Skip to content

Commit

Permalink
Chrome is now checking certificate type and needs to be passed the co…
Browse files Browse the repository at this point in the history 
…rrect one in Certificate Request. Certificate WebRTC primarily uses ECDSA, I believe the intent is to support ECDSA, TLS protocol, you need to say so in the CertificateRequest message. (#1105)

Adding ECDSA to DtlsSrtp/DtlsSrtpClient.cs as just to remain in sync with the server code but I have no way to verify that direction.
  • Loading branch information
@moorecj
moorecj committed Apr 18, 2024
1 parent 093f497 commit 453b9e2
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion src/net/DtlsSrtp/DtlsSrtpClient.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ public virtual void NotifyServerCertificate(Certificate serverCertificate)
public virtual TlsCredentials GetClientCredentials(CertificateRequest certificateRequest)
{
byte[] certificateTypes = certificateRequest.CertificateTypes;
if (certificateTypes == null || !Arrays.Contains(certificateTypes, ClientCertificateType.rsa_sign))
if (certificateTypes == null || !Arrays.Contains(certificateTypes, ClientCertificateType.rsa_sign) || !Arrays.Contains(certificateTypes, ClientCertificateType.ecdsa_sign))
{
return null;
}
Expand Down
2 changes: 1 addition & 1 deletion src/net/DtlsSrtp/DtlsSrtpServer.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -248,7 +248,7 @@ public override CertificateRequest GetCertificateRequest()
}
}
}
return new CertificateRequest(new byte[] { ClientCertificateType.rsa_sign }, serverSigAlgs, null);
return new CertificateRequest(new byte[] { ClientCertificateType.rsa_sign, ClientCertificateType.ecdsa_sign }, serverSigAlgs, null);
}

public override void NotifyClientCertificate(Certificate clientCertificate)
Expand Down

0 comments on commit 453b9e2

Please sign in to comment.