Crate srtp

Bindings to libsrtp2

This crate provides a safe interface to the libsrtp2 library.

DTLS-SRTP using OpenSSL

use openssl::pkey::PKey;
use openssl::ssl::{Ssl, SslAcceptor, SslMethod};
use openssl::x509::X509;

openssl::init();

let mut ctx = SslAcceptor::mozilla_modern(SslMethod::dtls())?;
ctx.set_tlsext_use_srtp(srtp::openssl::SRTP_PROFILE_NAMES)?;
let pkey = PKey::private_key_from_pem(pkey)?;
let cert = X509::from_pem(cert)?;
ctx.set_private_key(&*pkey)?;
ctx.set_certificate(&*cert)?;
ctx.check_private_key()?;
let ctx = ctx.build().into_context();

let mut ssl = Ssl::new(&ctx)?;
ssl.set_mtu(1200)?;
let stream = if is_server {
    ssl.accept(stream)?
} else {
    ssl.connect(stream)?
};

let (mut inbound, mut outbound) =
    srtp::openssl::session_pair(stream.ssl(), Default::default())?;

let mut pkt = b"not a valid SRTP packet".to_vec();
if let Err(err) = inbound.unprotect(&mut pkt) {
    println!("Failed to unprotect inbound SRTP packet: {}", err);
}

let mut pkt = b"not a valid RTP packet".to_vec();
if let Err(err) = outbound.protect(&mut pkt) {
    println!("Failed to protect outbound RTP packet: {}", err);
}

Standalone usage

Create a Session to decrypt every incoming SRTP packets.

let key = &[0u8; 30][..]; // DO NOT USE IT ON PRODUCTION
let mut packet = b"not a valid SRTP packet".to_vec();

let mut session = srtp::Session::with_inbound_template(srtp::StreamPolicy {
    key,
    rtp: srtp::CryptoPolicy::aes_cm_128_hmac_sha1_80(),
    rtcp: srtp::CryptoPolicy::aes_cm_128_hmac_sha1_80(),
    ..Default::default()
}).unwrap();

match session.unprotect(&mut packet) {
    Ok(()) => println!("SRTP packet unprotected"),
    Err(err) => println!("Error unprotecting SRTP packet: {}", err),
};

Re-exports

• pub use session::Session;
• pub use session::StreamPolicy;
• pub use srtp2_sys as sys;

Modules

• openssl
  DTLS-SRTP implementation using OpenSSL
• session
  SRTP session and its core functionalities
• vec_like
  The VecLike trait and its supplement types.

Structs

• CryptoPolicy
  Cryptography policy used by the SRTP protection.
• Error
  SRTP error.

Functions

• ensure_init
  Initialize the libsrtp eagerly.
• get_version
  Returns the numeric representation of the libsrtp version.
• get_version_string
  Returns the version string of the libsrtp.