[PATCH v2 1/2] Add support for DTLS-SRTP profile negotiation (RFC 5764)

Nikos Mavrogiannopoulos nmav at gnutls.org
Fri Nov 2 00:01:46 CET 2012


On 11/01/2012 04:31 PM, Martin Storsjö wrote:


> Based on my reading of RFC 5764, one doesn't set any extra context data
> for the extractor, only the label. Or this is at least my interpretation
> of "The per-association context value is empty." in section 4.2 in RFC
> 5764 - the one only extracts one single blob of data using the PRF of
> the length given in that section (2 master keys and 2 master salts).

Hello,
 I'm confused on what is a master key. For example the RFC lists:
   SRTP_NULL_HMAC_SHA1_80
         cipher: NULL
         cipher_key_length: 0
         cipher_salt_length: 0
         maximum_lifetime: 2^31
         auth_function: HMAC-SHA1
         auth_key_length: 160
         auth_tag_length: 80

but there is no master key size there. Is the master key size negotiated
through other means?

regards,
Nikos




More information about the Gnutls-devel mailing list