[Live-devel] Enabling RTSPS & SRTP in v4l2rtspserver with Live555 – Retrieving MIKEY Data from SDP

Ross Finlayson finlayson at live555.com
Mon Mar 24 08:25:16 PDT 2025 


> On Mar 24, 2025, at 11:02 PM, Manikandan Valaguru <manikandan.v at e-consystems.com> wrote:
> 
> Hi,
> I am using a custom v4l2rtspserver that is built on Live555, and I am working on enabling RTSPS (RTSP over TLS) and SRTP (Secure RTP) for secure streaming. My goal is to stream video securely and play it back in GStreamer.

Unfortunately we can’t help you with ‘GStreamer’, as that is not our software.  However, our (LIVE555) RTSP client implements RTSPS and SRTP; you can see this by running our “testRTSPClient” or “openRTSP” client applications, using a “rtsps://“ URL.  You may find it simpler to write a LIVE555-based client application (perhaps based on “testRTSPClient”) instead.


> From my understanding:
>     • RTSPS can be encrypted using the appropriate TLS certificate.

Yes.  I assume (because your RTSP server uses the LIVE555 code) that you called “setTLSState()” on your “RTSPServer” after you created it.


>     • SRTP requires a key for decryption, which can be obtained from the MIKEY data in the SDP (Session Description Protocol) of the RTSP response.

Yes.


>     • Using this key, I need to construct a GStreamer pipeline to decrypt the SRTP packets.

Again, we can’t help you with this; ‘GStreamer’ is not our software.


> Additionally, I am writing a C application to extract the MIKEY data from the SDP in the RTSP response sent by GStreamer.

The MIKEY data can be found in the "a=key-mgmt:” attribute in the SDP description.  (Again, if you were to use our RTSP client code, you would not need to worry about this, because our code does this (plus the SRTP key derivation from the MIKEY data) automatically.)

If you haven’t already done so, I suggest looking at our “mikeyParse” application (which can be found - along with “testRTSPClient” and “openRTSP” - in the “testProgs” directory).  “mikeyParse” takes, as argument, the Base64 (i.e., ASCII) data that you find in the SDP "a=key-mgmt:” attribute.


> Interestingly, VLC is able to stream and play the video correctly

That’s because VLC also uses our RTSP client implementation.


> , but I am unsure how VLC handles SRTP key exchange

There is no SRTP key ‘exchange’; instead, the server sends (over the RTSP connection, which is encrypted) the MIKEY data to the client, which then derives the SRTP keying information from this.  Again, our RTSP client code does all of this for you.


Ross Finlayson
Live Networks, Inc.
http://www.live555.com/

More information about the live-devel mailing list