[Freeswitch-users] To decypt webrtc audio

Anthony Minessale anthony.minessale at gmail.com
Fri Oct 31 18:49:57 MSK 2014


What I believe the OP is looking for is a tool to extract audio from native
pcaps of a DTLS RTP stream found therein.
pcaputils is such a program but it needs the key as a command line param.

in FS we don't display the keys from the DTLS negotiation because it
defeats the point of why its secure.
So what we would need is a secure practice to log the keys so they could be
used later to run pcaputils.
It would involve a setting to log the keys to the cdr which is much less
secure than the intended point of DTLS audio.
Its a question of responsibility to the security movement and weather or
not its a good idea to open the door to nullifying the security.
It could be justified that it's ok if the user chooses to enable it but
typically the security community frowns on any ways to actively disable
security.

Obviously, FS could just bridge the encrypted RTP to another decrypted
endpoint and record the call on its own as proposed with RTPengine but its
not quite the same as extracting the original audio from a pcap containing
encrypted data.



On Fri, Oct 31, 2014 at 9:38 AM, Varghese Paul <varghesepaul87 at gmail.com>
wrote:

> Hi Ben,
>
> I am looking for a tool like wireshark to decrypt the SRTP packets and
> listen to the audio. RTPengine as you said we can bridge two channels and
> we can't use it as a tool for decrypting SRTP traffic,
>
> Regards
>
> On Fri, Oct 31, 2014 at 7:25 PM, Carlos Ruiz Díaz <
> carlos.ruizdiaz at gmail.com> wrote:
>
>> I understand that this is not what he is intending. Why would he need yet
>> another rtp bridge if FS already does exactly that.
>> On Oct 31, 2014 7:36 AM, "Ben Langfeld" <ben at langfeld.co.uk> wrote:
>>
>>> The way I use rtpengine, it rewrites SDP between the browser and
>>> Asterisk 1.4, terminating DTLS and ICE. Between the browser and rtpengine
>>> is RTP/SAVPF, while between rtpengine and Asterisk is RTP/AVP. rtpengine
>>> generates its keys in what I assume to be the same way the browsers do.
>>>
>>> On 31 October 2014 10:51, Anthony Minessale <anthony.minessale at gmail.com
>>> > wrote:
>>>
>>>> The tool from pjsip mentioned above requires the keys for the srtp
>>>> decryption.  Does the one you mention do it differently?
>>>>
>>>>
>>>> On Friday, October 31, 2014, Ben Langfeld <ben at langfeld.co.uk> wrote:
>>>>
>>>>> Anthony, I think I'm not understanding your concern. Could you explain
>>>>> what you mean by logging the keys?
>>>>>
>>>>> On 30 October 2014 21:01, Anthony Minessale <
>>>>> anthony.minessale at gmail.com> wrote:
>>>>>
>>>>>> The bigger question is how to log the keys without compromising the
>>>>>> point of why its all encrypted.
>>>>>> It would take some careful consideration.
>>>>>>
>>>>>>
>>>>>> On Thu, Oct 30, 2014 at 12:32 PM, Ben Langfeld <ben at langfeld.co.uk>
>>>>>> wrote:
>>>>>>
>>>>>>> rtpengine does indeed allow decryption of DTLS encrypted RTP. I use
>>>>>>> it in front of Asterisk 1.4 for exactly that (and ICE resolution).
>>>>>>>
>>>>>>> On 30 October 2014 14:55, Carlos Ruiz Díaz <
>>>>>>> carlos.ruizdiaz at gmail.com> wrote:
>>>>>>>
>>>>>>>> rtpengine doesn't provide any mean to do any kind of decryption.
>>>>>>>> The keys, however, are easily accessible if you are willing to modify the
>>>>>>>> original software to create such functionality.
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>> Carlos
>>>>>>>>
>>>>>>>> On Thu, Oct 30, 2014 at 10:47 AM, Anthony Minessale <
>>>>>>>> anthony.minessale at gmail.com> wrote:
>>>>>>>>
>>>>>>>>> This is a philosophical debate as to weather or not making the key
>>>>>>>>> available somewhere it can be obtained from nullifies the intended security.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Thu, Oct 30, 2014 at 5:33 AM, Ben Langfeld <ben at langfeld.co.uk>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> Look into rtpengine and perhaps Kamailio to control it.
>>>>>>>>>>
>>>>>>>>>> On 30 October 2014 04:41, Varghese Paul <varghesepaul87 at gmail.com
>>>>>>>>>> > wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi all,
>>>>>>>>>>>
>>>>>>>>>>> We are using freeswitch for handling webrtc calls and the
>>>>>>>>>>> negotiation in DTLS mode.
>>>>>>>>>>>
>>>>>>>>>>> We are looking for a tool to decrypt the traffic between the
>>>>>>>>>>> webrtc client and freeswitch server. I know there is already a tool
>>>>>>>>>>> pcaputils from PJSIP for decrypting the SRTP traffic. Since we are using in
>>>>>>>>>>> DTLS mode we can't use this.
>>>>>>>>>>>
>>>>>>>>>>> Can any one suggest any tool/method to decrypt the webrtc audio?
>>>>>>>>>>>
>>>>>>>>>>> Regards
>>>>>>>>>>>
>>>>>>>>>>> Varghese Paul
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> _________________________________________________________________________
>>>>>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>>>>>> consulting at freeswitch.org
>>>>>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>>>>>
>>>>>>>>>>> Official FreeSWITCH Sites
>>>>>>>>>>> http://www.freeswitch.org
>>>>>>>>>>> http://confluence.freeswitch.org
>>>>>>>>>>> http://www.cluecon.com
>>>>>>>>>>>
>>>>>>>>>>> FreeSWITCH-users mailing list
>>>>>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>>>>>> UNSUBSCRIBE:
>>>>>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>>>>>> http://www.freeswitch.org
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _________________________________________________________________________
>>>>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>>>>> consulting at freeswitch.org
>>>>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>>>>
>>>>>>>>>> Official FreeSWITCH Sites
>>>>>>>>>> http://www.freeswitch.org
>>>>>>>>>> http://confluence.freeswitch.org
>>>>>>>>>> http://www.cluecon.com
>>>>>>>>>>
>>>>>>>>>> FreeSWITCH-users mailing list
>>>>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>>>>> UNSUBSCRIBE:
>>>>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>>>>> http://www.freeswitch.org
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Anthony Minessale II       ♬ @anthmfs  ♬ @FreeSWITCH  ♬
>>>>>>>>>
>>>>>>>>>http://freeswitch.org/http://cluecon.com/>>>>>>>>> http://twitter.com/FreeSWITCH
>>>>>>>>> ☞ irc.freenode.net #freeswitch ☞ *http://freeswitch.org/g+
>>>>>>>>> <http://freeswitch.org/g+>*
>>>>>>>>>
>>>>>>>>> ClueCon Weekly Development Call
>>>>>>>>> ☎ sip:888 at conference.freeswitch.org  ☎ +19193869900
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _________________________________________________________________________
>>>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>>>> consulting at freeswitch.org
>>>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>>>
>>>>>>>>> Official FreeSWITCH Sites
>>>>>>>>> http://www.freeswitch.org
>>>>>>>>> http://confluence.freeswitch.org
>>>>>>>>> http://www.cluecon.com
>>>>>>>>>
>>>>>>>>> FreeSWITCH-users mailing list
>>>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>>>> UNSUBSCRIBE:
>>>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>>>> http://www.freeswitch.org
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Carlos
>>>>>>>> http://caruizdiaz.com
>>>>>>>>
>>>>>>>>
>>>>>>>> _________________________________________________________________________
>>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>>> consulting at freeswitch.org
>>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>>
>>>>>>>> Official FreeSWITCH Sites
>>>>>>>> http://www.freeswitch.org
>>>>>>>> http://confluence.freeswitch.org
>>>>>>>> http://www.cluecon.com
>>>>>>>>
>>>>>>>> FreeSWITCH-users mailing list
>>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>>> UNSUBSCRIBE:
>>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>>> http://www.freeswitch.org
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _________________________________________________________________________
>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>> consulting at freeswitch.org
>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>
>>>>>>> Official FreeSWITCH Sites
>>>>>>> http://www.freeswitch.org
>>>>>>> http://confluence.freeswitch.org
>>>>>>> http://www.cluecon.com
>>>>>>>
>>>>>>> FreeSWITCH-users mailing list
>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>> UNSUBSCRIBE:
>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>> http://www.freeswitch.org
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Anthony Minessale II       ♬ @anthmfs  ♬ @FreeSWITCH  ♬
>>>>>>
>>>>>>http://freeswitch.org/http://cluecon.com/>>>>>> http://twitter.com/FreeSWITCH
>>>>>> ☞ irc.freenode.net #freeswitch ☞ *http://freeswitch.org/g+
>>>>>> <http://freeswitch.org/g+>*
>>>>>>
>>>>>> ClueCon Weekly Development Call
>>>>>> ☎ sip:888 at conference.freeswitch.org  ☎ +19193869900
>>>>>>
>>>>>>
>>>>>>
>>>>>> _________________________________________________________________________
>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>> consulting at freeswitch.org
>>>>>> http://www.freeswitchsolutions.com
>>>>>>
>>>>>> Official FreeSWITCH Sites
>>>>>> http://www.freeswitch.org
>>>>>> http://confluence.freeswitch.org
>>>>>> http://www.cluecon.com
>>>>>>
>>>>>> FreeSWITCH-users mailing list
>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>> UNSUBSCRIBE:
>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>> http://www.freeswitch.org
>>>>>>
>>>>>
>>>>>
>>>>
>>>> --
>>>> Anthony Minessale II       ♬ @anthmfs  ♬ @FreeSWITCH  ♬
>>>>
>>>>http://freeswitch.org/http://cluecon.com/>>>> http://twitter.com/FreeSWITCH
>>>> ☞ irc.freenode.net #freeswitch ☞ *http://freeswitch.org/g+
>>>> <http://freeswitch.org/g+>*
>>>>
>>>> ClueCon Weekly Development Call
>>>> ☎ sip:888 at conference.freeswitch.org  ☎ +19193869900
>>>>
>>>>
>>>>
>>>>
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:
>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>>
>>>
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>



-- 
Anthony Minessale II       ♬ @anthmfs  ♬ @FreeSWITCH  ♬

☞ http://freeswitch.org/http://cluecon.com/http://twitter.com/FreeSWITCH
☞ irc.freenode.net #freeswitch ☞ *http://freeswitch.org/g+
<http://freeswitch.org/g+>*

ClueCon Weekly Development Call
☎ sip:888 at conference.freeswitch.org  ☎ +19193869900
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20141031/7d2f443b/attachment-0001.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list