Hi all,
I have a media server and it is able to handle SRTP, provided the crypto key.
We are planning to give webrtc support to the media server. We are using opensips+rtpengine for that.
For dtls, we are using rtpengine. The rtpengine just needs to do the dtls handshake and it needs to fetch the crypto key and it should provide the key to media server, so that the media server will be able to handle the SRTP traffic.
We are bit struggling, how to get the crypto keys from rtpengine and send it to opensips and opensips will send it to media server.
how this can be done? your suggestions will help us a lot.
Thanks, Riko
Hi all,
I have a media server and it is able to handle SRTP, provided the crypto key.
We are planning to give webrtc support to the media server. We are using opensips+rtpengine for that.
For dtls, we are using rtpengine. The rtpengine just needs to do the dtls handshake and it needs to fetch the crypto key and it should provide the key to media server, so that the media server will be able to handle the SRTP traffic.
We are bit struggling, how to get the crypto keys from rtpengine and send it to opensips and opensips will send it to media server.
how this can be done? your suggestions will help us a lot.
Thanks, Riko
On 01/12/2016 04:09 AM, riko nir wrote:
Hi all,
I have a media server and it is able to handle SRTP, provided the crypto key.
We are planning to give webrtc support to the media server. We are using opensips+rtpengine for that.
For dtls, we are using rtpengine. The rtpengine just needs to do the dtls handshake and it needs to fetch the crypto key and it should provide the key to media server, so that the media server will be able to handle the SRTP traffic.
We are bit struggling, how to get the crypto keys from rtpengine and send it to opensips and opensips will send it to media server.
how this can be done? your suggestions will help us a lot.
The only place the crypto key appears is in the debug log output. It's printed there after the handshake completes. Other than that, this mode of operation is completely unsupported.
Cheers
Hi, Thanks for the answer.
Do you have any options for sending this keys to opensips somehow, by modifying the code in rtpengine and in opesips script file?
Also, I have another query. The SRTP keys that we are getting after the DTLS handshake is common for both audio and video streams for both RTP and RTCP?
Whether the streams from the webrtc client is coming as multiplexed or not multiplexed one, and how rtpengine is handling it?
Thanks.
On Tue, Jan 12, 2016 at 7:08 PM, Richard Fuchs rfuchs@sipwise.com wrote:
On 01/12/2016 04:09 AM, riko nir wrote:
Hi all,
I have a media server and it is able to handle SRTP, provided the crypto key.
We are planning to give webrtc support to the media server. We are using opensips+rtpengine for that.
For dtls, we are using rtpengine. The rtpengine just needs to do the dtls handshake and it needs to fetch the crypto key and it should provide the key to media server, so that the media server will be able to handle the SRTP traffic.
We are bit struggling, how to get the crypto keys from rtpengine and send it to opensips and opensips will send it to media server.
how this can be done? your suggestions will help us a lot.
The only place the crypto key appears is in the debug log output. It's printed there after the handshake completes. Other than that, this mode of operation is completely unsupported.
Cheers
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
On 01/13/2016 02:37 AM, riko nir wrote:
Hi, Thanks for the answer.
Do you have any options for sending this keys to opensips somehow, by modifying the code in rtpengine and in opesips script file?
I don't know much about Opensips and so can't provide guidance about how to pass these values back to it.
Also, I have another query. The SRTP keys that we are getting after the DTLS handshake is common for both audio and video streams for both RTP and RTCP?
Not necessarily. Multiple media streams normally use different ports and this will result in multiple DTLS sessions and thus different SRTP keys. The only exception is when BUNDLE is in use, but rtpengine will always break out of BUNDLE. As for RTCP, if RTP and RTCP use the same port on both sides (full rtcp-mux) then the keys will be the same. In all other cases, two DTLS sessions will be established and this will result in two sets of SRTP keys.
Cheers
-
Richard Fuchs -
riko nir