Authentication error return by srtp_unprotect for AES CM 256 HMAC SHA1 80

[Steven1240]

Hi:

I am testing the test/rtp_decoder.c with AES 128 CM & AES 256 CM, both with auth with HMAC SHA1 80. Everything is OK for AES 128 but Authentication error return by srtp_unprotect for AES 256.

The input file is pcap file generated by tcpdump, and master key/master salt get from log files. p2p_aes128.srtp.pcap : pcap file for aes_cm_128_hmac_sha1_80. p2p_aes256.srtp.pcap : pcap file for aes_cm_256_hmac_sha1_80. The pcap files is filtered from raw tcpdump pcap file from scratch to end of conversation and could be open by wireshark (set decoded as RTP).

The output log file is generated by redirection of stderr, shown in command below: aes128_decode.log : output log file for aes_cm_128_hmac_sha1_80 aes256_decode.log : output log file for aes_cm_256_hmac_sha1_80

master key and master salt get from application log, the application is generated by libsrtp.

decode with aes_cm_128_hmac_sha1_80

... master key for SRTP session:  a7 99 73 23 cd 20 c1 76 9e f1 9b e0 28 02 a3 1e
... master salt key for SRTP session:  a9 fe b7 9d ed 46 cd 13 22 57 3f 21 bd c3

invoke cmd in linux to decode rtp pcap file: $ ./rtp_decoder -a -o 46 -t 10 -e 128 -k a7997323cd20c1769ef19be02802a31ea9feb79ded46cd1322573f21bdc3 -d "srtp" < p2p_aes128.srtp.pcap 2> aes128_decode.log

From aes128_decode.log, auth tags matched.

=======================================

decode with aes_cm_256_hmac_sha1_80

... master key for SRTP session:  54 e8 56 ff db 84 fc 51 e2 93 55 62 77 f6 78 e9 04 5a 87 f1 80 10 bd c9 d1 c7 50 84 54 da 25 5a
... master salt key for SRTP session:  f6 63 60 7a 0b cf b8 35 b4 a7 90 b6 9a 35

invoke cmd in linux to decode rtp pcap file: $ ./rtp_decoder -a -o 46 -t 10 -e 256 -k 54e856ffdb84fc51e293556277f678e9045a87f18010bdc9d1c7508454da255af663607a0bcfb835b4a790b69a35 -d srtp < p2p_aes256.srtp.pcap 2>aes256_decode.log

From aes256_decode.log, auth tags mismatched.

======================================

My question is how to fix the Authentication error for AES 256. I could not find any other options for rtp_decoder.

Thanks aes256_auth_error.zip

[Steven1240]

aes256_decode.log aes128_decode.log

[pabuhler]

hi @Steven1240, I could reproduce the error with the data you provided but if I did the same test on a pcap that I created then it manages to decode fine. srtp_aes_256.zip ./rtp_decoder -a -o 42 -t 10 -e 256 -k f0f04914b513f2763a1b1fa130f10e2998f6f6e43e4309d1e622a0e332b9f1b63b04803de51ee7c96423ab5b78d2 -d srtp < srtp_aes_256.pcap

Are you sure the key is correct ? If you can create a complete example that shows the problem, or at least include the original pliantext, I could look some more. What version of libsrtp was used to encrypt the data ?

[Steven1240]

Hi @pabuhler

some error exists in master key or master salt data. re-generate aes256 and key/salt data and re-invoke rtp_decoder, and get no error. The previous error caused from the incorrect key/salt. p3p_aes256.srtp.pcap.zip

Thanks for you support.

./rtp_decoder -a -o 46 -t 10 -e 256 -k 72A8B2209A62DC3410301A78BE3D9A57CD9271E07FC62D12E4A1BC6B52EECAE95810C7F77EDB2670ED48D408984B < p3p_aes256.srtp.pcap

[pabuhler]

ok, I will close this then