How to config AES_CM_128_HMAC_SHA1_80 -> AEAD_AES_256_GCM

I need to set config encryption is AEAD_AES_256_GCM

It isn’t a supported mode. Why do you need it specifically?

Google Meet seems to be using it, and it seems to be available in the code so I was just experimenting to see if it works or not.

1 Like

So @pinyoothotaboot Have you learned how to config AEAD_AES_256_GCM ?

It is not supported, you can’t configure something that isn’t supported. Feel free to contribute it though.

1 Like

Hi @nazar-pc ,

I see on your github ( you seem to have added support for this just 11 days ago.

Is it possible to have any example for how to change the default AES_CM_128_HMAC_SHA1_80 to AEAD_AES_256_GCM, specifically for WebRTC Transport? How can I achieve this?

Thanks a lot!

Did you read official documentation?

@nazar-pc Yes, I see that it’s possible to change it in the PlainTransport and PipeTransport, but is it possible to force 256-GCM as default on server side for WebRTC Transport?

It is not explicitly configurable via API and doesn’t even seem to show in WebRTC internals, why do you need to specify that?

It does show in WebRTC internals, see screenshot below

We need to use AES-256-GCM to comply with security standards required. If we can’t do it via API, is it possible to do it on client side?

Thanks a lot for you time.

mediasoup enforces AEAD_AES_256_GCM as preferred option but doesn’t mandate it (the client chooses it). You can see selected DTLS crypto suite if you enable “dtls” or “srtp” log tags.