package srtp
Import Path
github.com/pion/srtp/v3 (on go.dev)
Dependency Relation
imports 21 packages, and imported by one package
Involved Source Files
context.go
crypto.go
errors.go
key_derivation.go
keying.go
option.go
protection_profile.go
protection_profile_with_args.go
session.go
session_srtcp.go
session_srtp.go
srtcp.go
Package srtp implements Secure Real-time Transport Protocol
srtp_cipher.go
srtp_cipher_aead_aes_gcm.go
srtp_cipher_aes_cm_hmac_sha1.go
stream.go
stream_srtcp.go
stream_srtp.go
util.go
Package-Level Type Names (total 13)
Config is used to configure a session.
You can provide either a KeyingMaterialExporter to export keys
or directly pass the keys themselves.
After a Config is passed to a session it must not be modified.
AcceptStreamTimeout time.Time
BufferFactory func(packetType packetio.BufferPacketType, ssrc uint32) io.ReadWriteCloser
Keys SessionKeys
List of local/remote context options.
ReplayProtection is enabled on remote context by default.
Default replay protection window size is 64.
LoggerFactory logging.LoggerFactory
Profile ProtectionProfile
List of local/remote context options.
ReplayProtection is enabled on remote context by default.
Default replay protection window size is 64.
ExtractSessionKeysFromDTLS allows setting the Config SessionKeys by
extracting them from DTLS. This behavior is defined in RFC5764:
https://tools.ietf.org/html/rfc5764
func NewSessionSRTCP(conn net.Conn, config *Config) (*SessionSRTCP, error)
func NewSessionSRTP(conn net.Conn, config *Config) (*SessionSRTP, error)
Context represents a SRTP cryptographic context.
Context can only be used for one-way operations.
it must either used ONLY for encryption or ONLY for decryption.
Note that Context does not provide any concurrency protection:
access to a Context from multiple goroutines requires external
synchronization.
AddCipherForMKI adds new MKI with associated masker key and salt.
Context must be created with MasterKeyIndicator option
to enable MKI support. MKI must be unique and have the same length as the one used for creating Context.
Operation is not thread-safe, you need to provide synchronization with decrypting packets.
DecryptRTCP decrypts a buffer that contains a RTCP packet.
DecryptRTP decrypts a RTP packet with an encrypted payload.
EncryptRTCP Encrypts a RTCP packet.
EncryptRTP marshals and encrypts an RTP packet, writing to the dst buffer provided.
If the dst buffer does not have the capacity to hold `len(plaintext) + 10` bytes,
a new one will be allocated and returned.
If a rtp.Header is provided, it will be Unmarshaled using the plaintext.
Index returns SRTCP index value of specified SSRC.
ROC returns SRTP rollover counter value of specified SSRC.
RemoveMKI removes one of MKIs. You cannot remove last MKI and one used for encrypting RTP/RTCP packets.
Operation is not thread-safe, you need to provide synchronization with decrypting packets.
SetIndex sets SRTCP index value of specified SSRC.
SetROC sets SRTP rollover counter value of specified SSRC.
SetSendMKI switches MKI and cipher used for encrypting RTP/RTCP packets.
Operation is not thread-safe, you need to provide synchronization with encrypting packets.
func CreateContext(masterKey, masterSalt []byte, profile ProtectionProfile, opts ...ContextOption) (c *Context, err error)
ContextOption represents option of Context using the functional options pattern.
func MasterKeyIndicator(mki []byte) ContextOption
func RolloverCounterCarryingTransform(mode RCCMode, rocTransmitRate uint16) ContextOption
func SRTCPEncryption() ContextOption
func SRTCPNoEncryption() ContextOption
func SRTCPNoReplayProtection() ContextOption
func SRTCPReplayDetectorFactory(fn func() replaydetector.ReplayDetector) ContextOption
func SRTCPReplayProtection(windowSize uint) ContextOption
func SRTPAuthenticationTagLength(authTagRTPLen int) ContextOption
func SRTPEncryption() ContextOption
func SRTPNoEncryption() ContextOption
func SRTPNoReplayProtection() ContextOption
func SRTPReplayDetectorFactory(fn func() replaydetector.ReplayDetector) ContextOption
func SRTPReplayProtection(windowSize uint) ContextOption
func CreateContext(masterKey, masterSalt []byte, profile ProtectionProfile, opts ...ContextOption) (c *Context, err error)
KeyingMaterialExporter allows package SRTP to extract keying material.
( KeyingMaterialExporter) ExportKeyingMaterial(label string, context []byte, length int) ([]byte, error)
*github.com/pion/dtls/v2.State
*github.com/pion/dtls/v3.State
*github.com/quic-go/quic-go/internal/handshake.ConnectionState
*crypto/tls.ConnectionState
func (*Config).ExtractSessionKeysFromDTLS(exporter KeyingMaterialExporter, isClient bool) error
ProtectionProfile specifies Cipher and AuthTag details, similar to TLS cipher suite.
AEADAuthTagLen returns length of authentication tag in bytes for AEAD protection profiles.
For AES ones it returns zero.
AuthKeyLen returns length of authentication key in bytes for AES protection profiles.
For AEAD ones it returns zero.
AuthTagRTCPLen returns length of RTCP authentication tag in bytes for AES protection profiles.
For AEAD ones it returns zero.
AuthTagRTPLen returns length of RTP authentication tag in bytes for AES protection profiles.
For AEAD ones it returns zero.
KeyLen returns length of encryption key in bytes.
For all profiles except NullHmacSha1_32 and NullHmacSha1_80 is
also the length of the session key.
SaltLen returns length of salt key in bytes.
For all profiles except NullHmacSha1_32 and NullHmacSha1_80
is also the length of the session salt.
String returns the name of the protection profile.
ProtectionProfile : expvar.Var
ProtectionProfile : fmt.Stringer
func CreateContext(masterKey, masterSalt []byte, profile ProtectionProfile, opts ...ContextOption) (c *Context, err error)
const ProtectionProfileAeadAes128Gcm
const ProtectionProfileAeadAes256Gcm
const ProtectionProfileAes128CmHmacSha1_32
const ProtectionProfileAes128CmHmacSha1_80
const ProtectionProfileAes256CmHmacSha1_32
const ProtectionProfileAes256CmHmacSha1_80
const ProtectionProfileNullHmacSha1_32
const ProtectionProfileNullHmacSha1_80
RCCMode is the mode of Roll-over Counter Carrying Transform from RFC 4771.
func RolloverCounterCarryingTransform(mode RCCMode, rocTransmitRate uint16) ContextOption
const RCCMode1
const RCCMode2
const RCCMode3
const RCCModeNone
ReadStreamSRTCP handles decryption for a single RTCP SSRC.
Close removes the ReadStream from the session and cleans up any associated state.
GetSSRC returns the SSRC we are demuxing for.
Read reads and decrypts full RTCP packet from the nextConn.
ReadRTCP reads and decrypts full RTCP packet and its header from the nextConn.
SetReadDeadline sets the deadline for the Read operation.
Setting to zero means no deadline.
*ReadStreamSRTCP : github.com/pion/datachannel.ReadDeadliner
*ReadStreamSRTCP : github.com/prometheus/common/expfmt.Closer
*ReadStreamSRTCP : io.Closer
*ReadStreamSRTCP : io.ReadCloser
*ReadStreamSRTCP : io.Reader
func (*SessionSRTCP).AcceptStream() (*ReadStreamSRTCP, uint32, error)
func (*SessionSRTCP).OpenReadStream(ssrc uint32) (*ReadStreamSRTCP, error)
ReadStreamSRTP handles decryption for a single RTP SSRC.
Close removes the ReadStream from the session and cleans up any associated state.
GetSSRC returns the SSRC we are demuxing for.
Read reads and decrypts full RTP packet from the nextConn.
ReadRTP reads and decrypts full RTP packet and its header from the nextConn.
SetReadDeadline sets the deadline for the Read operation.
Setting to zero means no deadline.
*ReadStreamSRTP : github.com/pion/datachannel.ReadDeadliner
*ReadStreamSRTP : github.com/prometheus/common/expfmt.Closer
*ReadStreamSRTP : io.Closer
*ReadStreamSRTP : io.ReadCloser
*ReadStreamSRTP : io.Reader
func (*SessionSRTP).AcceptStream() (*ReadStreamSRTP, uint32, error)
func (*SessionSRTP).OpenReadStream(ssrc uint32) (*ReadStreamSRTP, error)
SessionKeys bundles the keys required to setup an SRTP session.
LocalMasterKey []byte
LocalMasterSalt []byte
RemoteMasterKey []byte
RemoteMasterSalt []byte
SessionSRTCP implements io.ReadWriteCloser and provides a bi-directional SRTCP session
SRTCP itself does not have a design like this, but it is common in most applications
for local/remote to each have their own keying material. This provides those patterns
instead of making everyone re-implement.
AcceptStream returns a stream to handle RTCP for a single SSRC.
Close ends the session.
OpenReadStream opens a read stream for the given SSRC, it can be used
if you want a certain SSRC, but don't want to wait for AcceptStream.
OpenWriteStream returns the global write stream for the Session.
*SessionSRTCP : github.com/prometheus/common/expfmt.Closer
*SessionSRTCP : io.Closer
func NewSessionSRTCP(conn net.Conn, config *Config) (*SessionSRTCP, error)
SessionSRTP implements io.ReadWriteCloser and provides a bi-directional SRTP session
SRTP itself does not have a design like this, but it is common in most applications
for local/remote to each have their own keying material. This provides those patterns
instead of making everyone re-implement.
AcceptStream returns a stream to handle RTCP for a single SSRC.
Close ends the session.
OpenReadStream opens a read stream for the given SSRC, it can be used
if you want a certain SSRC, but don't want to wait for AcceptStream.
OpenWriteStream returns the global write stream for the Session.
*SessionSRTP : github.com/prometheus/common/expfmt.Closer
*SessionSRTP : io.Closer
func NewSessionSRTP(conn net.Conn, config *Config) (*SessionSRTP, error)
WriteStreamSRTCP is stream for a single Session that is used to encrypt RTCP.
SetWriteDeadline sets the deadline for the Write operation.
Setting to zero means no deadline.
Write encrypts and writes a full RTCP packets to the nextConn.
WriteRTCP encrypts a RTCP header and its payload to the nextConn.
*WriteStreamSRTCP : github.com/pion/datachannel.WriteDeadliner
*WriteStreamSRTCP : github.com/miekg/dns.Writer
*WriteStreamSRTCP : internal/bisect.Writer
*WriteStreamSRTCP : io.Writer
func (*SessionSRTCP).OpenWriteStream() (*WriteStreamSRTCP, error)
WriteStreamSRTP is stream for a single Session that is used to encrypt RTP.
SetWriteDeadline sets the deadline for the Write operation.
Setting to zero means no deadline.
Write encrypts and writes a full RTP packets to the nextConn.
WriteRTP encrypts a RTP packet and writes to the connection.
*WriteStreamSRTP : github.com/pion/datachannel.WriteDeadliner
*WriteStreamSRTP : github.com/pion/webrtc/v4.TrackLocalWriter
*WriteStreamSRTP : github.com/miekg/dns.Writer
*WriteStreamSRTP : internal/bisect.Writer
*WriteStreamSRTP : io.Writer
func (*SessionSRTP).OpenWriteStream() (*WriteStreamSRTP, error)
Package-Level Functions (total 16)
CreateContext creates a new SRTP Context.
CreateContext receives variable number of ContextOption-s.
Passing multiple options which set the same parameter let the last one valid.
Following example create SRTP Context with replay protection with window size of 256.
decCtx, err := srtp.CreateContext(key, salt, profile, srtp.SRTPReplayProtection(256))
MasterKeyIndicator sets RTP/RTCP MKI for the initial master key. Array passed as an argument will be
copied as-is to encrypted SRTP/SRTCP packets, so it must be of proper length and in Big Endian format.
All MKIs added later using Context.AddCipherForMKI must have the same length as the one used here.
NewSessionSRTCP creates a SRTCP session using conn as the underlying transport.
NewSessionSRTP creates a SRTP session using conn as the underlying transport.
RolloverCounterCarryingTransform enables Rollover Counter Carrying Transform from RFC 4771.
ROC value is sent in Authentication Tag of SRTP packets every rocTransmitRate packets.
RFC 4771 defines 3 RCC modes. pion/srtp supports mode RCCm2 for AES-CM and NULL profiles,
and mode RCCm3 for AES-GCM (AEAD) profiles.
From RFC 4771: "[For modes RCCm1 and and RCCm3] the length of the MAC is shorter than the length
of the authentication tag. To achieve the same (or less) MAC forgery success probability on all
packets when using RCCm1 or RCCm2, as with the default integrity transform in RFC 3711,
the tag-length must be set to 14 octets, which means that the length of MAC_tr is 10 octets."
Protection profiles ProtectionProfile*CmHmacSha1_32 uses 4-byte SRTP auth tag, so in RCCm2 mode
SRTP packets with ROC will not be integrity protected.
You can increase the length of the authentication tag using SRTPAuthenticationTagLength option
to mitigate this issue.
SRTCPEncryption enables SRTCP encryption.
SRTCPNoEncryption disables SRTCP encryption.
This option is useful when you want to use NullCipher for SRTCP and keep authentication only.
It simplifies debugging and testing, but it is not recommended for production use.
SRTCPNoReplayProtection disables SRTCP replay protection.
SRTCPReplayDetectorFactory sets custom SRTCP replay detector.
SRTCPReplayProtection sets SRTCP replay protection window size.
SRTPAuthenticationTagLength sets length of SRTP authentication tag in bytes for AES-CM protection
profiles. Decreasing the length of the authentication tag is not recommended for production use,
as it decreases integrity protection.
Zero value means that there is no authentication tag, what may be useful for debugging and testing.
This option is ignored for AEAD profiles.
SRTPEncryption enables SRTP encryption.
SRTPNoEncryption disables SRTP encryption.
This option is useful when you want to use NullCipher for SRTP and keep authentication only.
It simplifies debugging and testing, but it is not recommended for production use.
Note: you can also use SRTPAuthenticationTagLength(0) to disable authentication tag too.
SRTPNoReplayProtection disables SRTP replay protection.
SRTPReplayDetectorFactory sets custom SRTP replay detector.
SRTPReplayProtection sets SRTP replay protection window size.
Package-Level Variables (total 2)
ErrFailedToVerifyAuthTag is returned when decryption fails due to invalid authentication tag.
ErrMKINotFound is returned when decryption fails due to unknown MKI value in packet.
Package-Level Constants (total 12)
Supported protection profiles
See https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
AES128_CM_HMAC_SHA1_80 and AES128_CM_HMAC_SHA1_32 are valid SRTP profiles,
but they do not have an DTLS-SRTP Protection Profiles ID assigned
in RFC 5764. They were in earlier draft of this RFC:
https://datatracker.ietf.org/doc/html/draft-ietf-avt-dtls-srtp-03#section-4.1.2
Their IDs are now marked as reserved in the IANA registry. Despite this Chrome supports them:
https://chromium.googlesource.com/chromium/deps/libsrtp/+/84122798bb16927b1e676bd4f938a6e48e5bf2fe/srtp/include/srtp.h#694
Null profiles disable encryption, they are used for debugging and testing.
They are not recommended for production use.
Use of them is equivalent to using ProtectionProfileAes128CmHmacSha1_NN
profile with SRTPNoEncryption and SRTCPNoEncryption options.
Supported protection profiles
See https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
AES128_CM_HMAC_SHA1_80 and AES128_CM_HMAC_SHA1_32 are valid SRTP profiles,
but they do not have an DTLS-SRTP Protection Profiles ID assigned
in RFC 5764. They were in earlier draft of this RFC:
https://datatracker.ietf.org/doc/html/draft-ietf-avt-dtls-srtp-03#section-4.1.2
Their IDs are now marked as reserved in the IANA registry. Despite this Chrome supports them:
https://chromium.googlesource.com/chromium/deps/libsrtp/+/84122798bb16927b1e676bd4f938a6e48e5bf2fe/srtp/include/srtp.h#694
Null profiles disable encryption, they are used for debugging and testing.
They are not recommended for production use.
Use of them is equivalent to using ProtectionProfileAes128CmHmacSha1_NN
profile with SRTPNoEncryption and SRTCPNoEncryption options.
Supported protection profiles
See https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
AES128_CM_HMAC_SHA1_80 and AES128_CM_HMAC_SHA1_32 are valid SRTP profiles,
but they do not have an DTLS-SRTP Protection Profiles ID assigned
in RFC 5764. They were in earlier draft of this RFC:
https://datatracker.ietf.org/doc/html/draft-ietf-avt-dtls-srtp-03#section-4.1.2
Their IDs are now marked as reserved in the IANA registry. Despite this Chrome supports them:
https://chromium.googlesource.com/chromium/deps/libsrtp/+/84122798bb16927b1e676bd4f938a6e48e5bf2fe/srtp/include/srtp.h#694
Null profiles disable encryption, they are used for debugging and testing.
They are not recommended for production use.
Use of them is equivalent to using ProtectionProfileAes128CmHmacSha1_NN
profile with SRTPNoEncryption and SRTCPNoEncryption options.
Supported protection profiles
See https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
AES128_CM_HMAC_SHA1_80 and AES128_CM_HMAC_SHA1_32 are valid SRTP profiles,
but they do not have an DTLS-SRTP Protection Profiles ID assigned
in RFC 5764. They were in earlier draft of this RFC:
https://datatracker.ietf.org/doc/html/draft-ietf-avt-dtls-srtp-03#section-4.1.2
Their IDs are now marked as reserved in the IANA registry. Despite this Chrome supports them:
https://chromium.googlesource.com/chromium/deps/libsrtp/+/84122798bb16927b1e676bd4f938a6e48e5bf2fe/srtp/include/srtp.h#694
Null profiles disable encryption, they are used for debugging and testing.
They are not recommended for production use.
Use of them is equivalent to using ProtectionProfileAes128CmHmacSha1_NN
profile with SRTPNoEncryption and SRTCPNoEncryption options.
Supported protection profiles
See https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
AES128_CM_HMAC_SHA1_80 and AES128_CM_HMAC_SHA1_32 are valid SRTP profiles,
but they do not have an DTLS-SRTP Protection Profiles ID assigned
in RFC 5764. They were in earlier draft of this RFC:
https://datatracker.ietf.org/doc/html/draft-ietf-avt-dtls-srtp-03#section-4.1.2
Their IDs are now marked as reserved in the IANA registry. Despite this Chrome supports them:
https://chromium.googlesource.com/chromium/deps/libsrtp/+/84122798bb16927b1e676bd4f938a6e48e5bf2fe/srtp/include/srtp.h#694
Null profiles disable encryption, they are used for debugging and testing.
They are not recommended for production use.
Use of them is equivalent to using ProtectionProfileAes128CmHmacSha1_NN
profile with SRTPNoEncryption and SRTCPNoEncryption options.
Supported protection profiles
See https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
AES128_CM_HMAC_SHA1_80 and AES128_CM_HMAC_SHA1_32 are valid SRTP profiles,
but they do not have an DTLS-SRTP Protection Profiles ID assigned
in RFC 5764. They were in earlier draft of this RFC:
https://datatracker.ietf.org/doc/html/draft-ietf-avt-dtls-srtp-03#section-4.1.2
Their IDs are now marked as reserved in the IANA registry. Despite this Chrome supports them:
https://chromium.googlesource.com/chromium/deps/libsrtp/+/84122798bb16927b1e676bd4f938a6e48e5bf2fe/srtp/include/srtp.h#694
Null profiles disable encryption, they are used for debugging and testing.
They are not recommended for production use.
Use of them is equivalent to using ProtectionProfileAes128CmHmacSha1_NN
profile with SRTPNoEncryption and SRTCPNoEncryption options.
Supported protection profiles
See https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
AES128_CM_HMAC_SHA1_80 and AES128_CM_HMAC_SHA1_32 are valid SRTP profiles,
but they do not have an DTLS-SRTP Protection Profiles ID assigned
in RFC 5764. They were in earlier draft of this RFC:
https://datatracker.ietf.org/doc/html/draft-ietf-avt-dtls-srtp-03#section-4.1.2
Their IDs are now marked as reserved in the IANA registry. Despite this Chrome supports them:
https://chromium.googlesource.com/chromium/deps/libsrtp/+/84122798bb16927b1e676bd4f938a6e48e5bf2fe/srtp/include/srtp.h#694
Null profiles disable encryption, they are used for debugging and testing.
They are not recommended for production use.
Use of them is equivalent to using ProtectionProfileAes128CmHmacSha1_NN
profile with SRTPNoEncryption and SRTCPNoEncryption options.
Supported protection profiles
See https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
AES128_CM_HMAC_SHA1_80 and AES128_CM_HMAC_SHA1_32 are valid SRTP profiles,
but they do not have an DTLS-SRTP Protection Profiles ID assigned
in RFC 5764. They were in earlier draft of this RFC:
https://datatracker.ietf.org/doc/html/draft-ietf-avt-dtls-srtp-03#section-4.1.2
Their IDs are now marked as reserved in the IANA registry. Despite this Chrome supports them:
https://chromium.googlesource.com/chromium/deps/libsrtp/+/84122798bb16927b1e676bd4f938a6e48e5bf2fe/srtp/include/srtp.h#694
Null profiles disable encryption, they are used for debugging and testing.
They are not recommended for production use.
Use of them is equivalent to using ProtectionProfileAes128CmHmacSha1_NN
profile with SRTPNoEncryption and SRTCPNoEncryption options.
RCCMode1 is RCCm1 mode from RFC 4771. In this mode ROC and truncated auth tag is sent every R-th packet,
and no auth tag in other ones. This mode is not supported by pion/srtp.
RCCMode2 is RCCm2 mode from RFC 4771. In this mode ROC and truncated auth tag is sent every R-th packet,
and full auth tag in other ones. This mode is supported for AES-CM and NULL profiles only.
RCCMode3 is RCCm3 mode from RFC 4771. In this mode ROC is sent every R-th packet (without truncated auth tag),
and no auth tag in other ones. This mode is supported for AES-GCM profiles only.
RCCModeNone is the default mode.
 |
The pages are generated with Golds v0.8.2. (GOOS=linux GOARCH=amd64) Golds is a Go 101 project developed by Tapir Liu. PR and bug reports are welcome and can be submitted to the issue list. Please follow @zigo_101 (reachable from the left QR code) to get the latest news of Golds. |