[Freeswitch-users] WebRTC using rtp_sdes_suites=AES_CM_128_HMAC_SHA1_80

Jerry Chinn JHChinn at TheNavisWay.com
Fri May 4 22:52:14 UTC 2018


Good Day,
Running FS 1.6.17 on CentOS 7.4

We are running WebRTC and are required to use AEAD_AES_256_GCM_8 or AEAD_AES_128_GCM_8 for security.
I have eliminated all of the options in the vars file except rtp_sdes_suites=AEAD_AES_256_GCM_8|AEAD_AES_128_GCM_8.

Calls are successfully completing, however, in debug we are seeing AES_CM_128_HMAC_SHA1_80 as the sdes suite for srtp:dtls.

2018-05-04 22:38:30.429310 [INFO] switch_rtp.c:3185 Changing audio DTLS state from HANDSHAKE to SETUP
2018-05-04 22:38:30.450549 [INFO] switch_rtp.c:3094 audio Fingerprint Verified.
2018-05-04 22:38:30.450549 [INFO] switch_rtp.c:3908 Activating audio Secure RTP SEND
2018-05-04 22:38:30.450549 [DEBUG] switch_core_sqldb.c:2617 Secure Type: srtp:dtls:AES_CM_128_HMAC_SHA1_80
2018-05-04 22:38:30.450549 [INFO] switch_rtp.c:3886 Activating audio Secure RTP RECV
2018-05-04 22:38:30.450549 [INFO] switch_rtp.c:3134 Changing audio DTLS state from SETUP to READY
2018-05-04 22:38:30.450549 [DEBUG] switch_core_sqldb.c:2617 Secure Type: srtp:dtls:AES_CM_128_HMAC_SHA1_80
2018-05-04 22:38:30.450549 [DEBUG] switch_rtp.c:1885 rtcp_stats_init: audio ssrc[3910337773] base_seq[2433]

Any ideas on how or where to change this to the desired encryption protocol?

Jerry Chinn
Telecom VoIP Specialist
NAVIS More Performance. More Profit.
tel 541-330-3562
www.TheNavisWay.com<http://www.thenavisway.com/>
Facebook<https://www.facebook.com/theNAVISway/> | Twitter<https://twitter.com/NAVISway> | LinkedIn<https://www.linkedin.com/company/navisway> | Blog<https://www.thenavisway.com/blog>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20180504/f467beb2/attachment-0001.html>


More information about the FreeSWITCH-users mailing list