{"id":13420312,"url":"https://github.com/cisco/libsrtp","last_synced_at":"2025-05-14T13:07:50.003Z","repository":{"id":7721543,"uuid":"9087423","full_name":"cisco/libsrtp","owner":"cisco","description":"Library for SRTP (Secure Realtime Transport Protocol) ","archived":false,"fork":false,"pushed_at":"2025-03-14T19:39:32.000Z","size":7065,"stargazers_count":1286,"open_issues_count":34,"forks_count":486,"subscribers_count":102,"default_branch":"main","last_synced_at":"2025-05-14T07:42:30.081Z","etag":null,"topics":["libsrtp","rtp","srtp"],"latest_commit_sha":null,"homepage":null,"language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cisco.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGES","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2013-03-28T22:08:25.000Z","updated_at":"2025-05-14T05:30:53.000Z","dependencies_parsed_at":"2023-02-17T03:16:06.491Z","dependency_job_id":"1cf4fe99-a0f0-491c-acf4-8ed0e74c4caf","html_url":"https://github.com/cisco/libsrtp","commit_stats":{"total_commits":1253,"total_committers":108,"mean_commits":"11.601851851851851","dds":0.7853152434158021,"last_synced_commit":"2de20dd9e9c8afbaf02fcf5d4048ce1ec9ddc0ae"},"previous_names":[],"tags_count":30,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisco%2Flibsrtp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisco%2Flibsrtp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisco%2Flibsrtp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisco%2Flibsrtp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cisco","download_url":"https://codeload.github.com/cisco/libsrtp/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254149959,"owners_count":22022851,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["libsrtp","rtp","srtp"],"created_at":"2024-07-30T22:01:31.021Z","updated_at":"2025-05-14T13:07:44.979Z","avatar_url":"https://github.com/cisco.png","language":"C","funding_links":[],"categories":["TODO scan for Android support in followings","Interconnect","others","Developer Resources"],"sub_categories":["SBC, IMS","C/C++ Libraries"],"readme":"[![CMake Build](https://github.com/cisco/libsrtp/actions/workflows/cmake.yml/badge.svg)](https://github.com/cisco/libsrtp/actions/workflows/cmake.yml)\n[![Autotools Build](https://github.com/cisco/libsrtp/actions/workflows/autotools.yml/badge.svg)](https://github.com/cisco/libsrtp/actions/workflows/autotools.yml)\n[![Autotools Build](https://github.com/cisco/libsrtp/actions/workflows/meson.yml/badge.svg)](https://github.com/cisco/libsrtp/actions/workflows/meson.yml)\n[![Coverity Scan Build Status](https://scan.coverity.com/projects/14274/badge.svg)](https://scan.coverity.com/projects/cisco-libsrtp)\n[![OSS-Fuzz Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/systemd.svg)](https://oss-fuzz-build-logs.storage.googleapis.com/index.html#libsrtp)\n\n\u003ca name=\"introduction-to-libsrtp\"\u003e\u003c/a\u003e\n# Introduction to libSRTP\n\nThis package provides an implementation of the Secure Real-time\nTransport Protocol (SRTP), the Universal Security Transform (UST), and\na supporting cryptographic kernel. The SRTP API is documented in include/srtp.h,\nand the library is in libsrtp2.a (after compilation).\n\nThis document describes libSRTP, the Open Source Secure RTP library\nfrom Cisco Systems, Inc. RTP is the Real-time Transport Protocol, an\nIETF standard for the transport of real-time data such as telephony,\naudio, and video, defined by [RFC 3550](https://tools.ietf.org/html/rfc3550).\nSecure RTP (SRTP) is an RTP profile for providing confidentiality to RTP data\nand authentication to the RTP header and payload. SRTP is an IETF Standard,\ndefined in [RFC 3711](https://tools.ietf.org/html/rfc3711), and was developed\nin the IETF Audio/Video Transport (AVT) Working Group. This library supports\nall of the mandatory features of SRTP, but not all of the optional features. See\nthe [Supported Features](#supported-features) section for more detailed information.\n\nThis document is also used to generate the documentation files in the /doc/\nfolder where a more detailed reference to the libSRTP API and related functions\ncan be created (requires installing doxygen.). The reference material is created\nautomatically from comments embedded in some of the C header files. The\ndocumentation is organized into modules in order to improve its clarity. These\nmodules do not directly correspond to files. An underlying cryptographic kernel\nprovides much of the basic functionality of libSRTP but is mostly undocumented\nbecause it does its work behind the scenes.\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"contact-us\"\u003e\u003c/a\u003e\n# Contact Us\n\n- [libsrtp@lists.packetizer.com](mailto:libsrtp@lists.packetizer.com) general mailing list for news / announcements / discussions. This is an open list, see\n[https://lists.packetizer.com/mailman/listinfo/libsrtp](https://lists.packetizer.com/mailman/listinfo/libsrtp) for singing up.\n\n- [libsrtp-security@lists.packetizer.com](mailto:libsrtp-security@lists.packetizer.com) for disclosing security issues to the libsrtp maintenance team. This is a closed list but anyone can send to it.\n\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"contents\"\u003e\u003c/a\u003e\n## Contents\n\n- [Introduction to libSRTP](#introduction-to-libsrtp)\n- [Contact Us](#contact-us)\n  - [Contents](#contents)\n- [License and Disclaimer](#license-and-disclaimer)\n- [libSRTP Overview](#libsrtp-overview)\n  - [Secure RTP Background](#secure-rtp-background)\n  - [Supported Features](#supported-features)\n  - [Implementation Notes](#implementation-notes)\n- [Installing and Building libSRTP](#installing-and-building-libsrtp)\n  - [Changing Build Configuration](#changing-build-configuration)\n  - [Using Visual Studio](#using-visual-studio)\n- [Applications](#applications)\n  - [Example Code](#example-code)\n- [Credits](#credits)\n- [References](#references)\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"license-and-disclaimer\"\u003e\u003c/a\u003e\n# License and Disclaimer\n\nlibSRTP is distributed under the following license, which is included\nin the source code distribution. It is reproduced in the manual in\ncase you got the library from another source.\n\n\u003e Copyright (c) 2001-2017 Cisco Systems, Inc.  All rights reserved.\n\u003e\n\u003e Redistribution and use in source and binary forms, with or without\n\u003e modification, are permitted provided that the following conditions\n\u003e are met:\n\u003e\n\u003e - Redistributions of source code must retain the above copyright\n\u003e   notice, this list of conditions and the following disclaimer.\n\u003e - Redistributions in binary form must reproduce the above copyright\n\u003e   notice, this list of conditions and the following disclaimer in\n\u003e   the documentation and/or other materials provided with the distribution.\n\u003e - Neither the name of the Cisco Systems, Inc. nor the names of its\n\u003e   contributors may be used to endorse or promote products derived\n\u003e   from this software without specific prior written permission.\n\u003e\n\u003e THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n\u003e \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n\u003e LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS\n\u003e FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\n\u003e COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,\n\u003e INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES\n\u003e (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR\n\u003e SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\n\u003e HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,\n\u003e STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\n\u003e ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED\n\u003e OF THE POSSIBILITY OF SUCH DAMAGE.\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"libsrtp-overview\"\u003e\u003c/a\u003e\n# libSRTP Overview\n\nlibSRTP provides functions for protecting RTP and RTCP.  RTP packets\ncan be encrypted and authenticated (using the `srtp_protect()`\nfunction), turning them into SRTP packets. Similarly, SRTP packets\ncan be decrypted and have their authentication verified (using the\n`srtp_unprotect()` function), turning them into RTP packets. Similar\nfunctions apply security to RTCP packets.\n\nThe typedef `srtp_stream_t` points to a structure holding all of the\nstate associated with an SRTP stream, including the keys and\nparameters for cipher and message authentication functions and the\nanti-replay data. A particular `srtp_stream_t` holds the information\nneeded to protect a particular RTP and RTCP stream. This datatype\nis intentionally opaque in order to better seperate the libSRTP\nAPI from its implementation.\n\nWithin an SRTP session, there can be multiple streams, each\noriginating from a particular sender. Each source uses a distinct\nstream context to protect the RTP and RTCP stream that it is\noriginating. The typedef `srtp_t` points to a structure holding all of\nthe state associated with an SRTP session. There can be multiple\nstream contexts associated with a single `srtp_t`. A stream context\ncannot exist indepent from an `srtp_t`, though of course an `srtp_t` can\nbe created that contains only a single stream context. A device\nparticipating in an SRTP session must have a stream context for each\nsource in that session, so that it can process the data that it\nreceives from each sender.\n\nIn libSRTP, a session is created using the function `srtp_create()`.\nThe policy to be implemented in the session is passed into this\nfunction as an `srtp_policy_t` structure. A single one of these\nstructures describes the policy of a single stream. These structures\ncan also be linked together to form an entire session policy. A linked\nlist of `srtp_policy_t` structures is equivalent to a session policy.\nIn such a policy, we refer to a single `srtp_policy_t` as an *element*.\n\nAn `srtp_policy_t` structure contains two `srtp_crypto_policy_t` structures\nthat describe the cryptograhic policies for RTP and RTCP, as well as\nthe SRTP master key and the SSRC value. The SSRC describes what to\nprotect (e.g. which stream), and the `srtp_crypto_policy_t` structures\ndescribe how to protect it. The key is contained in a policy element\nbecause it simplifies the interface to the library. In many cases, it\nis desirable to use the same cryptographic policies across all of the\nstreams in a session, but to use a distinct key for each stream. A\n`srtp_crypto_policy_t` structure can be initialized by using either the\n`srtp_crypto_policy_set_rtp_default()` or `srtp_crypto_policy_set_rtcp_default()`\nfunctions, which set a crypto policy structure to the default policies\nfor RTP and RTCP protection, respectively.\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"secure-rtp-background\"\u003e\u003c/a\u003e\n## Secure RTP Background\n\nIn this section we review SRTP and introduce some terms that are used\nin libSRTP. An RTP session is defined by a pair of destination\ntransport addresses, that is, a network address plus a pair of UDP\nports for RTP and RTCP. RTCP, the RTP control protocol, is used to\ncoordinate between the participants in an RTP session, e.g. to provide\nfeedback from receivers to senders. An *SRTP session* is\nsimilarly defined; it is just an RTP session for which the SRTP\nprofile is being used. An SRTP session consists of the traffic sent\nto the SRTP or SRTCP destination transport addresses. Each\nparticipant in a session is identified by a synchronization source\n(SSRC) identifier. Some participants may not send any SRTP traffic;\nthey are called receivers, even though they send out SRTCP traffic,\nsuch as receiver reports.\n\nRTP allows multiple sources to send RTP and RTCP traffic during the\nsame session. The synchronization source identifier (SSRC) is used to\ndistinguish these sources. In libSRTP, we call the SRTP and SRTCP\ntraffic from a particular source a *stream*. Each stream has its own\nSSRC, sequence number, rollover counter, and other data. A particular\nchoice of options, cryptographic mechanisms, and keys is called a\n*policy*. Each stream within a session can have a distinct policy\napplied to it. A session policy is a collection of stream policies.\n\nA single policy can be used for all of the streams in a given session,\nthough the case in which a single *key* is shared across multiple\nstreams requires care. When key sharing is used, the SSRC values that\nidentify the streams **must** be distinct. This requirement can be\nenforced by using the convention that each SRTP and SRTCP key is used\nfor encryption by only a single sender. In other words, the key is\nshared only across streams that originate from a particular device (of\ncourse, other SRTP participants will need to use the key for\ndecryption). libSRTP supports this enforcement by detecting the case\nin which a key is used for both inbound and outbound data.\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"supported-features\"\u003e\u003c/a\u003e\n## Supported Features\n\nThis library supports all of the mandatory-to-implement features of\nSRTP (as defined in [RFC 3711](https://tools.ietf.org/html/rfc3711)). Some of these\nfeatures can be selected (or de-selected) at run time by setting an\nappropriate policy; this is done using the structure `srtp_policy_t`.\nSome other behaviors of the protocol can be adapted by defining an\napproriate event handler for the exceptional events; see the SRTPevents\nsection in the generated documentation.\n\nSome options that are described in the SRTP specification are not\nsupported. This includes\n\n- key derivation rates other than zero,\n- the cipher F8,\n- the use of the packet index to select between master keys.\n\nThe user should be aware that it is possible to misuse this library,\nand that the result may be that the security level it provides is\ninadequate. If you are implementing a feature using this library, you\nwill want to read the Security Considerations section of [RFC 3711](https://tools.ietf.org/html/rfc3711#section-9).\nIn addition, it is important that you read and understand the\nterms outlined in the [License and Disclaimer](#license-and-disclaimer) section.\n\nThis library also supports the AES-GCM Authenticated Encryption methods\ndescribed in [RFC 7714](https://tools.ietf.org/html/rfc7714)\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"implementation-notes\"\u003e\u003c/a\u003e\n## Implementation Notes\n\n  * It is possible to configure which 3rd party (ie openssl/nss/etc) crypto backend\n    libSRTP will be built with. If no 3rd party backend is set then libSRTP provides\n    an internal implementation of AES and Sha1. The internal implementation only\n    supports AES-128 \u0026 AES-256, so to use AES-192 or the AES-GCM group of ciphers a\n    3rd party crypto backend must be configured. For this and performance reasons it\n    is highly recommended to use a 3rd party crypto backend.\n\n  * The `srtp_protect()` function assumes that the buffer holding the\n    rtp packet has enough storage allocated that the authentication\n    tag can be written to the end of that packet. If this assumption\n    is not valid, memory corruption will ensue.\n\n  * Automated tests for the crypto functions are provided through\n    the `cipher_type_self_test()` and `auth_type_self_test()` functions.\n    These functions should be used to test each port of this code\n    to a new platform.\n\n  * Replay protection is contained in the crypto engine, and\n    tests for it are provided.\n\n  * This implementation provides calls to initialize, protect, and\n    unprotect RTP packets, and makes as few as possible assumptions\n    about how these functions will be called. For example, the\n    caller is not expected to provide packets in order (though if\n    they're called more than 65k out of sequence, synchronization\n    will be lost).\n\n  * The sequence number in the rtp packet is used as the low 16 bits\n    of the sender's local packet index. Note that RTP will start its\n    sequence number in a random place, and the SRTP layer just jumps\n    forward to that number at its first invocation. An earlier\n    version of this library used initial sequence numbers that are\n    less than 32,768; this trick is no longer required as the\n    `rdbx_estimate_index(...)` function has been made smarter as of\n    version 1.0.1.\n\n  * The replay window for (S)RTCP is hardcoded to 128 bits in length.\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"installing-and-building-libsrtp\"\u003e\u003c/a\u003e\n# Installing and Building libSRTP\n\nTo install libSRTP, download the latest release of the distribution\nfrom [https://github.com/cisco/libsrtp/releases](https://github.com/cisco/libsrtp/releases).\nYou probably want to get the most recent release. Unpack the distribution and\nextract the source files; the directory into which the source files\nwill go is named `libsrtp-A-B-C` where `A` is the version number, `B` is the\nmajor release number and `C` is the minor release number.\n\nlibSRTP uses the GNU `autoconf` and `make` utilities (BSD make will not work; if\nboth versions of make are on your platform, you can invoke GNU make as\n`gmake`.). In the `libsrtp` directory, run the configure script and then\nmake:\n\n~~~.txt\n./configure [ options ]\nmake\n~~~\n\nThe configure script accepts the following options:\n\nOption                         | Description\n-------------------------------|--------------------\n\\-\\-help                   \\-h | Display help\n\\-\\-enable-debug-logging       | Enable debug logging in all modules\n\\-\\-enable-openssl             | Enable OpenSSL crypto engine\n\\-\\-enable-nss                 | Enable NSS crypto engine\n\\-\\-enable-openssl-kdf         | Enable OpenSSL KDF algorithm\n\\-\\-enable-log-stdout          | Enable logging to stdout\n\\-\\-with-openssl-dir           | Location of OpenSSL installation\n\\-\\-with-nss-dir               | Location of NSS installation\n\\-\\-with-log-file              | Use file for logging\n\nBy default there is no log output, logging can be enabled to be output to stdout\nor a given file using the configure options.\n\nThis package has been tested on the following platforms: Mac OS X\n(powerpc-apple-darwin1.4), Cygwin (i686-pc-cygwin), Solaris\n(sparc-sun-solaris2.6), RedHat Linux 7.1 and 9 (i686-pc-linux), and\nOpenBSD (sparc-unknown-openbsd2.7).\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"changing-build-configuration\"\u003e\u003c/a\u003e\n## Changing Build Configuration\n\nTo build the `./configure` script mentioned above, libSRTP relies on the\n[automake](https://www.gnu.org/software/automake/) toolchain.  Since\n`./configure` is built from `configure.in` by automake, if you make changes in\nhow `./configure` works (e.g., to add a new library dependency), you will need\nto rebuild `./configure` and commit the updated version.  In addition to\nautomake itself, you will need to have the `pkgconfig` tools installed as well.\n\nFor example, on macOS:\n\n```\nbrew install automake pkgconfig\n# Edit configure.in\nautoremake -ivf\n```\n\n--------------------------------------------------------------------------------\n\u003ca name=\"using-visual-studio\"\u003e\u003c/a\u003e\n## Using Visual Studio\n\nOn Windows one can use Visual Studio via CMake. CMake can be downloaded here:\nhttps://cmake.org/ . To create Visual Studio build files, for example run the\nfollowing commands:\n\n```\n# Create build subdirectory\nmkdir build\ncd build\n\n# Make project files\ncmake .. -G \"Visual Studio 15 2017\"\n\n# Or for 64 bit project files\ncmake .. -G \"Visual Studio 15 2017 Win64\"\n```\n\n--------------------------------------------------------------------------------\n\u003ca name=\"using-meson\"\u003e\u003c/a\u003e\n## Using Meson\n\nOn all platforms including Windows, one can build using [Meson](https://mesonbuild.com).\nSteps to download Meson are here: https://mesonbuild.com/Getting-meson.html\n\nTo build with Meson, you can do something like:\n\n```\n# Setup the build subdirectory\nmeson setup --prefix=/path/to/prefix builddir\n\n# Build the project\nmeson compile -C builddir\n\n# Run tests\nmeson test -C builddir\n\n# Optionally, install\nmeson install -C builddir\n```\n\nTo build with Visual Studio, run the above commands from inside a Visual Studio\ncommand prompt, or run `vcvarsall.bat` with the appropriate arguments inside\na Command Prompt.\n\nNote that you can also replace the above commands with the appropriate `ninja`\ntargets: `ninja -C build`, `ninja -C build test`, `ninja -C build install`.\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"applications\"\u003e\u003c/a\u003e\n# Applications\n\nSeveral test drivers and a simple and portable srtp application are\nincluded in the `test/` subdirectory.\n\nTest driver     | Function tested\n---------       | -------\nkernel_driver   | crypto kernel (ciphers, auth funcs, rng)\nsrtp_driver\t    | srtp in-memory tests (does not use the network)\nrdbx_driver\t    | rdbx (extended replay database)\nroc_driver\t    | extended sequence number functions\nreplay_driver\t  | replay database\ncipher_driver\t  | ciphers\nauth_driver\t    | hash functions\n\nThe app `rtpw` is a simple rtp application which reads words from\n`/usr/dict/words` and then sends them out one at a time using [s]rtp.\nManual srtp keying uses the -k option; automated key management\nusing gdoi will be added later.\n\nusage:\n~~~.txt\nrtpw [[-d \u003cdebug\u003e]* [-k|b \u003ckey\u003e [-a][-e \u003ckey size\u003e][-g]] [-s | -r] dest_ip dest_port] | [-l]\n~~~\n\nEither the -s (sender) or -r (receiver) option must be chosen.  The\nvalues `dest_ip`, `dest_port` are the IP address and UDP port to which\nthe dictionary will be sent, respectively.\n\nThe options are:\n\nOption         | Description\n---------      | -------\n  -s           | (S)RTP sender - causes app to send words\n  -r           | (S)RTP receive - causes app to receive words\n  -k \u003ckey\u003e     | use SRTP master key \u003ckey\u003e, where the key is a hexadecimal (without the leading \"0x\")\n  -b \u003ckey\u003e     | same as -k but with base64 encoded key\n  -e \u003ckeysize\u003e | encrypt/decrypt (for data confidentiality) (requires use of -k option as well) (use 128, 192, or 256 for keysize)\n  -g           | use AES-GCM mode (must be used with -e)\n  -a           | message authentication (requires use of -k option as well)\n  -l           | list the available debug modules\n  -d \u003cdebug\u003e   | turn on debugging for module \u003cdebug\u003e\n\nIn order to get random 30-byte values for use as key/salt pairs , you\ncan use the following bash function to format the output of\n`/dev/random` (where that device is available).\n\n~~~.txt\nfunction randhex() {\n   cat /dev/random | od --read-bytes=32 --width=32 -x | awk '{ print $2 $3 $4 $5 $6 $7 $8 $9 $10 $11 $12 $13 $14 $15 $16 }'\n}\n~~~\n\nAn example of an SRTP session using two rtpw programs follows:\n\n~~~.txt\nset k=c1eec3717da76195bb878578790af71c4ee9f859e197a414a78d5abc7451\n\n[sh1]$ test/rtpw -s -k $k -e 128 -a 0.0.0.0 9999\nSecurity services: confidentiality message authentication\nset master key/salt to C1EEC3717DA76195BB878578790AF71C/4EE9F859E197A414A78D5ABC7451\nsetting SSRC to 2078917053\nsending word: A\nsending word: a\nsending word: aa\nsending word: aal\n...\n\n[sh2]$ test/rtpw -r -k $k -e 128 -a 0.0.0.0 9999\nsecurity services: confidentiality message authentication\nset master key/salt to C1EEC3717DA76195BB878578790AF71C/4EE9F859E197A414A78D5ABC7451\n19 octets received from SSRC 2078917053 word: A\n19 octets received from SSRC 2078917053 word: a\n20 octets received from SSRC 2078917053 word: aa\n21 octets received from SSRC 2078917053 word: aal\n...\n~~~\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"example-code\"\u003e\u003c/a\u003e\n## Example Code\n\nThis section provides a simple example of how to use libSRTP. The\nexample code lacks error checking, but is functional. Here we assume\nthat the value ssrc is already set to describe the SSRC of the stream\nthat we are sending, and that the functions `get_rtp_packet()` and\n`send_srtp_packet()` are available to us. The former puts an RTP packet\ninto the buffer and returns the number of octets written to that\nbuffer. The latter sends the RTP packet in the buffer, given the\nlength as its second argument.\n\n~~~.c\nsrtp_t session;\nsrtp_policy_t policy;\n\n// Set key to predetermined value\nuint8_t key[30] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,\n                   0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,\n                   0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,\n                   0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D};\n\n// initialize libSRTP\nsrtp_init();\n\n// default policy values\nmemset(\u0026policy, 0x0, sizeof(srtp_policy_t));\n\n// set policy to describe a policy for an SRTP stream\nsrtp_crypto_policy_set_rtp_default(\u0026policy.rtp);\nsrtp_crypto_policy_set_rtcp_default(\u0026policy.rtcp);\npolicy.ssrc = ssrc;\npolicy.key  = key;\npolicy.next = NULL;\n\n// allocate and initialize the SRTP session\nsrtp_create(\u0026session, \u0026policy);\n\n// main loop: get rtp packets, send srtp packets\nwhile (1) {\n  char rtp_buffer[2048];\n  size_t rtp_len;\n  char srtp_buffer[2048];\n  size_t srtp_len = sizeof(srtp_buffer);\n\n  len = get_rtp_packet(rtp_buffer);\n  srtp_protect(session, rtp_buffer, rtp_len, srtp_buffer, \u0026srtp_len);\n  send_srtp_packet(srtp_buffer, srtp_len);\n}\n~~~\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"credits\"\u003e\u003c/a\u003e\n# Credits\n\nThe original implementation and documentation of libSRTP was written\nby David McGrew of Cisco Systems, Inc. in order to promote the use,\nunderstanding, and interoperability of Secure RTP. Michael Jerris\ncontributed support for building under MSVC. Andris Pavenis\ncontributed many important fixes. Brian West contributed changes to\nenable dynamic linking. Yves Shumann reported documentation bugs.\nRandell Jesup contributed a working SRTCP implementation and other\nfixes. Steve Underwood contributed x86_64 portability changes. We also give\nthanks to Fredrik Thulin, Brian Weis, Mark Baugher, Jeff Chan, Bill\nSimon, Douglas Smith, Bill May, Richard Preistley, Joe Tardo and\nothers for contributions, comments, and corrections.\n\nThis reference material, when applicable, in this documenation was generated\nusing the doxygen utility for automatic documentation of source code.\n\nCopyright 2001-2005 by David A. McGrew, Cisco Systems, Inc.\n\n--------------------------------------------------------------------------------\n\n\u003ca name=\"references\"\u003e\u003c/a\u003e\n# References\n\nSRTP and ICM References\nSeptember, 2005\n\nSecure RTP is defined in [RFC 3711](https://tools.ietf.org/html/rfc3711).\nThe counter mode definition is in [Section 4.1.1](https://tools.ietf.org/html/rfc3711#section-4.1.1).\n\nSHA-1 is defined in [FIPS PUB 180-4](http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf).\n\nHMAC is defined in [RFC 2104](https://tools.ietf.org/html/rfc2104)\nand HMAC-SHA1 test vectors are available\nin [RFC 2202](https://tools.ietf.org/html/rfc2202#section-3).\n\nAES-GCM usage in SRTP is defined in [RFC 7714](https://tools.ietf.org/html/rfc7714)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcisco%2Flibsrtp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcisco%2Flibsrtp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcisco%2Flibsrtp/lists"}