We are using Asterisk with sdes media_encryption.
It works fine on Asterisk 18.5.1. But some warnings displays since I installed 18.7.1.
<--- Received SIP request (2399 bytes) from TLS:118.238.222.5:57529 --->
INVITE sip:xxxxxxxxxxx@xxxxxxxxxxxxxx:xxxxx;transport=TLS SIP/2.0
Via: SIP/2.0/TLS 192.168.0.4:53420;branch=z9hG4bK-524287-1---febf2ea56b5461b2;rport
Max-Forwards: 70
Contact: <sip:xxxxxxxxxxx@xxxxxxxxxxxxxx:xxxxx;transport=TLS>
To: <sip:xxxxxxxxxxx@xxxxxxxxxxxxxx:xxxxx:19240>
From: <sip:xxxxxxxxxxx@xxxxxxxxxxxxxx:xxxxx;transport=TLS>;tag=6a21e147
Call-ID: xxxxxx..
CSeq: 2 INVITE
Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO, SUBSCRIBE
Content-Type: application/sdp
User-Agent: Z 5.4.12 v2.10.13.2
Authorization: xxxxxxxxxxxxxx
Allow-Events: presence, kpml, talk
Content-Length: 1363
v=0
o=Z 1636003204853 1 IN IP4 192.168.0.4
s=Z
c=IN IP4 192.168.0.4
t=0 0
m=audio 8000 RTP/SAVP 106 9 98 101 0 8 18 3
a=rtpmap:106 opus/48000/2
a=fmtp:106 sprop-maxcapturerate=16000; minptime=20; useinbandfec=1
a=rtpmap:98 telephone-event/48000
a=fmtp:98 0-16
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=sendrecv
a=crypto:5 AES_256_CM_HMAC_SHA1_80 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnFzpqv85MiVPg==
a=crypto:6 AES_256_CM_HMAC_SHA1_32 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnFzpqv85MiVPg==
a=crypto:9 AES_CM_256_HMAC_SHA1_80 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnFzpqv85MiVPg==
a=crypto:10 AES_CM_256_HMAC_SHA1_32 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnFzpqv85MiVPg==
a=crypto:3 AES_192_CM_HMAC_SHA1_80 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnE=
a=crypto:4 AES_192_CM_HMAC_SHA1_32 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnE=
a=crypto:7 AES_CM_192_HMAC_SHA1_80 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnE=
a=crypto:8 AES_CM_192_HMAC_SHA1_32 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnE=
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+
<--- Transmitting SIP response (373 bytes) to TLS:xxxxxxx:xxxxx --->
SIP/2.0 100 Trying
Via: SIP/2.0/TLS xxxxxxx:53420;rport=57529;received=xxxxxxxx;branch=z9hG4bK-524287-1---febf2ea56b5461b2
Call-ID: EnKrCsFojJ0GFy1fN1KOyg..
From: <sip:sip:xxxxxxxxxxx@xxxxxxxxxxxxxx:xxxxx>;tag=6a21e147
To: <sip:sip:xxxxxxxxxxx@xxxxxxxxxxxxxx:xxxxx>
CSeq: 2 INVITE
Server: Asterisk PBX 18.8.0
Content-Length: 0
Unsupported crypto suite: AES_256_CM_HMAC_SHA1_80
[2021-11-04 14:20:04] WARNING[20671]: res_pjsip_sdp_rtp.c:1147 setup_sdes_srtp: Ignoring crypto offer with unsupported parameters: 5 AES_256_CM_HMAC_SHA1_80 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnFzpqv85MiVPg==
Unsupported crypto suite: AES_256_CM_HMAC_SHA1_32
[2021-11-04 14:20:04] WARNING[20671]: res_pjsip_sdp_rtp.c:1147 setup_sdes_srtp: Ignoring crypto offer with unsupported parameters: 6 AES_256_CM_HMAC_SHA1_32 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnFzpqv85MiVPg==
Unsupported crypto suite: AES_CM_256_HMAC_SHA1_80
[2021-11-04 14:20:04] WARNING[20671]: res_pjsip_sdp_rtp.c:1147 setup_sdes_srtp: Ignoring crypto offer with unsupported parameters: 9 AES_CM_256_HMAC_SHA1_80 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnFzpqv85MiVPg==
Unsupported crypto suite: AES_CM_256_HMAC_SHA1_32
[2021-11-04 14:20:04] WARNING[20671]: res_pjsip_sdp_rtp.c:1147 setup_sdes_srtp: Ignoring crypto offer with unsupported parameters: 10 AES_CM_256_HMAC_SHA1_32 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnFzpqv85MiVPg==
Unsupported crypto suite: AES_192_CM_HMAC_SHA1_80
[2021-11-04 14:20:04] WARNING[20671]: res_pjsip_sdp_rtp.c:1147 setup_sdes_srtp: Ignoring crypto offer with unsupported parameters: 3 AES_192_CM_HMAC_SHA1_80 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnE=
Unsupported crypto suite: AES_192_CM_HMAC_SHA1_32
[2021-11-04 14:20:04] WARNING[20671]: res_pjsip_sdp_rtp.c:1147 setup_sdes_srtp: Ignoring crypto offer with unsupported parameters: 4 AES_192_CM_HMAC_SHA1_32 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnE=
Unsupported crypto suite: AES_CM_192_HMAC_SHA1_80
[2021-11-04 14:20:04] WARNING[20671]: res_pjsip_sdp_rtp.c:1147 setup_sdes_srtp: Ignoring crypto offer with unsupported parameters: 7 AES_CM_192_HMAC_SHA1_80 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnE=
Unsupported crypto suite: AES_CM_192_HMAC_SHA1_32
[2021-11-04 14:20:04] WARNING[20671]: res_pjsip_sdp_rtp.c:1147 setup_sdes_srtp: Ignoring crypto offer with unsupported parameters: 8 AES_CM_192_HMAC_SHA1_32 inline:bQegyhsedEqflMBCw5A8a1NFEFTZfmJyp48pgNt+yGY4VzOpZnE=
I understand this is the problem of the below changes but I can’t find how to fix this issue(how to install unsupported crypto suite)
https://gerrit.asterisk.org/c/asterisk/+/16438
I use AmazonLinux2(aarch64) and I already installed libsrtp.
Can you tell me how to install the crypto suite or remove this warnings