Retransmit received RTP packets in secure way

Hello! We are working on SFU at the moment and we want to receive RTP packet from one peer, and broadcast it to multiple "listeners". We doing following in the code (we do not match to track_id because there is only video we experimenting with):
@impl true
def handle_info(
{:ex_webrtc, pid, {:rtp, _track_id, _, rtp_packet}},
state
) do
Enum.each(state.peer_connections, fn
{_peer_id, %ConnectionInfo{connected: true, track_id: nil}} ->
Logger.warning("No track ID found for peer connection")

:ok

{_peer_id, %ConnectionInfo{connected: true, track_id: track_id} = connection_info} ->
PeerConnection.send_rtp(
connection_info.peer_connection,
connection_info.track_id,
rtp_packet
)

connection_info ->
:ok
end)

{:noreply, state}
end
@impl true
def handle_info(
{:ex_webrtc, pid, {:rtp, _track_id, _, rtp_packet}},
state
) do
Enum.each(state.peer_connections, fn
{_peer_id, %ConnectionInfo{connected: true, track_id: nil}} ->
Logger.warning("No track ID found for peer connection")

:ok

{_peer_id, %ConnectionInfo{connected: true, track_id: track_id} = connection_info} ->
PeerConnection.send_rtp(
connection_info.peer_connection,
connection_info.track_id,
rtp_packet
)

connection_info ->
:ok
end)

{:noreply, state}
end
However, this approach is clearly break the cryptography part of the transmission. So what do we have to do? The first thought was to use the ExLibSRTP to unprotect and then protect the packet for each peer, but we don't have a direct access to DTLS transport as it's a private part of the PeerConnection.
6 Replies
Michał Śledź
Michał Śledź5mo ago
Hi @odingrail , are your viewrs also using WebRTC? If yes, you can just feed RTP packet into another PeerConnection and it will encrypt it for you
odingrail
odingrailOP5mo ago
Yes, they are using WebRTC. That's a great news, so there is no problems with code above?
Michał Śledź
Michał Śledź5mo ago
I don't think so PeerConnection is secure by default you cannot send unencrypted data with WebRTC
odingrail
odingrailOP5mo ago
Thank you for an answer @mickel8 I'm actually got it working now! But I'm getting a bunch of following warnings: mfa=ExWebRTC.DTLSTransport.handle_cast/2 Unable to protect RTP: :replay_old Does it means that I should send additional information when doing send_pli?
Michał Śledź
Michał Śledź5mo ago
I don't think so We are actually debugging those warrnings but everything should work correctly it might have something to do with connection probing, retransmissions or something similar, anyway we see them in our examples/demos too
odingrail
odingrailOP5mo ago
Thank you for reply!
Want results from more Discord servers?
Add your server