[OpenSIPS-Users] RTPENGINE RTP-SRTP

Ricardo Martinez rmartinez at redvoiss.net
Wed Nov 25 21:32:23 EST 2020 

Hi.

I’m trying to use RTPENGINE + OPENSIPS to connect a RTP PBX with a External
SRTP.

For this I’m using RTPENGINE module.

Questions.

Is there a way to indicate to RTPENGINE to use certain cypher suite?.  Now,
I hace in the offer :

m=audio 62768 RTP/SAVP 120 9 0 8 18 101

a=rtpmap:120 opus/48000/2

a=fmtp:120 useinbandfec=1; usedtx=1; maxaveragebitrate=64000

a=rtpmap:18 G729/8000

a=fmtp:18 annexb=yes

a=rtpmap:101 telephone-event/8000

a=fmtp:101 0-15

a=crypto:1 AES_256_CM_HMAC_SHA1_80
inline:dVwYFc1ARkmoeVkPN9JdKXYbJHEA1womGZ3X4gvs3rGZHQew3AaHURWjvO6YtA==

a=crypto:2 AES_256_CM_HMAC_SHA1_32
inline:oSgNVYgBtcnf9/tRduZ/3LUgTwqQMfUsOyQcZutOAnBhb+kOdtLN/o6Ezt/e/Q==

a=crypto:3 AES_CM_128_HMAC_SHA1_80
inline:PEwsve6fAIxUVHbBnhLZb303atLbFpw193GkTn/Q

a=crypto:4 AES_CM_128_HMAC_SHA1_32
inline:XRtaI0RO1Sfhaf8ZstLX5eRUF07y0vIcv9iAOVhC

a=sendrecv



And then in the ANSWER from RTPENGINE.



o=root 2039350566 2039350566 IN IP4 64.76.XXX.94

s=GHJ

c=IN IP4 64.76.XXX.133

t=0 0

m=audio 10674 RTP/SAVP 0 101

a=maxptime:150

a=rtpmap:0 PCMU/8000

a=rtpmap:101 telephone-event/8000

a=fmtp:101 0-16

a=sendrecv

a=rtcp:10675

a=crypto:1 AES_256_CM_HMAC_SHA1_80
inline:mObON802Wis2GH0puTCaOznh7as+BTpu1IBZAzNcocQFn95N9YGuZRZ7dNWcyA





Second.

I’m getting an error in the UA client with SRTP.  Indicating this:

2020-11-25 16:45:20.755 | DEBUG | 104875
RemoteParticipant::adjustRTPStreams(): Crypto Suite:
SRTP_AES_256_CM_HMAC_SHA1_80 Cipher Key Length: 46 SDP Cipher Key Length: 45

2020-11-25 16:45:20.755 | INFO | 104875
RemoteParticipant::adjustRTPStreams(): SDES crypto key found in SDP, but is
not of correct length after base 64 decode: 45, should be: 46



Could it be that the cipher key length calculated by RTPENGINE is cut? Or
maybe I’m missing something?  Is possible that maybe my Centos 7 is cutting
the message ?

On the other hand, is possible to force rtpengine to use another of the
cipher suites?

a=crypto:1 AES_256_CM_HMAC_SHA1_80
inline:dVwYFc1ARkmoeVkPN9JdKXYbJHEA1womGZ3X4gvs3rGZHQew3AaHURWjvO6YtA==

a=crypto:2 AES_256_CM_HMAC_SHA1_32
inline:oSgNVYgBtcnf9/tRduZ/3LUgTwqQMfUsOyQcZutOAnBhb+kOdtLN/o6Ezt/e/Q==

a=crypto:3 AES_CM_128_HMAC_SHA1_80
inline:PEwsve6fAIxUVHbBnhLZb303atLbFpw193GkTn/Q

a=crypto:4 AES_CM_128_HMAC_SHA1_32
inline:XRtaI0RO1Sfhaf8ZstLX5eRUF07y0vIcv9iAOVhC



Does someone have any idea here?

Thanks in advance,

Best Regards,





*Ricardo Martinez*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20201125/c7c3f48c/attachment.html>

More information about the Users mailing list