[PATCH v2 1/2] Add support for DTLS-SRTP profile negotiation (RFC 5764)

Martin Storsjö martin at martin.st
Fri Nov 2 00:22:19 CET 2012

On Fri, 2 Nov 2012, Nikos Mavrogiannopoulos wrote:

> On 11/01/2012 04:31 PM, Martin Storsjö wrote:
>> Based on my reading of RFC 5764, one doesn't set any extra context data
>> for the extractor, only the label. Or this is at least my interpretation
>> of "The per-association context value is empty." in section 4.2 in RFC
>> 5764 - the one only extracts one single blob of data using the PRF of
>> the length given in that section (2 master keys and 2 master salts).
> Hello,
> I'm confused on what is a master key. For example the RFC lists:
>         cipher: NULL
>         cipher_key_length: 0
>         cipher_salt_length: 0
>         maximum_lifetime: 2^31
>         auth_function: HMAC-SHA1
>         auth_key_length: 160
>         auth_tag_length: 80
> but there is no master key size there. Is the master key size negotiated
> through other means?

No, the master key size isn't negotiated through other means, it's 
specified in RFC 3711 section 8.2.

The gnutls_srtp_get_keys function you implemented looks correct to me, 
I'll verify it against an existing implementation of DTLS-SRTP as soon as 
I get my hands on one.

// Martin

More information about the Gnutls-devel mailing list