From ac71e81e542ddcdd849573776a2169a06c93c002 Mon Sep 17 00:00:00 2001
From: Richard Fuchs <rfuchs@sipwise.com>
Date: Tue, 6 Apr 2021 12:27:51 -0400
Subject: [PATCH] TT#118350 add SDES=static option

Change-Id: Id34d4fe31e58acfae31d8e5d30abec1837c4f808
---
 README.md                 |   7 +
 daemon/call.c             |  18 +++
 daemon/call_interfaces.c  |   5 +
 include/call_interfaces.h |   1 +
 t/auto-daemon-tests.pl    | 268 ++++++++++++++++++++++++++++++++++++++
 5 files changed, 299 insertions(+)

diff --git a/README.md b/README.md
index 3b536ca71..43158c59c 100644
--- a/README.md
+++ b/README.md
@@ -1132,6 +1132,13 @@ Optionally included keys are:
 
 		Add the key lifetime parameter `2^31` to each crypto key.
 
+	- `static`
+
+		Instructs *rtpengine* to skip the full SDES negotiation routine during a re-invite
+		(e.g. pick the first support crypto suite, look for possible SRTP passthrough)
+		and instead leave the previously negotiated crypto suite in place. Only useful in
+		subsequent `answer` messages and ignored in `offer` messages.
+
 * `OSRTP`
 
 	Similar to `SDES` but controls OSRTP behaviour. Default behaviour is to pass through
diff --git a/daemon/call.c b/daemon/call.c
index fe430eed2..8ae975744 100644
--- a/daemon/call.c
+++ b/daemon/call.c
@@ -1538,6 +1538,23 @@ static void __generate_crypto(const struct sdp_ng_flags *flags, struct call_medi
 		struct crypto_params_sdes *cps = cpq->head ? cpq->head->data : NULL;
 		struct crypto_params_sdes *cps_in = cpq_in->head ? cpq_in->head->data : NULL;
 		struct crypto_params_sdes *offered_cps = offered_cpq->head ? offered_cpq->head->data : NULL;
+
+		if (flags && flags->sdes_static && cps) {
+			// reverse logic: instead of looking for a matching crypto suite to put in
+			// our answer, we want to leave what we already had. however, this is only
+			// valid if the currently present crypto suite matches the offer
+			for (GList *l = cpq_in->head; l; l = l->next) {
+				struct crypto_params_sdes *check_cps = l->data;
+				if (check_cps->params.crypto_suite == cps->params.crypto_suite
+						&& check_cps->tag == cps->tag) {
+					ilogs(crypto, LOG_DEBUG, "Found matching existing crypto suite %u:%s",
+							check_cps->tag,
+							check_cps->params.crypto_suite->name);
+					goto cps_match;
+				}
+			}
+		}
+
 		if (offered_cps) {
 			ilogs(crypto, LOG_DEBUG, "Looking for matching crypto suite to offered %u:%s", offered_cps->tag,
 					offered_cps->params.crypto_suite->name);
@@ -1553,6 +1570,7 @@ static void __generate_crypto(const struct sdp_ng_flags *flags, struct call_medi
 				}
 			}
 		}
+cps_match:
 		if (cps_in && (!cps || cps->params.crypto_suite != cps_in->params.crypto_suite)) {
 			crypto_params_sdes_queue_clear(cpq);
 			cps = g_slice_alloc0(sizeof(*cps));
diff --git a/daemon/call_interfaces.c b/daemon/call_interfaces.c
index c3cbac10a..574edaf0c 100644
--- a/daemon/call_interfaces.c
+++ b/daemon/call_interfaces.c
@@ -521,6 +521,8 @@ INLINE char *bencode_get_alt(bencode_item_t *i, const char *one, const char *two
 }
 
 INLINE void ng_sdes_option(struct sdp_ng_flags *out, str *s, void *dummy) {
+	str_hyphenate(s);
+
 	if (call_ng_flags_prefix(out, s, "no-", call_ng_flags_str_ht, &out->sdes_no))
 		return;
 
@@ -561,6 +563,9 @@ INLINE void ng_sdes_option(struct sdp_ng_flags *out, str *s, void *dummy) {
 		case CSH_LOOKUP("pad"):
 			out->sdes_pad = 1;
 			break;
+		case CSH_LOOKUP("static"):
+			out->sdes_static = 1;
+			break;
 		default:
 			ilog(LOG_WARN, "Unknown 'SDES' flag encountered: '"STR_FORMAT"'",
 					STR_FMT(s));
diff --git a/include/call_interfaces.h b/include/call_interfaces.h
index 499aa3dde..d654e8815 100644
--- a/include/call_interfaces.h
+++ b/include/call_interfaces.h
@@ -125,6 +125,7 @@ struct sdp_ng_flags {
 	             sdes_authenticated_srtp:1,
 	             sdes_lifetime:1,
 	             sdes_pad:1,
+		     sdes_static:1,
 	             drop_traffic_start:1,
 	             drop_traffic_stop:1,
 	             passthrough_on:1,
diff --git a/t/auto-daemon-tests.pl b/t/auto-daemon-tests.pl
index 5b0dd40b9..77cbf6009 100755
--- a/t/auto-daemon-tests.pl
+++ b/t/auto-daemon-tests.pl
@@ -40,6 +40,274 @@ my ($sock_a, $sock_b, $sock_c, $sock_d, $port_a, $port_b, $ssrc, $ssrc_b, $resp,
 
 
 
+new_call;
+
+offer('SDES=static control',
+	{ DTLS => 'off' }, <<SDP);
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio 10000 RTP/SAVP 8
+c=IN IP4 198.51.100.1
+a=crypto:1 AEAD_AES_256_GCM inline:53P5CsePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+a=crypto:2 AEAD_AES_128_GCM inline:QAXb41skvhZaVzQgiJH+y+P9HCUSTnQWXcuieA
+a=crypto:3 AES_256_CM_HMAC_SHA1_80 inline:Ylhu0C+EN+fjasQ730KXQn/t+5vpKmhzs9TgWD1mvRiLHpwABTovh/pwpjjajg
+a=crypto:4 AES_256_CM_HMAC_SHA1_32 inline:QmwGdHm6/VLHA2Et6NFw4i3g4Ely6SG8cWHHo+xTPREMRr0lfDMvr1p7CyXrog
+a=crypto:5 AES_192_CM_HMAC_SHA1_80 inline:K/C34oakA6ko9ZsWyc90W/M/EEx+YFLu3qzxL2IdWXLulkPqDNE
+a=crypto:6 AES_192_CM_HMAC_SHA1_32 inline:ig3qPKCMyU9aCG4YSysTxthgr3FkVdD1pXKVVOOEFeGHgnb7MBk
+a=crypto:7 AES_CM_128_HMAC_SHA1_80 inline:Opr7g+J9VgQnRkCFNmL/0LP/dcF1Exu43qwiE0So
+a=crypto:8 AES_CM_128_HMAC_SHA1_32 inline:LTwX81FUDIqkdr+g9ogW8T/HRoGmZF5snF97QAPF
+a=crypto:9 F8_128_HMAC_SHA1_80 inline:sczm7mZYpQDbs5qGTMavRH89imN1tLcrJGJk+DG7
+a=crypto:10 F8_128_HMAC_SHA1_32 inline:Gh+eY01+Uvw7gAbstjR0l91ZzuMn4h5JE9jaBYFq
+a=crypto:11 NULL_HMAC_SHA1_80 inline:KPLgFC6jSYe7Xf7rVKi1zjm+CkfxLngL6L3o8kBu
+a=crypto:12 NULL_HMAC_SHA1_32 inline:8ia0Ba4FPS/Dow99pIdt8BLIsq6xo7wn5pWR6zXB
+----------------------------------
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio PORT RTP/SAVP 8
+c=IN IP4 203.0.113.1
+a=rtpmap:8 PCMA/8000
+a=sendrecv
+a=rtcp:PORT
+a=crypto:1 AEAD_AES_256_GCM inline:53P5CsePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+a=crypto:2 AEAD_AES_128_GCM inline:QAXb41skvhZaVzQgiJH+y+P9HCUSTnQWXcuieA
+a=crypto:3 AES_256_CM_HMAC_SHA1_80 inline:Ylhu0C+EN+fjasQ730KXQn/t+5vpKmhzs9TgWD1mvRiLHpwABTovh/pwpjjajg
+a=crypto:4 AES_256_CM_HMAC_SHA1_32 inline:QmwGdHm6/VLHA2Et6NFw4i3g4Ely6SG8cWHHo+xTPREMRr0lfDMvr1p7CyXrog
+a=crypto:5 AES_192_CM_HMAC_SHA1_80 inline:K/C34oakA6ko9ZsWyc90W/M/EEx+YFLu3qzxL2IdWXLulkPqDNE
+a=crypto:6 AES_192_CM_HMAC_SHA1_32 inline:ig3qPKCMyU9aCG4YSysTxthgr3FkVdD1pXKVVOOEFeGHgnb7MBk
+a=crypto:7 AES_CM_128_HMAC_SHA1_80 inline:Opr7g+J9VgQnRkCFNmL/0LP/dcF1Exu43qwiE0So
+a=crypto:8 AES_CM_128_HMAC_SHA1_32 inline:LTwX81FUDIqkdr+g9ogW8T/HRoGmZF5snF97QAPF
+a=crypto:9 F8_128_HMAC_SHA1_80 inline:sczm7mZYpQDbs5qGTMavRH89imN1tLcrJGJk+DG7
+a=crypto:10 F8_128_HMAC_SHA1_32 inline:Gh+eY01+Uvw7gAbstjR0l91ZzuMn4h5JE9jaBYFq
+a=crypto:11 NULL_HMAC_SHA1_80 inline:KPLgFC6jSYe7Xf7rVKi1zjm+CkfxLngL6L3o8kBu
+a=crypto:12 NULL_HMAC_SHA1_32 inline:8ia0Ba4FPS/Dow99pIdt8BLIsq6xo7wn5pWR6zXB
+SDP
+
+answer('SDES=static control',
+	{ }, <<SDP);
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio 20000 RTP/SAVP 8
+c=IN IP4 198.51.100.1
+a=crypto:1 AEAD_AES_256_GCM inline:555555ePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+----------------------------------
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio PORT RTP/SAVP 8
+c=IN IP4 203.0.113.1
+a=rtpmap:8 PCMA/8000
+a=sendrecv
+a=rtcp:PORT
+a=crypto:1 AEAD_AES_256_GCM inline:555555ePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+SDP
+
+offer('SDES=static control',
+	{ DTLS => 'off' }, <<SDP);
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio 10000 RTP/SAVP 8
+c=IN IP4 198.51.100.1
+a=crypto:1 AEAD_AES_256_GCM inline:53P5CsePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+a=crypto:2 AEAD_AES_128_GCM inline:QAXb41skvhZaVzQgiJH+y+P9HCUSTnQWXcuieA
+a=crypto:3 AES_256_CM_HMAC_SHA1_80 inline:Ylhu0C+EN+fjasQ730KXQn/t+5vpKmhzs9TgWD1mvRiLHpwABTovh/pwpjjajg
+a=crypto:4 AES_256_CM_HMAC_SHA1_32 inline:QmwGdHm6/VLHA2Et6NFw4i3g4Ely6SG8cWHHo+xTPREMRr0lfDMvr1p7CyXrog
+a=crypto:5 AES_192_CM_HMAC_SHA1_80 inline:K/C34oakA6ko9ZsWyc90W/M/EEx+YFLu3qzxL2IdWXLulkPqDNE
+a=crypto:6 AES_192_CM_HMAC_SHA1_32 inline:ig3qPKCMyU9aCG4YSysTxthgr3FkVdD1pXKVVOOEFeGHgnb7MBk
+a=crypto:7 AES_CM_128_HMAC_SHA1_80 inline:Opr7g+J9VgQnRkCFNmL/0LP/dcF1Exu43qwiE0So
+a=crypto:8 AES_CM_128_HMAC_SHA1_32 inline:LTwX81FUDIqkdr+g9ogW8T/HRoGmZF5snF97QAPF
+a=crypto:9 F8_128_HMAC_SHA1_80 inline:sczm7mZYpQDbs5qGTMavRH89imN1tLcrJGJk+DG7
+a=crypto:10 F8_128_HMAC_SHA1_32 inline:Gh+eY01+Uvw7gAbstjR0l91ZzuMn4h5JE9jaBYFq
+a=crypto:11 NULL_HMAC_SHA1_80 inline:KPLgFC6jSYe7Xf7rVKi1zjm+CkfxLngL6L3o8kBu
+a=crypto:12 NULL_HMAC_SHA1_32 inline:8ia0Ba4FPS/Dow99pIdt8BLIsq6xo7wn5pWR6zXB
+----------------------------------
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio PORT RTP/SAVP 8
+c=IN IP4 203.0.113.1
+a=rtpmap:8 PCMA/8000
+a=sendrecv
+a=rtcp:PORT
+a=crypto:1 AEAD_AES_256_GCM inline:53P5CsePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+a=crypto:2 AEAD_AES_128_GCM inline:QAXb41skvhZaVzQgiJH+y+P9HCUSTnQWXcuieA
+a=crypto:3 AES_256_CM_HMAC_SHA1_80 inline:Ylhu0C+EN+fjasQ730KXQn/t+5vpKmhzs9TgWD1mvRiLHpwABTovh/pwpjjajg
+a=crypto:4 AES_256_CM_HMAC_SHA1_32 inline:QmwGdHm6/VLHA2Et6NFw4i3g4Ely6SG8cWHHo+xTPREMRr0lfDMvr1p7CyXrog
+a=crypto:5 AES_192_CM_HMAC_SHA1_80 inline:K/C34oakA6ko9ZsWyc90W/M/EEx+YFLu3qzxL2IdWXLulkPqDNE
+a=crypto:6 AES_192_CM_HMAC_SHA1_32 inline:ig3qPKCMyU9aCG4YSysTxthgr3FkVdD1pXKVVOOEFeGHgnb7MBk
+a=crypto:7 AES_CM_128_HMAC_SHA1_80 inline:Opr7g+J9VgQnRkCFNmL/0LP/dcF1Exu43qwiE0So
+a=crypto:8 AES_CM_128_HMAC_SHA1_32 inline:LTwX81FUDIqkdr+g9ogW8T/HRoGmZF5snF97QAPF
+a=crypto:9 F8_128_HMAC_SHA1_80 inline:sczm7mZYpQDbs5qGTMavRH89imN1tLcrJGJk+DG7
+a=crypto:10 F8_128_HMAC_SHA1_32 inline:Gh+eY01+Uvw7gAbstjR0l91ZzuMn4h5JE9jaBYFq
+a=crypto:11 NULL_HMAC_SHA1_80 inline:KPLgFC6jSYe7Xf7rVKi1zjm+CkfxLngL6L3o8kBu
+a=crypto:12 NULL_HMAC_SHA1_32 inline:8ia0Ba4FPS/Dow99pIdt8BLIsq6xo7wn5pWR6zXB
+SDP
+
+answer('SDES=static control',
+	{ }, <<SDP);
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio 20000 RTP/SAVP 8
+c=IN IP4 198.51.100.1
+a=crypto:7 AES_CM_128_HMAC_SHA1_80 inline:O3333333333nRkCFNmL/0LP/dcF1Exu43qwiE0So
+----------------------------------
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio PORT RTP/SAVP 8
+c=IN IP4 203.0.113.1
+a=rtpmap:8 PCMA/8000
+a=sendrecv
+a=rtcp:PORT
+a=crypto:7 AES_CM_128_HMAC_SHA1_80 inline:O3333333333nRkCFNmL/0LP/dcF1Exu43qwiE0So
+SDP
+
+
+
+offer('SDES=static',
+	{ DTLS => 'off' }, <<SDP);
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio 10000 RTP/SAVP 8
+c=IN IP4 198.51.100.1
+a=crypto:1 AEAD_AES_256_GCM inline:53P5CsePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+a=crypto:2 AEAD_AES_128_GCM inline:QAXb41skvhZaVzQgiJH+y+P9HCUSTnQWXcuieA
+a=crypto:3 AES_256_CM_HMAC_SHA1_80 inline:Ylhu0C+EN+fjasQ730KXQn/t+5vpKmhzs9TgWD1mvRiLHpwABTovh/pwpjjajg
+a=crypto:4 AES_256_CM_HMAC_SHA1_32 inline:QmwGdHm6/VLHA2Et6NFw4i3g4Ely6SG8cWHHo+xTPREMRr0lfDMvr1p7CyXrog
+a=crypto:5 AES_192_CM_HMAC_SHA1_80 inline:K/C34oakA6ko9ZsWyc90W/M/EEx+YFLu3qzxL2IdWXLulkPqDNE
+a=crypto:6 AES_192_CM_HMAC_SHA1_32 inline:ig3qPKCMyU9aCG4YSysTxthgr3FkVdD1pXKVVOOEFeGHgnb7MBk
+a=crypto:7 AES_CM_128_HMAC_SHA1_80 inline:Opr7g+J9VgQnRkCFNmL/0LP/dcF1Exu43qwiE0So
+a=crypto:8 AES_CM_128_HMAC_SHA1_32 inline:LTwX81FUDIqkdr+g9ogW8T/HRoGmZF5snF97QAPF
+a=crypto:9 F8_128_HMAC_SHA1_80 inline:sczm7mZYpQDbs5qGTMavRH89imN1tLcrJGJk+DG7
+a=crypto:10 F8_128_HMAC_SHA1_32 inline:Gh+eY01+Uvw7gAbstjR0l91ZzuMn4h5JE9jaBYFq
+a=crypto:11 NULL_HMAC_SHA1_80 inline:KPLgFC6jSYe7Xf7rVKi1zjm+CkfxLngL6L3o8kBu
+a=crypto:12 NULL_HMAC_SHA1_32 inline:8ia0Ba4FPS/Dow99pIdt8BLIsq6xo7wn5pWR6zXB
+----------------------------------
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio PORT RTP/SAVP 8
+c=IN IP4 203.0.113.1
+a=rtpmap:8 PCMA/8000
+a=sendrecv
+a=rtcp:PORT
+a=crypto:1 AEAD_AES_256_GCM inline:53P5CsePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+a=crypto:2 AEAD_AES_128_GCM inline:QAXb41skvhZaVzQgiJH+y+P9HCUSTnQWXcuieA
+a=crypto:3 AES_256_CM_HMAC_SHA1_80 inline:Ylhu0C+EN+fjasQ730KXQn/t+5vpKmhzs9TgWD1mvRiLHpwABTovh/pwpjjajg
+a=crypto:4 AES_256_CM_HMAC_SHA1_32 inline:QmwGdHm6/VLHA2Et6NFw4i3g4Ely6SG8cWHHo+xTPREMRr0lfDMvr1p7CyXrog
+a=crypto:5 AES_192_CM_HMAC_SHA1_80 inline:K/C34oakA6ko9ZsWyc90W/M/EEx+YFLu3qzxL2IdWXLulkPqDNE
+a=crypto:6 AES_192_CM_HMAC_SHA1_32 inline:ig3qPKCMyU9aCG4YSysTxthgr3FkVdD1pXKVVOOEFeGHgnb7MBk
+a=crypto:7 AES_CM_128_HMAC_SHA1_80 inline:Opr7g+J9VgQnRkCFNmL/0LP/dcF1Exu43qwiE0So
+a=crypto:8 AES_CM_128_HMAC_SHA1_32 inline:LTwX81FUDIqkdr+g9ogW8T/HRoGmZF5snF97QAPF
+a=crypto:9 F8_128_HMAC_SHA1_80 inline:sczm7mZYpQDbs5qGTMavRH89imN1tLcrJGJk+DG7
+a=crypto:10 F8_128_HMAC_SHA1_32 inline:Gh+eY01+Uvw7gAbstjR0l91ZzuMn4h5JE9jaBYFq
+a=crypto:11 NULL_HMAC_SHA1_80 inline:KPLgFC6jSYe7Xf7rVKi1zjm+CkfxLngL6L3o8kBu
+a=crypto:12 NULL_HMAC_SHA1_32 inline:8ia0Ba4FPS/Dow99pIdt8BLIsq6xo7wn5pWR6zXB
+SDP
+
+answer('SDES=static',
+	{ }, <<SDP);
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio 20000 RTP/SAVP 8
+c=IN IP4 198.51.100.1
+a=crypto:1 AEAD_AES_256_GCM inline:555555ePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+----------------------------------
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio PORT RTP/SAVP 8
+c=IN IP4 203.0.113.1
+a=rtpmap:8 PCMA/8000
+a=sendrecv
+a=rtcp:PORT
+a=crypto:1 AEAD_AES_256_GCM inline:555555ePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+SDP
+
+offer('SDES=static',
+	{ DTLS => 'off' }, <<SDP);
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio 10000 RTP/SAVP 8
+c=IN IP4 198.51.100.1
+a=crypto:1 AEAD_AES_256_GCM inline:53P5CsePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+a=crypto:2 AEAD_AES_128_GCM inline:QAXb41skvhZaVzQgiJH+y+P9HCUSTnQWXcuieA
+a=crypto:3 AES_256_CM_HMAC_SHA1_80 inline:Ylhu0C+EN+fjasQ730KXQn/t+5vpKmhzs9TgWD1mvRiLHpwABTovh/pwpjjajg
+a=crypto:4 AES_256_CM_HMAC_SHA1_32 inline:QmwGdHm6/VLHA2Et6NFw4i3g4Ely6SG8cWHHo+xTPREMRr0lfDMvr1p7CyXrog
+a=crypto:5 AES_192_CM_HMAC_SHA1_80 inline:K/C34oakA6ko9ZsWyc90W/M/EEx+YFLu3qzxL2IdWXLulkPqDNE
+a=crypto:6 AES_192_CM_HMAC_SHA1_32 inline:ig3qPKCMyU9aCG4YSysTxthgr3FkVdD1pXKVVOOEFeGHgnb7MBk
+a=crypto:7 AES_CM_128_HMAC_SHA1_80 inline:Opr7g+J9VgQnRkCFNmL/0LP/dcF1Exu43qwiE0So
+a=crypto:8 AES_CM_128_HMAC_SHA1_32 inline:LTwX81FUDIqkdr+g9ogW8T/HRoGmZF5snF97QAPF
+a=crypto:9 F8_128_HMAC_SHA1_80 inline:sczm7mZYpQDbs5qGTMavRH89imN1tLcrJGJk+DG7
+a=crypto:10 F8_128_HMAC_SHA1_32 inline:Gh+eY01+Uvw7gAbstjR0l91ZzuMn4h5JE9jaBYFq
+a=crypto:11 NULL_HMAC_SHA1_80 inline:KPLgFC6jSYe7Xf7rVKi1zjm+CkfxLngL6L3o8kBu
+a=crypto:12 NULL_HMAC_SHA1_32 inline:8ia0Ba4FPS/Dow99pIdt8BLIsq6xo7wn5pWR6zXB
+----------------------------------
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio PORT RTP/SAVP 8
+c=IN IP4 203.0.113.1
+a=rtpmap:8 PCMA/8000
+a=sendrecv
+a=rtcp:PORT
+a=crypto:1 AEAD_AES_256_GCM inline:53P5CsePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+a=crypto:2 AEAD_AES_128_GCM inline:QAXb41skvhZaVzQgiJH+y+P9HCUSTnQWXcuieA
+a=crypto:3 AES_256_CM_HMAC_SHA1_80 inline:Ylhu0C+EN+fjasQ730KXQn/t+5vpKmhzs9TgWD1mvRiLHpwABTovh/pwpjjajg
+a=crypto:4 AES_256_CM_HMAC_SHA1_32 inline:QmwGdHm6/VLHA2Et6NFw4i3g4Ely6SG8cWHHo+xTPREMRr0lfDMvr1p7CyXrog
+a=crypto:5 AES_192_CM_HMAC_SHA1_80 inline:K/C34oakA6ko9ZsWyc90W/M/EEx+YFLu3qzxL2IdWXLulkPqDNE
+a=crypto:6 AES_192_CM_HMAC_SHA1_32 inline:ig3qPKCMyU9aCG4YSysTxthgr3FkVdD1pXKVVOOEFeGHgnb7MBk
+a=crypto:7 AES_CM_128_HMAC_SHA1_80 inline:Opr7g+J9VgQnRkCFNmL/0LP/dcF1Exu43qwiE0So
+a=crypto:8 AES_CM_128_HMAC_SHA1_32 inline:LTwX81FUDIqkdr+g9ogW8T/HRoGmZF5snF97QAPF
+a=crypto:9 F8_128_HMAC_SHA1_80 inline:sczm7mZYpQDbs5qGTMavRH89imN1tLcrJGJk+DG7
+a=crypto:10 F8_128_HMAC_SHA1_32 inline:Gh+eY01+Uvw7gAbstjR0l91ZzuMn4h5JE9jaBYFq
+a=crypto:11 NULL_HMAC_SHA1_80 inline:KPLgFC6jSYe7Xf7rVKi1zjm+CkfxLngL6L3o8kBu
+a=crypto:12 NULL_HMAC_SHA1_32 inline:8ia0Ba4FPS/Dow99pIdt8BLIsq6xo7wn5pWR6zXB
+SDP
+
+answer('SDES=static',
+	{ SDES => ['static'] }, <<SDP);
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio 20000 RTP/SAVP 8
+c=IN IP4 198.51.100.1
+a=crypto:7 AES_CM_128_HMAC_SHA1_80 inline:O3333333333nRkCFNmL/0LP/dcF1Exu43qwiE0So
+----------------------------------
+v=0
+o=- 1545997027 1 IN IP4 198.51.101.40
+s=tester
+t=0 0
+m=audio PORT RTP/SAVP 8
+c=IN IP4 203.0.113.1
+a=rtpmap:8 PCMA/8000
+a=sendrecv
+a=rtcp:PORT
+a=crypto:1 AEAD_AES_256_GCM inline:555555ePy3hFUcuqsizkCnTE+4OKa1cOGa2WXHjoN19ifpweerTLaj+9vxc
+SDP
+
 new_call;
 
 ($port_a, undef, $ufrag_a) = offer('ICE re-invite',