View Source ExLibSRTP.Policy (ExLibSRTP v0.6.0)

Policy for setting up SRTP stream configuration.

For meaning of particular fields maps to the fields of srtp_policy_t C struct found in libSRTP. It is described in srtp.h header

Here's a brief description:

  • :ssrc - Either an accepted SSRC or atoms mapping to SSRC_ANY_(INBOUND/OUTBOUND) flags
  • :key - a master key for encrpytion
  • :rtp - crypto profile defining a policy for RTP encryption
  • :rtcp - crypto profile defining a policy for RTCP encryption
  • :windows_size - the sequence number window size used for replay protection As the comment here says, it must be at least 64 and any value above 2^15 (32768) won't be effective as explained here. The default value is 128
  • :allow_repeat_tx - if true, packet with repeated sequence number won't cause an error. Note that unless the RTP payload is the same it may introduce a severe security weakness.

Link to this section Summary

Link to this section Types

@type crypto_profile_t() ::
  | :rtcp_default
  | :aes_cm_128_hmac_sha1_80
  | :aes_cm_128_hmac_sha1_32
  | :aes_cm_128_null_auth
  | :null_cipher_hmac_sha1_80
  | :null_cipher_hmac_null
  | :aes_cm_256_hmac_sha1_80
  | :aes_cm_256_hmac_sha1_32
  | :aes_cm_256_null_auth
  | :aes_cm_192_hmac_sha1_80
  | :aes_cm_192_hmac_sha1_32
  | :aes_cm_192_null_auth
  | :aes_gcm_128_8_auth
  | :aes_gcm_256_8_auth
  | :aes_gcm_128_8_only_auth
  | :aes_gcm_256_8_only_auth
  | :aes_gcm_128_16_auth
  | :aes_gcm_256_16_auth
@type key_spec_t() :: binary() | [ExLibSRTP.MasterKey.t()]
@type ssrc_pattern_t() :: ExLibSRTP.ssrc_t() | :any_inbound | :any_outbound
@type t() :: %ExLibSRTP.Policy{
  allow_repeat_tx: boolean(),
  key: key_spec_t(),
  rtcp: crypto_profile_t(),
  rtp: crypto_profile_t(),
  ssrc: ssrc_pattern_t(),
  window_size: 64..32768 | :default

Link to this section Functions

Link to this function


View Source
@spec crypto_profile_from_dtls_srtp_protection_profile(
  value :: pos_integer() | {pos_integer(), pos_integer()}
) :: {:ok, crypto_profile_t()} | {:error, :unsupported_crypto_profile}

Relevant specification: