[html5] r5946 - [giow] (0) Fix some minor mistakes and change the way the data UDP media stream [...]
whatwg at whatwg.org
whatwg at whatwg.org
Mon Mar 14 11:24:15 PDT 2011
Author: ianh
Date: 2011-03-14 11:24:13 -0700 (Mon, 14 Mar 2011)
New Revision: 5946
Modified:
complete.html
index
source
Log:
[giow] (0) Fix some minor mistakes and change the way the data UDP media stream is encrypted to be less predictable.
Modified: complete.html
===================================================================
--- complete.html 2011-03-14 10:19:45 UTC (rev 5945)
+++ complete.html 2011-03-14 18:24:13 UTC (rev 5946)
@@ -71094,7 +71094,7 @@
exception here, or for /options/ below, without changing the
algorithm) -->
- <li><p><a href=#split-a-string-on-spaces title="split a string on spaces">Split <var title="">options</var> on spaces</a> to obtain <var title="">list of options</var>.</li>
+ <li><p><a href=#split-a-string-on-commas title="split a string on commas">Split <var title="">options</var> on commas</a> to obtain <var title="">list of options</var>.</li>
<li><p>If one of the tokens in <var title="">list of options</var>
is a <a href=#case-sensitive>case-sensitive</a> match for the string "<code title="">audio</code>", let <var title="">audio</var> be true.
@@ -72126,10 +72126,10 @@
<li><p>Let <var title="">data</var> be <var title="">message</var>
encoded as UTF-8. <a href=#refsRFC3629>[RFC3629]</a></li>
- <li><p>If <var title="">data</var> is longer than 65470 bytes,
+ <li><p>If <var title="">data</var> is longer than 65467 bytes,
throw an <code><a href=#invalid_access_err>INVALID_ACCESS_ERR</a></code> exception and abort these
steps.</li>
- <!-- 65470 = 65535 (64K, max IP size) - 40 (IP header) - 8 (UDP header) - 16 (nonce) - 1 (payload type byte) -->
+ <!-- 65470 = 65535 (64K, max IP size) - 40 (IP header) - 8 (UDP header) - 16 (nonce) - 4 (payload type bytes) -->
<li><p>If the <code><a href=#peerconnection>PeerConnection</a></code>'s
<a href=#peerconnection-data-udp-media-stream><code>PeerConnection</code> data UDP media stream</a> is
@@ -72290,38 +72290,46 @@
protocols). For the purposes of masking, the <dfn id=data-udp-media-stream-salt>data UDP media
stream salt</dfn> is defined to be the following 16 bytes, described
here as hexadecimal numbers: DB 68 B5 FD 17 0E 15 77 56 AF 7A 3A 1A
- 57 75 02</p> <!-- obtained thusly: head -c 16 /dev/urandom |
- hexdump -C -->
+ 57 75 02</p>
+ <!-- obtained thusly: head -c 16 /dev/urandom | hexdump -C -->
<p>When the user agent is to <dfn id=transmit-a-data-packet-to-a-peer>transmit a data packet to a
peer</dfn> using a <a href=#data-udp-media-stream>data UDP media stream</a> and with a
- byte string payload <var title="">data</var>, the user agent must
+ byte string payload <var title="">raw message</var>, the user agent must
run the following steps:</p>
<ol><li><p>Let <var title="">nonce</var> be 16 cryptographically random
bytes.</li>
+ <li><p>Let <var title="">mask-key</var> be the first 16 bytes of
+ the HMAC-SHA1 of the 16 <var title="">nonce</var> bytes
+ concatenated with the 16 <a href=#data-udp-media-stream-salt>data UDP media stream salt</a>
+ bytes. <a href=#refsHMAC>[HMAC]</a> <a href=#refsSHA1>[SHA1]</a></li>
+
+ <li><p>Let <var title="">typed raw message</var> be the
+ concatenation of three 0x00 bytes, a 0x01 byte, and <var title="">raw message</var>.</li>
+
+ <li><p>Let <var title="">masked message</var> be the result of
+ encrypting <var title="">typed raw message</var> using AES-128-CTR
+ keyed with <var title="">mask-key</var>. <a href=#refsAES128CTR>[AES128CTR]</a></li>
+
+ <li><p>Let <var title="">masked message with nonce</var> be the
+ concatenation of <var title="">nonce</var> and <var title="">masked
+ message</var>.</li>
+
<li><p>Let <var title="">ice-key</var> be the 16 bytes given as the
encryption key for the <a href=#data-udp-media-stream>data UDP media stream</a> in its
media description, as defined above.</li>
- <li><p>Let <var title="">key</var> be the first 16 bytes of the
- HMAC-SHA1 of the 16 <var title="">nonce</var> bytes concatenated
- with the 16 <var title="">ice-key</var> bytes concatenated with the
- 16 <a href=#data-udp-media-stream-salt>data UDP media stream salt</a> bytes. <a href=#refsHMAC>[HMAC]</a> <a href=#refsSHA1>[SHA1]</a></li>
+ <li><p>Let <var title="">encrypted message</var> be the result of
+ encrypting <var title="">masked message with nonce</var> using
+ AES-128-CTR keyed with <var title="">ice-key</var>. <a href=#refsAES128CTR>[AES128CTR]</a></li>
- <li><p>Let <var title="">message</var> be a 0x01 byte followed by
- <var title="">data</var>.</li>
+ <li><p>Send <var title="">encrypted message</var> in a UDP packet
+ to the destination that the relevant
+ <a href=#peerconnection-ice-agent><code>PeerConnection</code> ICE Agent</a> has selected a
+ destination for the <a href=#data-udp-media-stream>data UDP media stream</a>.</li>
- <li><p>Let <var title="">masked message</var> be the result of
- encrypting <var title="">message</var> using AES-128-CTR keyed with
- <var title="">key</var>. <a href=#refsAES128CTR>[AES128CTR]</a></li>
-
- <li><p>Send the concatenation of <var title="">nonce</var> and <var title="">masked message</var> in a UDP packet to the destination
- that the relevant <a href=#peerconnection-ice-agent><code>PeerConnection</code> ICE
- Agent</a> has selected a destination for the <a href=#data-udp-media-stream>data UDP
- media stream</a>.</li>
-
</ol><p>A <dfn id=remote-data-udp-media-stream>remote data UDP media stream</dfn> is the first UDP media
stream whose sender is the remote peer, whose label attribute
("<code title="">a=label:</code>") has the value "<code title="">data</code>", and for which a
@@ -72336,33 +72344,40 @@
<p>When a packet from a <a href=#remote-data-udp-media-stream>remote data UDP media stream</a> is
received, the user agent must run the following steps:</p>
- <ol><li><p>Let <var title="">data</var> be the UDP packet's data.</li>
+ <ol><li><p>Let <var title="">encrypted message</var> be the UDP
+ packet's data.</li>
- <li><p>If <var title="">data</var> is shorter than 17 bytes, then
- abort these steps.</li>
+ <li><p>If <var title="">encrypted message</var> is shorter than 20
+ bytes, then abort these steps.</li>
- <li><p>Let <var title="">nonce</var> be the first 16 bytes of the
- <var title="">data</var>.</li>
-
<li><p>Let <var title="">ice-key</var> be the 16 bytes given as the
encryption key for the <a href=#remote-data-udp-media-stream>remote data UDP media stream</a> in
the media description for this media stream. <a href=#refsSDP>[SDP]</a></li>
+ <li><p>Let <var title="">masked message with nonce</var> be the
+ result of decrypting <var title="">message</var> using AES-128-CTR
+ keyed with <var title="">ice-key</var>. <a href=#refsAES128CTR>[AES128CTR]</a></li>
+
+ <li><p>Let <var title="">nonce</var> be the first 16 bytes of the
+ <var title="">masked message with nonce</var>.</li>
+
+ <li><p>Let <var title="">masked message</var> be all but the first
+ 16 bytes of <var title="">masked message with nonce</var>.</li>
+
<li><p>Let <var title="">key</var> be the first 16 bytes of the
HMAC-SHA1 of the 16 <var title="">nonce</var> bytes concatenated
- with the 16 <var title="">ice-key</var> bytes concatenated with the
- 16 <a href=#data-udp-media-stream-salt>data UDP media stream salt</a> bytes. <a href=#refsHMAC>[HMAC]</a> <a href=#refsSHA1>[SHA1]</a></li>
+ with the 16 <a href=#data-udp-media-stream-salt>data UDP media stream salt</a> bytes. <a href=#refsHMAC>[HMAC]</a> <a href=#refsSHA1>[SHA1]</a></li>
- <li><p>Let <var title="">unmasked data</var> be the result of
- decrypting <var title="">message</var> using AES-128-CTR keyed with
- <var title="">key</var>. <a href=#refsAES128CTR>[AES128CTR]</a></li>
+ <li><p>Let <var title="">typed raw message</var> be the result of
+ decrypting <var title="">masked message</var> using AES-128-CTR
+ keyed with <var title="">key</var>. <a href=#refsAES128CTR>[AES128CTR]</a></li>
- <li><p>If the first byte of <var title="">unmasked data</var> is
- not 0x01, then abort these steps.</li>
+ <li><p>If the four bytes of <var title="">typed raw message</var>
+ are not 0x00, 0x00, 0x00, and 0x01 respectively, then abort these
+ steps.</li>
- <li><p>Let <var title="">raw message</var> be the string consisting
- of all but the first character of <var title="">unmasked
- message</var>.</li>
+ <li><p>Let <var title="">raw message</var> be the byte string
+ consisting of all but the first four characters of <var title="">typed raw message</var>.</li>
<li><p>Let <var title="">message</var> be <var title="">raw
message</var> <a href=#decoded-as-utf-8,-with-error-handling>decoded as UTF-8, with error
@@ -72377,8 +72392,12 @@
<code><a href=#peerconnection>PeerConnection</a></code> object that the <a href=#remote-data-udp-media-stream>remote data UDP
media stream</a> is associated with.</li>
- </ol><h4 id=event-definitions-0><span class=secno>9.1.5 </span>Event definitions</h4>
+ </ol><p>The <a href=#task-source>task source</a> for this <a href=#concept-task title=concept-task>task</a> is the <a href=#networking-task-source>networking task
+ source</a>.</p>
+
+ <h4 id=event-definitions-0><span class=secno>9.1.5 </span>Event definitions</h4>
+
<p>The <code title=event-stream-addstream>addstream</code> and
<code title=event-stream-removestream>removestream</code> events
use the <code><a href=#streamevent>StreamEvent</a></code> interface:</p>
Modified: index
===================================================================
--- index 2011-03-14 10:19:45 UTC (rev 5945)
+++ index 2011-03-14 18:24:13 UTC (rev 5946)
@@ -71103,7 +71103,7 @@
exception here, or for /options/ below, without changing the
algorithm) -->
- <li><p><a href=#split-a-string-on-spaces title="split a string on spaces">Split <var title="">options</var> on spaces</a> to obtain <var title="">list of options</var>.</li>
+ <li><p><a href=#split-a-string-on-commas title="split a string on commas">Split <var title="">options</var> on commas</a> to obtain <var title="">list of options</var>.</li>
<li><p>If one of the tokens in <var title="">list of options</var>
is a <a href=#case-sensitive>case-sensitive</a> match for the string "<code title="">audio</code>", let <var title="">audio</var> be true.
@@ -72135,10 +72135,10 @@
<li><p>Let <var title="">data</var> be <var title="">message</var>
encoded as UTF-8. <a href=#refsRFC3629>[RFC3629]</a></li>
- <li><p>If <var title="">data</var> is longer than 65470 bytes,
+ <li><p>If <var title="">data</var> is longer than 65467 bytes,
throw an <code><a href=#invalid_access_err>INVALID_ACCESS_ERR</a></code> exception and abort these
steps.</li>
- <!-- 65470 = 65535 (64K, max IP size) - 40 (IP header) - 8 (UDP header) - 16 (nonce) - 1 (payload type byte) -->
+ <!-- 65470 = 65535 (64K, max IP size) - 40 (IP header) - 8 (UDP header) - 16 (nonce) - 4 (payload type bytes) -->
<li><p>If the <code><a href=#peerconnection>PeerConnection</a></code>'s
<a href=#peerconnection-data-udp-media-stream><code>PeerConnection</code> data UDP media stream</a> is
@@ -72299,38 +72299,46 @@
protocols). For the purposes of masking, the <dfn id=data-udp-media-stream-salt>data UDP media
stream salt</dfn> is defined to be the following 16 bytes, described
here as hexadecimal numbers: DB 68 B5 FD 17 0E 15 77 56 AF 7A 3A 1A
- 57 75 02</p> <!-- obtained thusly: head -c 16 /dev/urandom |
- hexdump -C -->
+ 57 75 02</p>
+ <!-- obtained thusly: head -c 16 /dev/urandom | hexdump -C -->
<p>When the user agent is to <dfn id=transmit-a-data-packet-to-a-peer>transmit a data packet to a
peer</dfn> using a <a href=#data-udp-media-stream>data UDP media stream</a> and with a
- byte string payload <var title="">data</var>, the user agent must
+ byte string payload <var title="">raw message</var>, the user agent must
run the following steps:</p>
<ol><li><p>Let <var title="">nonce</var> be 16 cryptographically random
bytes.</li>
+ <li><p>Let <var title="">mask-key</var> be the first 16 bytes of
+ the HMAC-SHA1 of the 16 <var title="">nonce</var> bytes
+ concatenated with the 16 <a href=#data-udp-media-stream-salt>data UDP media stream salt</a>
+ bytes. <a href=#refsHMAC>[HMAC]</a> <a href=#refsSHA1>[SHA1]</a></li>
+
+ <li><p>Let <var title="">typed raw message</var> be the
+ concatenation of three 0x00 bytes, a 0x01 byte, and <var title="">raw message</var>.</li>
+
+ <li><p>Let <var title="">masked message</var> be the result of
+ encrypting <var title="">typed raw message</var> using AES-128-CTR
+ keyed with <var title="">mask-key</var>. <a href=#refsAES128CTR>[AES128CTR]</a></li>
+
+ <li><p>Let <var title="">masked message with nonce</var> be the
+ concatenation of <var title="">nonce</var> and <var title="">masked
+ message</var>.</li>
+
<li><p>Let <var title="">ice-key</var> be the 16 bytes given as the
encryption key for the <a href=#data-udp-media-stream>data UDP media stream</a> in its
media description, as defined above.</li>
- <li><p>Let <var title="">key</var> be the first 16 bytes of the
- HMAC-SHA1 of the 16 <var title="">nonce</var> bytes concatenated
- with the 16 <var title="">ice-key</var> bytes concatenated with the
- 16 <a href=#data-udp-media-stream-salt>data UDP media stream salt</a> bytes. <a href=#refsHMAC>[HMAC]</a> <a href=#refsSHA1>[SHA1]</a></li>
+ <li><p>Let <var title="">encrypted message</var> be the result of
+ encrypting <var title="">masked message with nonce</var> using
+ AES-128-CTR keyed with <var title="">ice-key</var>. <a href=#refsAES128CTR>[AES128CTR]</a></li>
- <li><p>Let <var title="">message</var> be a 0x01 byte followed by
- <var title="">data</var>.</li>
+ <li><p>Send <var title="">encrypted message</var> in a UDP packet
+ to the destination that the relevant
+ <a href=#peerconnection-ice-agent><code>PeerConnection</code> ICE Agent</a> has selected a
+ destination for the <a href=#data-udp-media-stream>data UDP media stream</a>.</li>
- <li><p>Let <var title="">masked message</var> be the result of
- encrypting <var title="">message</var> using AES-128-CTR keyed with
- <var title="">key</var>. <a href=#refsAES128CTR>[AES128CTR]</a></li>
-
- <li><p>Send the concatenation of <var title="">nonce</var> and <var title="">masked message</var> in a UDP packet to the destination
- that the relevant <a href=#peerconnection-ice-agent><code>PeerConnection</code> ICE
- Agent</a> has selected a destination for the <a href=#data-udp-media-stream>data UDP
- media stream</a>.</li>
-
</ol><p>A <dfn id=remote-data-udp-media-stream>remote data UDP media stream</dfn> is the first UDP media
stream whose sender is the remote peer, whose label attribute
("<code title="">a=label:</code>") has the value "<code title="">data</code>", and for which a
@@ -72345,33 +72353,40 @@
<p>When a packet from a <a href=#remote-data-udp-media-stream>remote data UDP media stream</a> is
received, the user agent must run the following steps:</p>
- <ol><li><p>Let <var title="">data</var> be the UDP packet's data.</li>
+ <ol><li><p>Let <var title="">encrypted message</var> be the UDP
+ packet's data.</li>
- <li><p>If <var title="">data</var> is shorter than 17 bytes, then
- abort these steps.</li>
+ <li><p>If <var title="">encrypted message</var> is shorter than 20
+ bytes, then abort these steps.</li>
- <li><p>Let <var title="">nonce</var> be the first 16 bytes of the
- <var title="">data</var>.</li>
-
<li><p>Let <var title="">ice-key</var> be the 16 bytes given as the
encryption key for the <a href=#remote-data-udp-media-stream>remote data UDP media stream</a> in
the media description for this media stream. <a href=#refsSDP>[SDP]</a></li>
+ <li><p>Let <var title="">masked message with nonce</var> be the
+ result of decrypting <var title="">message</var> using AES-128-CTR
+ keyed with <var title="">ice-key</var>. <a href=#refsAES128CTR>[AES128CTR]</a></li>
+
+ <li><p>Let <var title="">nonce</var> be the first 16 bytes of the
+ <var title="">masked message with nonce</var>.</li>
+
+ <li><p>Let <var title="">masked message</var> be all but the first
+ 16 bytes of <var title="">masked message with nonce</var>.</li>
+
<li><p>Let <var title="">key</var> be the first 16 bytes of the
HMAC-SHA1 of the 16 <var title="">nonce</var> bytes concatenated
- with the 16 <var title="">ice-key</var> bytes concatenated with the
- 16 <a href=#data-udp-media-stream-salt>data UDP media stream salt</a> bytes. <a href=#refsHMAC>[HMAC]</a> <a href=#refsSHA1>[SHA1]</a></li>
+ with the 16 <a href=#data-udp-media-stream-salt>data UDP media stream salt</a> bytes. <a href=#refsHMAC>[HMAC]</a> <a href=#refsSHA1>[SHA1]</a></li>
- <li><p>Let <var title="">unmasked data</var> be the result of
- decrypting <var title="">message</var> using AES-128-CTR keyed with
- <var title="">key</var>. <a href=#refsAES128CTR>[AES128CTR]</a></li>
+ <li><p>Let <var title="">typed raw message</var> be the result of
+ decrypting <var title="">masked message</var> using AES-128-CTR
+ keyed with <var title="">key</var>. <a href=#refsAES128CTR>[AES128CTR]</a></li>
- <li><p>If the first byte of <var title="">unmasked data</var> is
- not 0x01, then abort these steps.</li>
+ <li><p>If the four bytes of <var title="">typed raw message</var>
+ are not 0x00, 0x00, 0x00, and 0x01 respectively, then abort these
+ steps.</li>
- <li><p>Let <var title="">raw message</var> be the string consisting
- of all but the first character of <var title="">unmasked
- message</var>.</li>
+ <li><p>Let <var title="">raw message</var> be the byte string
+ consisting of all but the first four characters of <var title="">typed raw message</var>.</li>
<li><p>Let <var title="">message</var> be <var title="">raw
message</var> <a href=#decoded-as-utf-8,-with-error-handling>decoded as UTF-8, with error
@@ -72386,8 +72401,12 @@
<code><a href=#peerconnection>PeerConnection</a></code> object that the <a href=#remote-data-udp-media-stream>remote data UDP
media stream</a> is associated with.</li>
- </ol><h4 id=event-definitions-0><span class=secno>9.1.5 </span>Event definitions</h4>
+ </ol><p>The <a href=#task-source>task source</a> for this <a href=#concept-task title=concept-task>task</a> is the <a href=#networking-task-source>networking task
+ source</a>.</p>
+
+ <h4 id=event-definitions-0><span class=secno>9.1.5 </span>Event definitions</h4>
+
<p>The <code title=event-stream-addstream>addstream</code> and
<code title=event-stream-removestream>removestream</code> events
use the <code><a href=#streamevent>StreamEvent</a></code> interface:</p>
Modified: source
===================================================================
--- source 2011-03-14 10:19:45 UTC (rev 5945)
+++ source 2011-03-14 18:24:13 UTC (rev 5946)
@@ -81081,8 +81081,8 @@
exception here, or for /options/ below, without changing the
algorithm) -->
- <li><p><span title="split a string on spaces">Split <var
- title="">options</var> on spaces</span> to obtain <var
+ <li><p><span title="split a string on commas">Split <var
+ title="">options</var> on commas</span> to obtain <var
title="">list of options</var>.</p></li>
<li><p>If one of the tokens in <var title="">list of options</var>
@@ -82306,10 +82306,10 @@
<li><p>Let <var title="">data</var> be <var title="">message</var>
encoded as UTF-8. <a href="#refsRFC3629">[RFC3629]</a></p></li>
- <li><p>If <var title="">data</var> is longer than 65470 bytes,
+ <li><p>If <var title="">data</var> is longer than 65467 bytes,
throw an <code>INVALID_ACCESS_ERR</code> exception and abort these
steps.</p></li>
- <!-- 65470 = 65535 (64K, max IP size) - 40 (IP header) - 8 (UDP header) - 16 (nonce) - 1 (payload type byte) -->
+ <!-- 65470 = 65535 (64K, max IP size) - 40 (IP header) - 8 (UDP header) - 16 (nonce) - 4 (payload type bytes) -->
<li><p>If the <code>PeerConnection</code>'s
<span><code>PeerConnection</code> data UDP media stream</span> is
@@ -82502,12 +82502,12 @@
protocols). For the purposes of masking, the <dfn>data UDP media
stream salt</dfn> is defined to be the following 16 bytes, described
here as hexadecimal numbers: DB 68 B5 FD 17 0E 15 77 56 AF 7A 3A 1A
- 57 75 02</p> <!-- obtained thusly: head -c 16 /dev/urandom |
- hexdump -C -->
+ 57 75 02</p>
+ <!-- obtained thusly: head -c 16 /dev/urandom | hexdump -C -->
<p>When the user agent is to <dfn>transmit a data packet to a
peer</dfn> using a <span>data UDP media stream</span> and with a
- byte string payload <var title="">data</var>, the user agent must
+ byte string payload <var title="">raw message</var>, the user agent must
run the following steps:</p>
<ol>
@@ -82515,29 +82515,38 @@
<li><p>Let <var title="">nonce</var> be 16 cryptographically random
bytes.</p></li>
+ <li><p>Let <var title="">mask-key</var> be the first 16 bytes of
+ the HMAC-SHA1 of the 16 <var title="">nonce</var> bytes
+ concatenated with the 16 <span>data UDP media stream salt</span>
+ bytes. <a href="#refsHMAC">[HMAC]</a> <a
+ href="#refsSHA1">[SHA1]</a></p></li>
+
+ <li><p>Let <var title="">typed raw message</var> be the
+ concatenation of three 0x00 bytes, a 0x01 byte, and <var
+ title="">raw message</var>.</p></li>
+
+ <li><p>Let <var title="">masked message</var> be the result of
+ encrypting <var title="">typed raw message</var> using AES-128-CTR
+ keyed with <var title="">mask-key</var>. <a
+ href="#refsAES128CTR">[AES128CTR]</a></p></li>
+
+ <li><p>Let <var title="">masked message with nonce</var> be the
+ concatenation of <var title="">nonce</var> and <var title="">masked
+ message</var>.</p></li>
+
<li><p>Let <var title="">ice-key</var> be the 16 bytes given as the
encryption key for the <span>data UDP media stream</span> in its
media description, as defined above.</p></li>
- <li><p>Let <var title="">key</var> be the first 16 bytes of the
- HMAC-SHA1 of the 16 <var title="">nonce</var> bytes concatenated
- with the 16 <var title="">ice-key</var> bytes concatenated with the
- 16 <span>data UDP media stream salt</span> bytes. <a
- href="#refsHMAC">[HMAC]</a> <a href="#refsSHA1">[SHA1]</a></p></li>
-
- <li><p>Let <var title="">message</var> be a 0x01 byte followed by
- <var title="">data</var>.</p></li>
-
- <li><p>Let <var title="">masked message</var> be the result of
- encrypting <var title="">message</var> using AES-128-CTR keyed with
- <var title="">key</var>. <a
+ <li><p>Let <var title="">encrypted message</var> be the result of
+ encrypting <var title="">masked message with nonce</var> using
+ AES-128-CTR keyed with <var title="">ice-key</var>. <a
href="#refsAES128CTR">[AES128CTR]</a></p></li>
- <li><p>Send the concatenation of <var title="">nonce</var> and <var
- title="">masked message</var> in a UDP packet to the destination
- that the relevant <span><code>PeerConnection</code> ICE
- Agent</span> has selected a destination for the <span>data UDP
- media stream</span>.</p></li>
+ <li><p>Send <var title="">encrypted message</var> in a UDP packet
+ to the destination that the relevant
+ <span><code>PeerConnection</code> ICE Agent</span> has selected a
+ destination for the <span>data UDP media stream</span>.</p></li>
</ol>
@@ -82558,36 +82567,45 @@
<ol>
- <li><p>Let <var title="">data</var> be the UDP packet's data.</p></li>
+ <li><p>Let <var title="">encrypted message</var> be the UDP
+ packet's data.</p></li>
- <li><p>If <var title="">data</var> is shorter than 17 bytes, then
- abort these steps.</p></li>
+ <li><p>If <var title="">encrypted message</var> is shorter than 20
+ bytes, then abort these steps.</p></li>
- <li><p>Let <var title="">nonce</var> be the first 16 bytes of the
- <var title="">data</var>.</p></li>
-
<li><p>Let <var title="">ice-key</var> be the 16 bytes given as the
encryption key for the <span>remote data UDP media stream</span> in
the media description for this media stream. <a
href="#refsSDP">[SDP]</a></p></li>
+ <li><p>Let <var title="">masked message with nonce</var> be the
+ result of decrypting <var title="">message</var> using AES-128-CTR
+ keyed with <var title="">ice-key</var>. <a
+ href="#refsAES128CTR">[AES128CTR]</a></p></li>
+
+ <li><p>Let <var title="">nonce</var> be the first 16 bytes of the
+ <var title="">masked message with nonce</var>.</p></li>
+
+ <li><p>Let <var title="">masked message</var> be all but the first
+ 16 bytes of <var title="">masked message with nonce</var>.</p></li>
+
<li><p>Let <var title="">key</var> be the first 16 bytes of the
HMAC-SHA1 of the 16 <var title="">nonce</var> bytes concatenated
- with the 16 <var title="">ice-key</var> bytes concatenated with the
- 16 <span>data UDP media stream salt</span> bytes. <a
+ with the 16 <span>data UDP media stream salt</span> bytes. <a
href="#refsHMAC">[HMAC]</a> <a href="#refsSHA1">[SHA1]</a></li>
- <li><p>Let <var title="">unmasked data</var> be the result of
- decrypting <var title="">message</var> using AES-128-CTR keyed with
- <var title="">key</var>. <a
+ <li><p>Let <var title="">typed raw message</var> be the result of
+ decrypting <var title="">masked message</var> using AES-128-CTR
+ keyed with <var title="">key</var>. <a
href="#refsAES128CTR">[AES128CTR]</a></p></li>
- <li><p>If the first byte of <var title="">unmasked data</var> is
- not 0x01, then abort these steps.</p></li>
+ <li><p>If the four bytes of <var title="">typed raw message</var>
+ are not 0x00, 0x00, 0x00, and 0x01 respectively, then abort these
+ steps.</p></li>
- <li><p>Let <var title="">raw message</var> be the string consisting
- of all but the first character of <var title="">unmasked
- message</var>.</p></li>
+ <li><p>Let <var title="">raw message</var> be the byte string
+ consisting of all but the first four characters of <var
+ title="">typed raw message</var>.</p></li>
<li><p>Let <var title="">message</var> be <var title="">raw
message</var> <span>decoded as UTF-8, with error
@@ -82604,7 +82622,11 @@
</ol>
+ <p>The <span>task source</span> for this <span
+ title="concept-task">task</span> is the <span>networking task
+ source</span>.</p>
+
<h4>Event definitions</h4>
<p>The <code title="event-stream-addstream">addstream</code> and
More information about the Commit-Watchers
mailing list