E2EE: allow setting key_ring_size and key_derivation_algorithm#921
Conversation
onestacked
force-pushed
the
EC-compat-changes-webrtc-change
branch
from
a15edf5 to
379961f
Compare
|
Now based on webrtc-sdk/webrtc#224 |
onestacked
changed the title
onestacked
changed the title
|
webrtc-sdk/webrtc#224 is now merged, this will only need a new webrtc-sdk build and update to that. (once thats done I'll look into why node fails. |
|
Please, keep going, @onestacked !! :) |
|
This is mosly waiting for review and the WebRTC build to be done. |
|
@theomonnom , @typester , I hope you would forgive me for pinging you directly. I'm just a person who wants to help a very needed work from @onestacked to make to your product. |
|
We've been running a production deployment with an equivalent patch set for about three weeks now — a Matrix bot that joins Element Call rooms via LiveKit, decrypts E2EE audio, and transcribes it. Our patches target the same layers (webrtc C++ → webrtc-sys → livekit crates → livekit-ffi) and the approach is functionally identical: branch on a KeyDerivationAlgorithm enum in DeriveKeys(), call BoringSSL's HKDF() with EVP_sha256(), and thread the option through the Rust/FFI stack. Happy to help test once the new webrtc-sdk release unblocks this. Looking forward to dropping our custom .so build. |
|
Webrtc-sdk has just been rebased to a new upstream release: webrtc-sdk/webrtc#217 so livekit will probably update fairly soon. |
that's nice @maxinflection that MatrixRTC is getting traction around the matrix rust-sdk. I think the community would be really interested in your project. So yes please share your stuff :-) |
onestacked
force-pushed
the
EC-compat-changes-webrtc-change
branch
from
a775d90 to
303b040
Compare
onestacked
changed the title
onestacked
force-pushed
the
EC-compat-changes-webrtc-change
branch
from
303b040 to
229e2bb
Compare
|
I'm not sure why the FFI Proto fails on checkout? I don't think any change should effect this. |
|
Also let me know if you want my PR split, as it now does |
onestacked
force-pushed
the
EC-compat-changes-webrtc-change
branch
from
229e2bb to
6f225c3
Compare
onestacked
force-pushed
the
EC-compat-changes-webrtc-change
branch
from
6f225c3 to
6856cd4
Compare
onestacked
changed the title
> [!IMPORTANT] > Merging this pull request will create these releases # libwebrtc 0.3.27 (2026-03-22) ## Features ### E2EE: allow setting key_ring_size and key_derivation_algorithm, update webrtc to m144 #921 by @onestacked This PR uses [this webrtc-sdk PR](webrtc-sdk/webrtc#224) to configure the KDF. I've tested this with https://codeberg.org/esoteric_programmer/matrix-jukebox and it is compatible with Element Call. Fixed: #796 ## Fixes - Fix H.264 codec matching ### add bounded buffer to audio_stream, and use 10 frames as the default #945 by @xianshijing-lk ### fix clang build issue from zed patches (#949) #950 by @cloudwebrtc * webrtc-sys: Use clang instead of gcc * Debug CI output for aarch64-linux * ci: Install lld for aarch64-linux FFI builders * webrtc-sys: Disable CREL # livekit 0.7.34 (2026-03-22) ## Features ### E2EE: allow setting key_ring_size and key_derivation_algorithm, update webrtc to m144 #921 by @onestacked This PR uses [this webrtc-sdk PR](webrtc-sdk/webrtc#224) to configure the KDF. I've tested this with https://codeberg.org/esoteric_programmer/matrix-jukebox and it is compatible with Element Call. Fixed: #796 ## Fixes - Add disconnectReason to Room::close - End-to-end testing for video streams - Fix H.264 codec matching ### add bounded buffer to audio_stream, and use 10 frames as the default #945 by @xianshijing-lk ### fix PC timeout when connecting with can_subscribe=false #955 by @s-hamdananwar When a participant connects with `canSubscribe=false` in their token, the server sends `subscriber_primary=false` in the JoinResponse and does not send a subscriber offer. This results in `wait_pc_connection` timing out as it is expecting a subscriber PC even when the publisher PC is primary. This PR will skip waiting for subscriber PC when `subscriber_primary=false`. ### Send client os and os_version from rust #952 by @MaxHeimbrock Adds [os_info](https://crates.io/crates/os_info) crate as dependency and sends the data for client connections. # livekit-ffi 0.12.50 (2026-03-22) ## Features ### E2EE: allow setting key_ring_size and key_derivation_algorithm, update webrtc to m144 #921 by @onestacked This PR uses [this webrtc-sdk PR](webrtc-sdk/webrtc#224) to configure the KDF. I've tested this with https://codeberg.org/esoteric_programmer/matrix-jukebox and it is compatible with Element Call. Fixed: #796 ## Fixes - Fix H.264 codec matching ### add bounded buffer to audio_stream, and use 10 frames as the default #945 by @xianshijing-lk ### Send client os and os_version from rust #952 by @MaxHeimbrock Adds [os_info](https://crates.io/crates/os_info) crate as dependency and sends the data for client connections. # webrtc-sys 0.3.25 (2026-03-22) ## Fixes - fix: enable AGC2 adaptive digital controller - Fix H.264 codec matching ### E2EE: allow setting key_ring_size and key_derivation_algorithm, update webrtc to m144 #921 by @onestacked This PR uses [this webrtc-sdk PR](webrtc-sdk/webrtc#224) to configure the KDF. I've tested this with https://codeberg.org/esoteric_programmer/matrix-jukebox and it is compatible with Element Call. Fixed: #796 ### fix clang build issue from zed patches (#949) #950 by @cloudwebrtc * webrtc-sys: Use clang instead of gcc * Debug CI output for aarch64-linux * ci: Install lld for aarch64-linux FFI builders * webrtc-sys: Disable CREL # livekit-datatrack 0.1.1 (2026-03-22) ## Features - Initial release. # webrtc-sys-build 0.3.14 (2026-03-22) ## Fixes ### fix: Bump webrtc build to fix build for Android JNI prefixed. #954 by @cloudwebrtc ### fix clang build issue from zed patches (#949) #950 by @cloudwebrtc * webrtc-sys: Use clang instead of gcc * Debug CI output for aarch64-linux * ci: Install lld for aarch64-linux FFI builders * webrtc-sys: Disable CREL # livekit-protocol 0.7.2 (2026-03-22) ## Fixes - Add disconnectReason to Room::close # livekit-api 0.4.16 (2026-03-22) ## Fixes ### Send client os and os_version from rust #952 by @MaxHeimbrock Adds [os_info](https://crates.io/crates/os_info) crate as dependency and sends the data for client connections. Co-authored-by: knope-bot[bot] <152252888+knope-bot[bot]@users.noreply.github.com>
5 participants
This PR uses this webrtc-sdk PR to configure the KDF, instead of just overwriting the derived key afterwards. This should also now properly support KeyRatcheting.
I've tested this with https://codeberg.org/esoteric_programmer/matrix-jukebox and it is compatible with Element Call.
Fixes: #796