[kruhft]

Might be a good idea. After a quick look at the first link, the key is passed in the opt structure. It's generated before the call to pjmedia_transport_srtp_create. I'll keep looking and see if I can find where it's actually generated.

[kruhft]

Might be a good idea. I took a look at the latest 1.* and 2.* version; they look to be using the libsrtp prng for their key generation, so it should be good. The behaviour I was seeing was that the keys coming from the client I was testing with did not ever have any null characters in them, which lead me to believe the keys were only in the ascii range. I'm not sure what type of freedom pjsip gives for key generation; maybe it was a problem with the client I was testing. Looking over the pjsip code it looks to be ok (see generate_crypto_attr_value in trannsport_srtp.c to see the key generation using crypto_get_random).