Hello, I run voip communication with srtp security where asterisk is the communication server and linphone is the endpoint.
I tried to modify the encryption module to the payload only (enc_start) where the modifications I made caused the size of the encrypted payload to increase. When tested by communication, several packets are successfully sent from the sender to the receiver, but in the middle it causes an error. On the linphone, an error appears stating segmentation faults or sometimes bus errors. I think it happened because of the size of the memory that must be adjusted again.
On the asterisk itself which utilizes the shared library of srtp, I can't find out whether it causes the same error or not because of the use of log files when compiling with the command: ./configure --with-log-file = "./ log.txt" causes asterisk forced to stop due to failure to load this srtp module. What I want to ask is, which part and how to reset the size of the payload? I am confused because the existing parameters are the result of casting from other parameters.
Thanks, Hilman
Hilman,
I don't fully understand your question. However, it sounds a bit dangerous to be modifying the packet contents. Any change, no matter how minor, is likely to break end-to-end communication. When encrypting, the RTP packet is generally encrypted after the RTP header to the end of the packet and then an authentication tag is added. Manipulating how the processing is done the way I think you did is most likely going to cause packet authentication to fail. And, of course, the decrypted data is likely garbage.
If you wish to insert data in the RTP packet, the only real way is to do it is with an RTP header extension. You can do that if you control the sending endpoint, but it's not possible to add that after the packet is encrypted since that is a part of the authenticated data. You could potentially do that as an intermediary device (e.g., an SBC) if you have the media keys, but it's ill-advised since the endpoint might actually have some other interpretation of the RTP header extension. It's also good to know that the recipient also has either the same understanding or knows to ignore it. RTP header extensions are really intended to be used by mutual agreement and negotiation of the sending and receiving endpoints.
if you truly insist on effectively breaking the encryption algorithm as you're doing, you could just append data to the end of the packet. Just make sure you strip that off before the data is received by the receiving endpoint or any intermediary. IMO, it's just a bad idea to even try.
Paul
------ Original Message ------ From: "Hilman Fitriana via libsrtp" libsrtp@lists.packetizer.com To: libsrtp@lists.packetizer.com Sent: 7/22/2020 12:44:44 AM Subject: [libsrtp] Modified payload encryption
Hello, I run voip communication with srtp security where asterisk is the communication server and linphone is the endpoint.
I tried to modify the encryption module to the payload only (enc_start) where the modifications I made caused the size of the encrypted payload to increase. When tested by communication, several packets are successfully sent from the sender to the receiver, but in the middle it causes an error. On the linphone, an error appears stating segmentation faults or sometimes bus errors. I think it happened because of the size of the memory that must be adjusted again.
On the asterisk itself which utilizes the shared library of srtp, I can't find out whether it causes the same error or not because of the use of log files when compiling with the command: ./configure --with-log-file = "./ log.txt" causes asterisk forced to stop due to failure to load this srtp module. What I want to ask is, which part and how to reset the size of the payload? I am confused because the existing parameters are the result of casting from other parameters.
Thanks, Hilman
participants (2)
-
Hilman Fitriana
-
Paul E. Jones