From b931e1153c49ac2a404e63cce349e215dfd81f20 Mon Sep 17 00:00:00 2001
From: Paulina Bien <74770091+pabi-milestone@users.noreply.github.com>
Date: Fri, 13 Dec 2024 10:56:46 +0100
Subject: [PATCH] Updated getting authenticated STUN request to use FIPS
 compliant library. (#1257)

* Updated getting authenticated STUN request to use FIPS compliant library.

* Removed additional characters added by mistake.
---
 src/net/ICE/RtpIceChannel.cs | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/net/ICE/RtpIceChannel.cs b/src/net/ICE/RtpIceChannel.cs
index 3a14f581b..8defae434 100755
--- a/src/net/ICE/RtpIceChannel.cs
+++ b/src/net/ICE/RtpIceChannel.cs
@@ -76,6 +76,7 @@
 using System.Threading;
 using System.Threading.Tasks;
 using Microsoft.Extensions.Logging;
+using Org.BouncyCastle.Crypto.Digests;
 using SIPSorcery.Sys;
 
 [assembly: InternalsVisibleToAttribute("SIPSorcery.UnitTests")]
@@ -2586,13 +2587,14 @@ private byte[] GetAuthenticatedStunRequest(STUNMessage stunRequest, string usern
 
             // See https://tools.ietf.org/html/rfc5389#section-15.4
             string key = $"{username}:{Encoding.UTF8.GetString(realm)}:{password}";
-            // TODO: When .NET Standard and Framework support are deprecated this pragma can be removed.
-#pragma warning disable SYSLIB0021
-            MD5 md5 = new MD5CryptoServiceProvider();
-            byte[] md5Hash = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
-#pragma warning restore SYSLIB0021
+            var buffer = Encoding.UTF8.GetBytes(key);
+            var md5Digest = new MD5Digest();
+            var hash = new byte[md5Digest.GetDigestSize()];
 
-            return stunRequest.ToByteBuffer(md5Hash, true);
+            md5Digest.BlockUpdate(buffer, 0, buffer.Length);
+            md5Digest.DoFinal(hash, 0);
+
+            return stunRequest.ToByteBuffer(hash, true);
         }
 
         /// <summary>