1

Attempting to implement an SFU, where all the WebRTC peers upload their unencrypted media streams to our customized server; so that they can be distributed to other peers in a loop without any decryption / re-encryption worries.
This is because, Haven't found any source code to decrypt.

For that, I tried to generate an offer at JS side using createOffer() and before feeding it to setLocalDescription(), I removed the "a=fingerprint:sha-256 xx:YY..." from it. However, it gives an error:

DOMException: Failed to execute 'setLocalDescription' on 'RTCPeerConnection': Failed to set local offer sdp: Called with SDP without DTLS fingerprint.

There is an interface available called RTCDtlsFingerprint which might help in disabling fingerprint, but not sure how to use it.

Is there a way to disable fingerprint or DTLS-SRTP and hack it to send an unencrypted data?

iammilind
  • 68,093
  • 33
  • 169
  • 336

1 Answers1

2

You can not disable encryption (with the exception of the disable-webrtc-encryption which is not available in the stable version of Chrome).

This is a MUST level requirement in https://datatracker.ietf.org/doc/html/rfc8827#section-6.5

Philipp Hancke
  • 15,855
  • 2
  • 23
  • 31
  • Thanks for the answer. How the traditional SFU-s work? Do they decrypt and re-encrypt the streams for each peer individually? What is the best approach to implement a SFU in your opinion? – iammilind Mar 20 '22 at 07:40
  • the answer from https://stackoverflow.com/a/65447423/4352772 still applies – Philipp Hancke Mar 20 '22 at 09:22