Lib.rs

Cryptography
#media #protocols #video #networking #audio-video #audio

msf-srtp

Secure Real-time Transport Protocol (SRTP) for Rust

by Ondřej Perutka

2 unstable releases

0.2.0 May 2, 2022
0.1.0 Apr 1, 2022

#1960 in Cryptography


Used in msf-webrtc

MIT license

165KB
4K SLoC

Secure Real-time Transport Protocol

Implementation of DTLS-SRTP as defined in RFC 5764 and RFC 3711.

lib.rs:

This crate implements DTLS-SRTP as defined in RFC 5764. The RFC is built on top of:

  • RFC 3711 (SRTP)
  • RFC 4347 (DTLS)
  • RFC 8122 (TLS in SDP)

Usage example

use openssl::{pkey::PKey, rsa::Rsa};

// a UDP stream + sink
let stream = ...;

// peer certificate fingerprint from SDP
let cert_fingerprint = "...";

// peer setup attribute from SDP
let setup = "...";

let connect = match setup {
    "active" | "actpass" => true,
    "passive" => false,
    _ => panic!("unsupported setup"),
};

// generate a private key (can be application-wide)
let rsa = Rsa::generate(2048)?;
let key = PKey::from_rsa(rsa)?;

let context = SrtpContext::self_signed(&key)?;

let stream = if connect {
    context.connect_muxed(stream, cert_fingerprint).await?
} else {
    context.accept_muxed(stream, cert_fingerprint).await?
};

Dependencies

~4.5–6.5MB
~123K SLoC