Hi,

I am using DMCC API to record a call. I am registering an extension using single step conference in an existing call.. While creating the media session I register a media sink to receive the audio that I store in a file...

This works fine but the audio is encrypted.. I get the rec key in case of media start event.. My assumption is that i'll have to decrypt this audio using this key.. .

Could you please confirm this ?? or is there an API that I can use that does this for me ?

Thanks.

Media encryption handling is discussed in the DMCC Programmers Guides. There is a detailed description of the AES encryption alogrithm in the section called "Media Encryption".

Your RTP stack will need to be able to encrypt and decrypt the media stream.

Martin

Hi,

I went through the media encryption section in the programmer's guide.. I still am not sure if I am using DMCC and provide the Encryption list while creating the media session ( I have used TutorialMediaStack as reference ) .. do i have to encrypt the audio, or the Media sink will get un-encrypted audio ??

Thanks.

In order to receive & send encrypted media you must:

1. Configure the ip-codec-set on your Communication Manager to allow encrypted media
2. Request encryption when sending your RegisterTerminalrequest.

Part 1 is described in the "Creating the Device and Media Control codec set" subsection of the "Administering Communication Manager for AE Services" chapter of the "Avaya Aura Application Enablement Services Administration and Maintenance Guide".

Part 2 is described in the part of the Programmers Guide called "Choosing the media encryption".


For example, My Communication Manager is configured as:
display ip-codec-set 1 Page 1 of 2

Codec Set: 1

Audio Silence Frames Packet
Codec Suppression Per Pkt Size(ms)
1: G.711A y 2 20
2: G.711MU y 2 20
3:
4:
Media Encryption
1: none
2: aes
3:

This allows me to request AES encryption when I register:

<?xml version="1.0" encoding="utf-8"?>
<RegisterTerminalRequest xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.avaya.com/csta">
<device typeOfNumber="other" mediaClass="notKnown">40204:CM10:0.0.0.0:1</device>
<loginInfo>
<forceLogin>true</forceLogin>
<sharedControl>false</sharedControl>
<password>1234</password>
<mediaMode>CLIENT</mediaMode>
<dependencyMode>INDEPENDENT</dependencyMode>
</loginInfo>
<localMediaInfo>
<rtpAddress>
<address>135.64.187.243</address>
<port>4736</port>
</rtpAddress>
<rtcpAddress>
<address>135.64.187.243</address>
<port>4737</port>
</rtcpAddress>
<codecs>g711U</codecs>
<packetSize>20</packetSize>
<encryptionList>aes</encryptionList>
</localMediaInfo>
</RegisterTerminalRequest>

Now I get encrypted audio:

<MediaStartEvent xmlns="http://www.avaya.com/csta">
<monitorCrossRefID xmlns:ns1="http://www.ecma-international.org/standards/ecma-323/csta/ed3">94</monitorCrossRefID>
<connection>
<deviceID xmlns:ns2="http://www.ecma-international.org/standards/ecma-323/csta/ed3" typeOfNumber="other" mediaClass="voice" bitRate="constant">40204:CM10:0.0.0.0:1</deviceID>
</connection>
<rtpAddress>
<address>10.10.13.13</address>
<port>2050</port>
</rtpAddress>
<rtcpAddress>
<address>10.10.13.13</address>
<port>2051</port>
</rtcpAddress>
<codec>g711U</codec>
<packetSize>20</packetSize>
<encryption>
<protocol>aes</protocol>
<transmitKey>{94,F9,B1,CD,2C,F8,A5,95,64,03,4B,3F,2F,71,99,8C}</transmitKey>
<receiveKey>{3A,43,C3,D6,A6,19,A1,1E,36,3F,6F,8F,87,C2,A2,AF}</receiveKey>
<payloadType>105</payloadType>
</encryption>
</MediaStartEvent>

The properties file for tutorialClientMediaStack comes with:
encryption=none
So I would not expect it to get/send encrypted media unlless somebody changed this to:
encryption=aes

Martin

Martin,

Thanks a lot for the details.. I've been able to receive the encrypted audio ..

Now my requirement is as follows.

1. Communication manager is configured to send encrypted audio.
2. I register a device requesting encryption ( as described by you ).
3. Now I need to send this audio to another component. This audio should be un-encrypted.

Now as described by you I am able to receive and encrypted audio stream in my MediaSink .. Now as per my understanding I'd have to decrypt the audio using the ReceiveKey received as part of media start event.

Could you please confirm if this is correct??

Thanks.

That is correct.

Hi,

There is one more issue that i am facing as per the documentation we need Initialization vector and receive key to decrypt the audio. I am getting the receive key in the media event listener.

I am not sure how I'll retrieve the Initialization Vector.. I am implementing a MediaSink to record the audio.

Thanks!

The Programmers Guide describes how to calculate the Initialization Vector.

Hi,

I've modified the application as per the documentation, below is the snippet of the application..

While creating the media session I register the media sink ..

      codecList = new String[] { Audio.G711U };
      localMediaInfo.setCodecs(codecList);
      localMediaInfo.setEncryptionList(new String[] { Audio.AES,
            Audio.AES });

mediaSession.attachSink(new DataCollectionRecordingDevice(this));

// In my Media Sink i receive the ByteBuffer in the write callback method ... To record the audio I collect this and save it into a file.


In the MediaEventListener when i get the media start event .. I set the keys and start the audio..

         MediaEncryption remoteEncryption = new MediaEncryption();
         remoteEncryption.setProtocol(startEvent.getEncryption().getProtocol());
         remoteEncryption.setTransmitKey(startEvent.getEncryption().getTransmitKey());
         remoteEncryption.setReceiveKey(startEvent.getEncryption().getReceiveKey());
         remoteEncryption.setPayloadType(startEvent.getEncryption().getPayloadType().intValue());

         audio.start(new InetSocketAddress(remoteAddress, remoteRtpPort), new InetSocketAddress(
               remoteAddress, remoteRtcpPort), remoteCodec, packetSize, remoteEncryption);


Now as per the programmer guide ---

Note: If you are using Avaya's "client-media-stack" implementation (included in the cmapijava-sdk),
then you do not need to be concerned with the media encryption and decryption - the "client-mediastack"
handles this for you.

1) Do I have to decrypt the audio in the Media Sink or Would the receive decrypted audio.
2) If I have to decrypt the audio how do I get the RTP Header required to calculate Initialization Vector.

Thanks!

From looking at the tutorial code, I would assume that the media is unencrypted before it is delivered to the sink.

Please note that the RTP stack that comes with the Java SDK and is used in the clientmediastack tutorial is for test purposes only. It is not supported when used in a production environment.

Martin