DtlsSrtpClient(TlsCrypto crypto, Certificate certificate = null, AsymmetricKeyParameter privateKey = null, short certificateSignatureAlgorithm = SignatureAlgorithm.ecdsa, short certificateHashAlgorithm = HashAlgorithm.sha256, TlsSession session = null) : 
+        public DtlsSrtpClient(TlsCrypto crypto, Certificate certificate = null, AsymmetricKeyParameter privateKey = null, short certificateSignatureAlgorithm = SignatureAlgorithm.ecdsa, short certificateHashAlgorithm = HashAlgorithm.sha256, TlsSession session = null) :
             base(crypto, session, certificate, privateKey, certificateSignatureAlgorithm, certificateHashAlgorithm)
         {
             int[] protectionProfiles = GetSupportedProtectionProfiles();
-            
+
             byte[] mki = DtlsSrtpProtocol.GenerateMki(MkiLength);
             this._srtpData = new UseSrtpData(protectionProfiles, mki);
 
@@ -59,10 +58,10 @@ private void DtlsSrtpClient_OnHandshakeCompleted(object sender, DtlsHandshakeCom
             Certificate peerCertificate = e.SecurityParameters.PeerCertificate;
             OnSessionStarted?.Invoke(this, new DtlsSessionStartedEventArgs(context, peerCertificate, base._clientDatagramTransport));
         }
-       
+
         public void SetMKI(byte[] mki)
         {
-            if(mki == null)
+            if (mki == null)
             {
                 MkiLength = 0;
                 mki = new byte[0];
@@ -82,7 +81,7 @@ public void SetMKI(byte[] mki)
 
         protected virtual int[] GetSupportedProtectionProfiles()
         {
-            return new int[] 
+            return new int[]
             {
                 ExtendedSrtpProtectionProfile.DOUBLE_AEAD_AES_256_GCM_AEAD_AES_256_GCM,
                 ExtendedSrtpProtectionProfile.DOUBLE_AEAD_AES_128_GCM_AEAD_AES_128_GCM,
@@ -124,13 +123,13 @@ public override void ProcessServerExtensions(IDictionary<int, byte[]> serverExte
 
             // verify that the server has selected a profile we support
             int selectedProfile = serverSrtpExtension.ProtectionProfiles[0];
-            if (!clientSupportedProfiles.Contains(selectedProfile))
+            if (Array.IndexOf(clientSupportedProfiles, selectedProfile) < 0)
             {
                 throw new TlsFatalAlert(AlertDescription.internal_error);
             }
 
             // verify the mki sent by the server matches our mki
-            if (_srtpData.Mki != null && serverSrtpExtension.Mki != null && !Enumerable.SequenceEqual(_srtpData.Mki, serverSrtpExtension.Mki))
+            if (_srtpData.Mki != null && serverSrtpExtension.Mki != null && !_srtpData.Mki.AsSpan().SequenceEqual(serverSrtpExtension.Mki))
             {
                 throw new TlsFatalAlert(AlertDescription.illegal_parameter);
             }