[Freeswitch-dev] Debugging DTLS for WebRTC
Sam Russell
sam.h.russell at gmail.com
Wed Sep 25 03:05:26 MSD 2013
Thanks Anthony.
For future reference, Chrome has DTLS disabled by default, so in JsSIP
(check their source for how to clone your own full copy and hack on it) you
just need to override this bit in js/gui.js
RTCConstraints: {"optional": [{'DtlsSrtpKeyAgreement': 'true'}]} // change
true to false
After this, it only uses FreeSwitch's key, and you can then decrypt the
handshake correctly in Wireshark - but it looks like Wireshark won't let
you decode SRTP (it doesn't seem to handle the 0x80->RTCP muxing in the
DTLS packets, and it won't let you choose SRTP as the inner protocol) -
screenshot shows the output I get from wireshark 1.10.2 -
http://i.imgur.com/NyVHAdy.png
Am I being a bit silly here, or does wireshark not yet have the capability
to decode SRTP in DTLS?
Cheers
Sam
On Wed, Sep 25, 2013 at 3:07 AM, Anthony Minessale <
anthony.minessale at gmail.com> wrote:
> They generate them iirc.
> There is a constraints field in the javascript that tells if you want to
> use dtls or not.
> Have you tried it with jssip?
>
>
>
> On Tue, Sep 24, 2013 at 5:00 AM, Sam Russell <sam.h.russell at gmail.com>wrote:
>
>> Hi,
>>
>> I've spent a few hours digging through captures and RFCs and I think I
>> found where I'm getting caught - having the server key isn't enough - you
>> need the client key (i.e. from your browser). I've got a couple of issues
>> I'm tracking down with WebRTC support for FreeSwitch, does anybody know how
>> to export private keys from Chrome/Firefox that they use for WebRTC? If I
>> can get the browser private key AND the key from Freeswitch (dtls-srtp.key
>> by the looks) then I can decrypt a DTLS stream and figure out what's going
>> on.
>>
>> Cheers
>> Sam
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>>
>>
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-dev mailing list
>> FreeSWITCH-dev at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-dev
>> http://www.freeswitch.org
>>
>>
>
>
> --
> Anthony Minessale II
>
> FreeSWITCH http://www.freeswitch.org/
> ClueCon http://www.cluecon.com/
> Twitter: http://twitter.com/FreeSWITCH_wire
>
> AIM: anthm
> MSN:anthony_minessale at hotmail.com
> GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com
> IRC: irc.freenode.net #freeswitch
>
> FreeSWITCH Developer Conference
> sip:888 at conference.freeswitch.org
> googletalk:conf+888 at conference.freeswitch.org
> pstn:+19193869900
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
>
>
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-dev mailing list
> FreeSWITCH-dev at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-dev
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-dev/attachments/20130925/01011217/attachment.html
Join us at ClueCon 2013 Aug 6-8, 2013
More information about the FreeSWITCH-dev
mailing list