RTSP/SRTP in gstreamer (MIKEY vrl2rtspserver)

Fri Mar 28 20:04:34 UTC 2025

Le jeudi 27 mars 2025 à 06:24 +0000, Manikandan Valaguru via gstreamer-
devel a écrit :
> 
> Hi,
> I am currently working with a custom v4l2rtspserver built on Live555,
> aiming to enable RTSPS (RTSP over TLS) and SRTP (Secure RTP) for
> secure video streaming. My objective is to stream encrypted video and
> successfully decode it in GStreamer.

You may have used GstRtspServer library instead, which already
implement all this security.

> 
> 
> Based on my understanding:
> 
> 
>     RTSPS encryption and decryption rely on TLS certificates.
> 
> 
>     SRTP requires a decryption key, which can be extracted from the
> MIKEY data in the SDP (Session Description Protocol) of the RTSP
> response.
> 
> 
>     Using this key, I need to construct a GStreamer pipeline to
> decrypt SRTP packets.
> 
> 
> Could you confirm if this approach is correct?
> 
> 
> Currently, I am extracting the SRTP key from the SDP session and
> embedding it into the GStreamer pipeline as follows:
> 
> 
> GST_DEBUG=3 gst-launch-1.0 rtspsrc
> location=rtsps://econ:econ@192.168.1.23:5005/routecam tls-validation-
> flags=4 protocols=udp \
>     ! application/x-srtp, srtp-
> key=a053ace0edcaba09192bff35fa01da6170317cd36af12b87be015f416701, \
>       srtp-cipher=aes-128-icm, srtp-auth=hmac-sha1-80, roc=0 \
>     ! srtpdec \
>     ! rtph264depay \
>     ! avdec_h264 \
>     ! xvimagesink -v

Decryption is implemented inside rtspsrc element. In the RFC defined
protocol, the keys are provision by the server. Though we also have a
non-compliant mode where the keys are managed by the client.  Here's
pointer to the doc. Note that there is very little to no activity on
the mailing. We encourage to use discourse.gstreamer.org for future
questions.

-
 https://gstreamer.freedesktop.org/documentation/rtsp/rtspsrc.html?gi-language=c#rtspsrc:client-managed-mikey
-
 https://gstreamer.freedesktop.org/documentation/rtsp/rtspsrc.html?gi-language=c#example-launch-line

> 
> 
> However, I am encountering issues during playback. I have attached
> the error logs and MIKEY data for reference. Could you please review
> them and let me know if I am missing anything?
> 
> 
> Looking forward to your insights.
> 
> Regards,
> Manikandan
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you are not the named addressee you should not
> disseminate, distribute or copy this e-mail. Taking any action in
> reliance on the contents of this information is strictly prohibited.
> Please notify the sender immediately by e-mail if you have received
> this e-mail by mistake and delete this e-mail from your system.
> WARNING: Although the company has taken reasonable precautions to
> ensure no viruses are present in this email, e-con cannot accept
> responsibility for any loss or damage arising from the use of this
> email or attachment.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/gstreamer-devel/attachments/20250328/6938a387/attachment.htm>