It may be necessary to add control codes to the creation of srtp_in or srtp_out to distinguish between DTLS_SRTP_ROLE_SERVER and DTLS_SRTP_ROLE_CLIENT #143
mbedtls_ssl_tls_prf exports keying material. log prints as below:
DTLS-SRTP key material is:
2d 54 62 f7 3a 26 d8 23
b6 88 58 c8 d2 19 61 d4
a2 9b ad f3 67 ec 71 31
30 73 4a a3 08 61 d7 ee
9b e7 2b 85 63 c0 10 5b
9b 5d c4 6c 31 ea a0 1a
06 fc fe bb 67 fe 9b ee
2c 10 b5 ba
Keying material: 2D5462F73A26D823B68858C8D21961D4A29BADF367EC713130734AA30861D7EE9BE72B8563C0105B9B5DC46C31EAA01A06FCFEBB67FE9BEE2C10B5BA
Client A(DTLS_SRTP_ROLE_SERVER) and Client B(DTLS_SRTP_ROLE_CLIENT) obtain the same keying material as above.
So,
remote_policy_key would be:
2d 54 62 f7 3a 26 d8 23
b6 88 58 c8 d2 19 61 d4 ...
and,
local_policy_key would be:
a2 9b ad f3 67 ec 71 31
30 73 4a a3 08 61 d7 ee ...
When Client A(DTLS_SRTP_ROLE_SERVER) uses remote_policy_key to create srtp_in, and uses local_policy_key to create srtp_out.(means srtp_protect would use local_policy_key 'a2 9b ad f3 ... ')
May be:
Then Client B(DTLS_SRTP_ROLE_CLIENT) may need to use local_policy_key to create srtp_in, and uses remote_policy_key to create srtp_out.
(means srtp_unprotect would use local_policy_key 'a2 9b ad f3 ... ')
This way Client A and Client B can correctly call srtp_protect/srtp_unprotect with the correct auth-key.
So, what I suggest is, may be can control codes to the creation of srtp_in or srtp_out to distinguish between DTLS_SRTP_ROLE_SERVER and DTLS_SRTP_ROLE_CLIENT:
sepfy
commented
1 week ago
mbedtls_ssl_tls_prf exports keying material. log prints as below:
DTLS-SRTP key material is: 2d 54 62 f7 3a 26 d8 23 b6 88 58 c8 d2 19 61 d4 a2 9b ad f3 67 ec 71 31 30 73 4a a3 08 61 d7 ee 9b e7 2b 85 63 c0 10 5b 9b 5d c4 6c 31 ea a0 1a 06 fc fe bb 67 fe 9b ee 2c 10 b5 ba Keying material: 2D5462F73A26D823B68858C8D21961D4A29BADF367EC713130734AA30861D7EE9BE72B8563C0105B9B5DC46C31EAA01A06FCFEBB67FE9BEE2C10B5BA
Client A(DTLS_SRTP_ROLE_SERVER) and Client B(DTLS_SRTP_ROLE_CLIENT) obtain the same keying material as above.
So, remote_policy_key would be: 2d 54 62 f7 3a 26 d8 23 b6 88 58 c8 d2 19 61 d4 ... and, local_policy_key would be: a2 9b ad f3 67 ec 71 31 30 73 4a a3 08 61 d7 ee ...
When Client A(DTLS_SRTP_ROLE_SERVER) uses remote_policy_key to create srtp_in, and uses local_policy_key to create srtp_out.(means srtp_protect would use local_policy_key 'a2 9b ad f3 ... ') May be: Then Client B(DTLS_SRTP_ROLE_CLIENT) may need to use local_policy_key to create srtp_in, and uses remote_policy_key to create srtp_out. (means srtp_unprotect would use local_policy_key 'a2 9b ad f3 ... ') This way Client A and Client B can correctly call srtp_protect/srtp_unprotect with the correct auth-key.
So, what I suggest is, may be can control codes to the creation of srtp_in or srtp_out to distinguish between DTLS_SRTP_ROLE_SERVER and DTLS_SRTP_ROLE_CLIENT:
dtls_srtp->remote_policy.key = (dtls_srtp->role == DTLS_SRTP_ROLE_SERVER) ? dtls_srtp->remote_policy_key : dtls_srtp->local_policy_key; dtls_srtp->local_policy.key = (dtls_srtp->role == DTLS_SRTP_ROLE_SERVER) ? dtls_srtp->local_policy_key : dtls_srtp->remote_policy_key;
Above I tested and worked fine. But may be uncorrect, you might judge it for sure.