[gnutls-devel] Incorrect handshake message if MKI is specified for SRTP extension

Gábor Tatárka Gabor.Tatarka at ericsson.com
Mon Jul 8 16:20:54 CEST 2013


I'm trying to use gnutls 3.2.1 for DTLS-SRTP. The handshake seems to work fine if no MKI (master key identifier) is set. However, if I set an MKI (master key identifier) via gnutls_srtp_set_mki, the encoded message contains an incorrect size for the use_srtp extension. The length of the MKI is not included. This makes the receiving entity fail to decode the handshake message.

The error itself is in the function _gnutls_srtp_send_params found in lib/ext/srtp.c. This function returns total_size + 1, but it should return total_size + 1 + priv->mki_size.
I've checked the gnutls git repository and this bug is still there. Please see the attached patch file for a fix.

Gabor Tatarka
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20130708/35398334/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: srtp_mki.patch
Type: application/octet-stream
Size: 365 bytes
Desc: srtp_mki.patch
URL: </pipermail/attachments/20130708/35398334/attachment.obj>

More information about the Gnutls-devel mailing list