[Live-devel] Enabling RTSPS & SRTP in v4l2rtspserver with Live555 – Retrieving MIKEY Data from SDP

Manikandan Valaguru manikandan.v at e-consystems.com
Tue Mar 25 05:57:24 PDT 2025 

Hi,

Thank you for your valuable input.
I have not used any applications with testprog, but I have compiled OPENRTSP (LIVE555) with OpenSSL enabled. However, I am still unable to preview the stream. The command I am currently using is:
openRTSP -D 1 -P 4 -t -u econ:econ -d 60 -q "rtsp://192.168.0.171:5005/routecam"

Despite this, I am unable to obtain a preview.
Could you confirm if this is the correct approach for streaming from an RTSP server? Additionally, I have limited experience with OPENRTSP, so I would appreciate it if you could provide the appropriate command to stream both RTSP and SRTP packets using OPENRTSP.
Looking forward to your guidance.

Regards,
Manikandan




________________________________
From: live-devel <live-devel-bounces at us.live555.com> on behalf of Ross Finlayson <finlayson at live555.com>
Sent: Monday, March 24, 2025 8:55 PM
To: LIVE555 Streaming Media - development & use <live-devel at us.live555.com>
Subject: Re: [Live-devel] Enabling RTSPS & SRTP in v4l2rtspserver with Live555 – Retrieving MIKEY Data from SDP

[You don't often get email from finlayson at live555.com. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]

> On Mar 24, 2025, at 11:02 PM, Manikandan Valaguru <manikandan.v at e-consystems.com> wrote:
>
> Hi,
> I am using a custom v4l2rtspserver that is built on Live555, and I am working on enabling RTSPS (RTSP over TLS) and SRTP (Secure RTP) for secure streaming. My goal is to stream video securely and play it back in GStreamer.

Unfortunately we can’t help you with ‘GStreamer’, as that is not our software.  However, our (LIVE555) RTSP client implements RTSPS and SRTP; you can see this by running our “testRTSPClient” or “openRTSP” client applications, using a “rtsps://“ URL.  You may find it simpler to write a LIVE555-based client application (perhaps based on “testRTSPClient”) instead.


> From my understanding:
>     • RTSPS can be encrypted using the appropriate TLS certificate.

Yes.  I assume (because your RTSP server uses the LIVE555 code) that you called “setTLSState()” on your “RTSPServer” after you created it.


>     • SRTP requires a key for decryption, which can be obtained from the MIKEY data in the SDP (Session Description Protocol) of the RTSP response.

Yes.


>     • Using this key, I need to construct a GStreamer pipeline to decrypt the SRTP packets.

Again, we can’t help you with this; ‘GStreamer’ is not our software.


> Additionally, I am writing a C application to extract the MIKEY data from the SDP in the RTSP response sent by GStreamer.

The MIKEY data can be found in the "a=key-mgmt:” attribute in the SDP description.  (Again, if you were to use our RTSP client code, you would not need to worry about this, because our code does this (plus the SRTP key derivation from the MIKEY data) automatically.)

If you haven’t already done so, I suggest looking at our “mikeyParse” application (which can be found - along with “testRTSPClient” and “openRTSP” - in the “testProgs” directory).  “mikeyParse” takes, as argument, the Base64 (i.e., ASCII) data that you find in the SDP "a=key-mgmt:” attribute.


> Interestingly, VLC is able to stream and play the video correctly

That’s because VLC also uses our RTSP client implementation.


> , but I am unsure how VLC handles SRTP key exchange

There is no SRTP key ‘exchange’; instead, the server sends (over the RTSP connection, which is encrypted) the MIKEY data to the client, which then derives the SRTP keying information from this.  Again, our RTSP client code does all of this for you.


Ross Finlayson
Live Networks, Inc.
http://www.live555.com/


_______________________________________________
live-devel mailing list
live-devel at lists.live555.com
http://lists.live555.com/mailman/listinfo/live-devel
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Taking any action in reliance on the contents of this information is strictly prohibited. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. WARNING: Although the company has taken reasonable precautions to ensure no viruses are present in this email, e-con cannot accept responsibility for any loss or damage arising from the use of this email or attachment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.live555.com/pipermail/live-devel/attachments/20250325/d914f24f/attachment.htm>

More information about the live-devel mailing list