Skip to content
Library for SRTP (Secure Realtime Transport Protocol)
C Shell Makefile Other
Latest commit ce18c4f Mar 10, 2016 @jfigus jfigus Merge pull request #149 from sdroege/win32-symlink
Don't create a symlink if there is no $(SHAREDLIBVERSION)
Failed to load latest commit information.
crypto Prevent buffer overflow in debug output. Feb 8, 2016
doc Remove outdated libsrtp PDF. Feb 2, 2016
include Clarify documentation on ssrc argument byte order. Feb 3, 2016
srtp Resolve issue 37 by always using BE byte ordering of the RTCP trailer… Jan 12, 2016
test Make srtp_driver compile for MIPS. Mar 10, 2016
.gitignore Ignore "rtp_decoder" binary. Mar 27, 2015
.travis.yml Add test coverage for OpenSSL mode Oct 28, 2015
CHANGES Prepare for 1.5.2 release. Mar 11, 2015
LICENSE created private header file, moved config.h from srtp.h Jul 12, 2006
Makefile.in Don't create a symlink if there is no $(SHAREDLIBVERSION) Feb 24, 2016
README Add support for using OpenSSL SRTP KDF algorithm. This work was origi… May 11, 2015
TODO continuing merge from jesup, several minor fixes Sep 23, 2005
VERSION Pull new branch for 2.0.0 development Oct 31, 2014
config.guess Import the latest versions of config.guess and config.sub from Aug 2, 2011
config.h_win32vc7 Define HAVE_RAND_S if _MSC_VER >= 1400. May 23, 2007
config.hw Fix syntax of preprocessor conditional. May 14, 2010
config.sub Import the latest versions of config.guess and config.sub from Aug 2, 2011
config_in.h Remove obsolete remnants of DEV_URANDOM. Libsrtp is no longer used as… Dec 15, 2015
configure Remove obsolete remnants of DEV_URANDOM. Libsrtp is no longer used as… Dec 15, 2015
configure.in Remove obsolete remnants of DEV_URANDOM. Libsrtp is no longer used as… Dec 15, 2015
install-sh Initial revision Sep 21, 2005
install-win.bat Add an install-win.bat script corresponding to the 'make install' tar… May 15, 2010
libsrtp2.pc.in Rename binary target to libsrtp2 since it's not backwards compatible … Nov 20, 2014
srtp.def Remove spurious literal "\ No newline at end of file" text in file. May 14, 2010
srtp.sln Add a Visual Studio solution (sln) file. May 15, 2010
srtp.vcproj Link the static (.lib) srtp libraries with static C run-time librarie… May 15, 2010
srtp7.sln works on vc7++, cuurently an exe target, must point project to openss… Jul 12, 2006
srtp7.vcproj works on vc7++, cuurently an exe target, must point project to openss… Jul 12, 2006
timing Initial revision Sep 21, 2005
undos.sh Initial revision Sep 21, 2005
update.sh updating dates Jun 8, 2006

README

Secure RTP (SRTP) Reference Implementation
David A. McGrew
Cisco Systems, Inc.
mcgrew@cisco.com


This package provides an implementation of the Secure Real-time
Transport Protocol (SRTP), the Universal Security Transform (UST), and
a supporting cryptographic kernel.  These mechanisms are documented in
the Internet Drafts in the doc/ subdirectory.  The SRTP API is
documented in include/srtp.h, and the library is in libsrtp.a (after
compilation).  An overview and reference manual is available in
doc/libsrtp.pdf.  The PDF documentation is more up to date than this
file.


Installation:

./configure [ options ]       # GNU autoconf script 
make                          # or gmake if needed; use GNU make

The configure script accepts the following options:

   --help              provides a usage summary
   --disable-debug     compile without the runtime debugging system
   --enable-syslog     use syslog for error reporting
   --disable-stdout    use stdout for error reporting
   --enable-console    use /dev/console for error reporting
   --enable-openssl    use OpenSSL crypto primitives
   --with-openssl-dir  Specify location of OpenSSL installation
   --enable-openssl-kdf use OpenSSL SRTP KDF algorithm
   --gdoi              use GDOI key management (disabled at present)

By default, debugging is enabled and stdout is used for debugging.
You can use the above configure options to have the debugging output
sent to syslog or the system console.  Alternatively, you can define
ERR_REPORTING_FILE in include/conf.h to be any other file that can be
opened by libSRTP, and debug messages will be sent to it.  

This package has been tested on Mac OS X (powerpc-apple-darwin1.4),
Cygwin (i686-pc-cygwin), and Sparc (sparc-sun-solaris2.6).  Previous
versions have been tested on Linux and OpenBSD on both x86 and sparc
platforms.

A quick tour of this package:

Makefile		targets: all, clean, ...
README			this file
CHANGES                 change log 
VERSION			version number of this package
LICENSE                 legal details (it's a BSD-like license)
crypto/ciphers/		ciphers (null, aes_icm, ...)
crypto/math/		crypto math routines
crypto/hash/            crypto hashing (hmac, tmmhv2, ...)
crypto/replay/		replay protection
doc/			documentation: rfcs, apis, and suchlike
include/		include files for all code in distribution
srtp/			secure real-time transport protocol implementation
tables/                 apps for generating tables (useful in porting)
test/			test drivers 


Applications

  Several test drivers and a simple and portable srtp application
  are included in the test/ subdirectory.

  test driver	function tested	
  -------------------------------------------------------------
  kernel_driver crypto kernel (ciphers, auth funcs, rng)
  srtp_driver	srtp in-memory tests (does not use the network)
  rdbx_driver	rdbx (extended replay database)
  roc_driver	extended sequence number functions 
  replay_driver	replay database (n.b. not used in libsrtp)
  cipher_driver	ciphers 
  auth_driver	hash functions 

  The app rtpw is a simple rtp application which reads words from
  /usr/dict/words and then sends them out one at a time using [s]rtp.
  Manual srtp keying uses the -k option; automated key management
  using gdoi will be added later.

usage: rtpw [-d <debug>]* [-k|b <key> [-a][-e <key size>][-g]] [-s | -r] dest_ip dest_port
or     rtpw -l

  Either the -s (sender) or -r (receiver) option must be chosen.

  The values dest_ip, dest_port are the ip address and udp port to
  which the dictionary will be sent, respectively.  

  options:

  -s		(s)rtp sender - causes app to send words

  -r		(s)rtp receive - causes app to receive words

  -k <key>      use srtp master key <key>, where the
		key is a hexadecimal value (without the
                leading "0x")

  -b <key>      same as -k but with base64 encoded key

  -e <keysize>  encrypt/decrypt (for data confidentiality)
                (requires use of -k option as well)
                (use 128, 192, or 256 for keysize)

  -g            use AES-GCM mode (must be used with -e) 

  -a            message authentication 
                (requires use of -k option as well)

  -l            list debug modules

  -d <debug>    turn on debugging for module <debug>
  -i            specify input/output file 
                (instead of using dictionary file)


In order to get random 30-byte values for use as key/salt pairs , you
can use the following bash function to format the output of
/dev/random (where that device is available).

function randhex() {
   cat /dev/random | od --read-bytes=32 --width=32 -x | awk '{ print $2 $3 $4 $5 $6 $7 $8 $9 $10 $11 $12 $13 $14 $15 $16 }'
}


An example of an SRTP session using two rtpw programs follows:

set k=c1eec3717da76195bb878578790af71c4ee9f859e197a414a78d5abc7451

[sh1]$ test/rtpw -s -k $k -e 128 -a 0.0.0.0 9999 
Security services: confidentiality message authentication
set master key/salt to C1EEC3717DA76195BB878578790AF71C/4EE9F859E197A414A78D5ABC7451
setting SSRC to 2078917053
sending word: A
sending word: a
sending word: aa
sending word: aal
...

[sh2]$ test/rtpw -r -k $k -e 128 -a 0.0.0.0 9999 
security services: confidentiality message authentication
set master key/salt to C1EEC3717DA76195BB878578790AF71C/4EE9F859E197A414A78D5ABC7451
19 octets received from SSRC 2078917053 word: A
19 octets received from SSRC 2078917053 word: a
20 octets received from SSRC 2078917053 word: aa
21 octets received from SSRC 2078917053 word: aal
...

Implementation Notes

  * The srtp_protect() function assumes that the buffer holding the
    rtp packet has enough storage allocated that the authentication 
    tag can be written to the end of that packet.  If this assumption
    is not valid, memory corruption will ensue.  

  * Automated tests for the crypto functions are provided through
    the cipher_type_self_test() and auth_type_self_test() functions.
    These functions should be used to test each port of this code 
    to a new platform.

  * Replay protection is contained in the crypto engine, and
    tests for it are provided.

  * This implementation provides calls to initialize, protect, and
    unprotect RTP packets, and makes as few as possible assumptions
    about how these functions will be called.  For example, the
    caller is not expected to provide packets in order (though if
    they're called more than 65k out of sequence, synchronization
    will be lost).
    
  * The sequence number in the rtp packet is used as the low 16 bits
    of the sender's local packet index. Note that RTP will start its
    sequence number in a random place, and the SRTP layer just jumps
    forward to that number at its first invocation.  An earlier
    version of this library used initial sequence numbers that are
    less than 32,768; this trick is no longer required as the
    rdbx_estimate_index(...) function has been made smarter.

  * The replay window is 128 bits in length, and is hard-coded to this
    value for now.  


Something went wrong with that request. Please try again.