Updated getting authenticated STUN request to use FIPS compliant libr…

…ary. (sipsorcery-org#1257) * Updated getting authenticated STUN request to use FIPS compliant library. * Removed additional characters added by mistake.
ha-ves · Dec 13, 2024 · b931e11 · b931e11
1 parent 2ab8d55
commit b931e11
Showing 1 changed file with 8 additions and 6 deletions.
diff --git a/src/net/ICE/RtpIceChannel.cs b/src/net/ICE/RtpIceChannel.cs
@@ -76,6 +76,7 @@
 using System.Threading;
 using System.Threading.Tasks;
 using Microsoft.Extensions.Logging;
+using Org.BouncyCastle.Crypto.Digests;
 using SIPSorcery.Sys;
 
 [assembly: InternalsVisibleToAttribute("SIPSorcery.UnitTests")]
@@ -2586,13 +2587,14 @@ private byte[] GetAuthenticatedStunRequest(STUNMessage stunRequest, string usern
 
             // See https://tools.ietf.org/html/rfc5389#section-15.4
             string key = $"{username}:{Encoding.UTF8.GetString(realm)}:{password}";
-            // TODO: When .NET Standard and Framework support are deprecated this pragma can be removed.
-#pragma warning disable SYSLIB0021
-            MD5 md5 = new MD5CryptoServiceProvider();
-            byte[] md5Hash = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
-#pragma warning restore SYSLIB0021
+            var buffer = Encoding.UTF8.GetBytes(key);
+            var md5Digest = new MD5Digest();
+            var hash = new byte[md5Digest.GetDigestSize()];
 
-            return stunRequest.ToByteBuffer(md5Hash, true);
+            md5Digest.BlockUpdate(buffer, 0, buffer.Length);
+            md5Digest.DoFinal(hash, 0);
+
+            return stunRequest.ToByteBuffer(hash, true);
         }
 
         /// <summary>