tobiasfriden/dtls.patch

## dtls.patch
diff --git a/pkg/dtls/conn.go b/pkg/dtls/conn.go
index 9060bf3..69db502 100644
--- a/pkg/dtls/conn.go
+++ b/pkg/dtls/conn.go
@@ -87,7 +87,7 @@ func createConn(nextConn net.Conn, timerThread timerThread, handshakeMessageHand
 	c.localRandom.populate()
 	if !isClient {
 		c.cookie = make([]byte, cookieLength)
-		c.localKeypair, _ = generateKeypair(namedCurveX25519)
+		c.localKeypair, _ = generateKeypair(namedCurveP256)

 		if _, err := rand.Read(c.cookie); err != nil {
 			return nil, err
diff --git a/pkg/dtls/server_handlers.go b/pkg/dtls/server_handlers.go
index 6a34456..d6008c5 100644
--- a/pkg/dtls/server_handlers.go
+++ b/pkg/dtls/server_handlers.go
@@ -41,7 +41,7 @@ func serverHandshakeHandler(c *Conn) error {

 		case *handshakeMessageClientKeyExchange:
 			if c.currFlight.get() == flight4 {
-				c.remoteKeypair = &namedCurveKeypair{namedCurveX25519, h.publicKey, nil}
+				c.remoteKeypair = &namedCurveKeypair{namedCurveP256, h.publicKey, nil}

 				serverRandom, err := c.localRandom.marshal()
 				if err != nil {
@@ -165,7 +165,7 @@ func serverTimerThread(c *Conn) {
 				panic(err)
 			}

-			signature, err := generateKeySignature(clientRandom, serverRandom, c.localKeypair.publicKey, namedCurveX25519, c.localPrivateKey)
+			signature, err := generateKeySignature(clientRandom, serverRandom, c.localKeypair.publicKey, namedCurveP256, c.localPrivateKey)
 			if err != nil {
 				panic(err)
 			}
@@ -182,7 +182,7 @@ func serverTimerThread(c *Conn) {
 					},
 					handshakeMessage: &handshakeMessageServerKeyExchange{
 						ellipticCurveType:  ellipticCurveTypeNamedCurve,
-						namedCurve:         namedCurveX25519,
+						namedCurve:         namedCurveP256,
 						publicKey:          c.localKeypair.publicKey,
 						hashAlgorithm:      HashAlgorithmSHA256,
 						signatureAlgorithm: signatureAlgorithmECDSA,

## webrtc.patch
diff --git a/internal/network/srtp.go b/internal/network/srtp.go
index 81bc8b1..30c1905 100644
--- a/internal/network/srtp.go
+++ b/internal/network/srtp.go
@@ -34,14 +34,14 @@ func (m *Manager) CreateContextSRTP(keyingMaterial []byte) error {

 	var err error
 	m.srtpInboundContextLock.Lock()
-	m.srtpInboundContext, err = srtp.CreateContext(serverWriteKey[0:16], serverWriteKey[16:] /* Profile */, "")
+	m.srtpInboundContext, err = srtp.CreateContext(clientWriteKey[0:16], clientWriteKey[16:] /* Profile */, "")
 	m.srtpInboundContextLock.Unlock()
 	if err != nil {
 		return errors.New("failed to build inbound SRTP context")
 	}

 	m.srtpOutboundContextLock.Lock()
-	m.srtpOutboundContext, err = srtp.CreateContext(clientWriteKey[0:16], clientWriteKey[16:] /* Profile */, "")
+	m.srtpOutboundContext, err = srtp.CreateContext(serverWriteKey[0:16], serverWriteKey[16:] /* Profile */, "")
 	m.srtpOutboundContextLock.Unlock()
 	if err != nil {
 		return errors.New("failed to build outbound SRTP context")
	diff --git a/pkg/dtls/conn.go b/pkg/dtls/conn.go
	index 9060bf3..69db502 100644
	--- a/pkg/dtls/conn.go
	+++ b/pkg/dtls/conn.go
	@@ -87,7 +87,7 @@ func createConn(nextConn net.Conn, timerThread timerThread, handshakeMessageHand
	c.localRandom.populate()
	if !isClient {
	c.cookie = make([]byte, cookieLength)
	- c.localKeypair, _ = generateKeypair(namedCurveX25519)
	+ c.localKeypair, _ = generateKeypair(namedCurveP256)

	if _, err := rand.Read(c.cookie); err != nil {
	return nil, err
	diff --git a/pkg/dtls/server_handlers.go b/pkg/dtls/server_handlers.go
	index 6a34456..d6008c5 100644
	--- a/pkg/dtls/server_handlers.go
	+++ b/pkg/dtls/server_handlers.go
	@@ -41,7 +41,7 @@ func serverHandshakeHandler(c *Conn) error {

	case *handshakeMessageClientKeyExchange:
	if c.currFlight.get() == flight4 {
	- c.remoteKeypair = &namedCurveKeypair{namedCurveX25519, h.publicKey, nil}
	+ c.remoteKeypair = &namedCurveKeypair{namedCurveP256, h.publicKey, nil}

	serverRandom, err := c.localRandom.marshal()
	if err != nil {
	@@ -165,7 +165,7 @@ func serverTimerThread(c *Conn) {
	panic(err)
	}

	- signature, err := generateKeySignature(clientRandom, serverRandom, c.localKeypair.publicKey, namedCurveX25519, c.localPrivateKey)
	+ signature, err := generateKeySignature(clientRandom, serverRandom, c.localKeypair.publicKey, namedCurveP256, c.localPrivateKey)
	if err != nil {
	panic(err)
	}
	@@ -182,7 +182,7 @@ func serverTimerThread(c *Conn) {
	},
	handshakeMessage: &handshakeMessageServerKeyExchange{
	ellipticCurveType: ellipticCurveTypeNamedCurve,
	- namedCurve: namedCurveX25519,
	+ namedCurve: namedCurveP256,
	publicKey: c.localKeypair.publicKey,
	hashAlgorithm: HashAlgorithmSHA256,
	signatureAlgorithm: signatureAlgorithmECDSA,
	diff --git a/internal/network/srtp.go b/internal/network/srtp.go
	index 81bc8b1..30c1905 100644
	--- a/internal/network/srtp.go
	+++ b/internal/network/srtp.go
	@@ -34,14 +34,14 @@ func (m *Manager) CreateContextSRTP(keyingMaterial []byte) error {

	var err error
	m.srtpInboundContextLock.Lock()
	- m.srtpInboundContext, err = srtp.CreateContext(serverWriteKey[0:16], serverWriteKey[16:] /* Profile */, "")
	+ m.srtpInboundContext, err = srtp.CreateContext(clientWriteKey[0:16], clientWriteKey[16:] /* Profile */, "")
	m.srtpInboundContextLock.Unlock()
	if err != nil {
	return errors.New("failed to build inbound SRTP context")
	}

	m.srtpOutboundContextLock.Lock()
	- m.srtpOutboundContext, err = srtp.CreateContext(clientWriteKey[0:16], clientWriteKey[16:] /* Profile */, "")
	+ m.srtpOutboundContext, err = srtp.CreateContext(serverWriteKey[0:16], serverWriteKey[16:] /* Profile */, "")
	m.srtpOutboundContextLock.Unlock()
	if err != nil {
	return errors.New("failed to build outbound SRTP context")