On Monday, June 19, 2023 at 11:44:46 a.m. EDT, Pascal Bühler (pabuhler) <pabuhler@cisco.com> wrote:

It needs to be built with it: https://github.com/cisco/libsrtp#installing-and-building-libsrtp

I am not familiar with what the rpm does, I would have thought it used openssl already otherwise what is the point.

pascal

From: lmcdasi@yahoo.com <lmcdasi@yahoo.com>
Sent: Monday, June 19, 2023 4:59 PM
To: libsrtp@lists.packetizer.com <libsrtp@lists.packetizer.com>; Paul E. Jones <paulej@packetizer.com>; Pascal Bühler (pabuhler) <pabuhler@cisco.com>
Subject: Re: [libsrtp] Q: libsrtp debug

Thank you for your answers. Do you have any links describing how I can use openssl with libsrtp ? I've seen the build options.

I'm currently using the default rpm from ubuntu jammy.

BR,

Dan S.

On Monday, June 19, 2023 at 10:08:02 a.m. EDT, Pascal Bühler (pabuhler) <pabuhler@cisco.com> wrote:

It should not be a compatibility issue as long as you use the same cipher suite combination in the policy.

In general, though I would suggest using openssl with libsrtp.

It might be your key or some other config that is not matching.

The best is to have some kind of test setup with predicable outcomes when debugging auth/encryption failures.

good luck.

From: lmcdasi@yahoo.com <lmcdasi@yahoo.com>
Sent: Monday, June 19, 2023 4:00 PM
To: libsrtp@lists.packetizer.com <libsrtp@lists.packetizer.com>; Paul E. Jones <paulej@packetizer.com>; Pascal Bühler (pabuhler) <pabuhler@cisco.com>
Subject: Re: [libsrtp] Q: libsrtp debug

Thank you. I finally figure out that I had a JNA memory map issue in srtp_policy_t. The deprecated_ekt was set to null. Now I'm getting an SRTP_ERR_STATUS_AUTH_FAIL failure. I think I pass the key properly tough I might be wrong.

I'm sending audio using gstreamer. The 'srtpenc' plugin is using OpenSSL to encrypt the audio pkt.

I'm wondering if I have some form of incompatibility between the openssl encryption used by gstreamer and libsrtp. I have seen that libsrtp can use openssl but I do not know if there is any extra setup.

If this is not a concern then I need to focus on the key ....

BR,

Dan S.

On Friday, June 16, 2023 at 03:50:53 a.m. EDT, Pascal Bühler (pabuhler) <pabuhler@cisco.com> wrote:

Hi,

The best would be to recreate with simple c code, ie find out the values you pass and try to reproduce.

Bad param is returned from a lot of places so it is hard for use to guess what you are doing.

Enabling some debug is an option to try and help isolate the issue, but a reproducible test case would be the best.

pascal

From: libsrtp <libsrtp-bounces@lists.packetizer.com> on behalf of lmcdasi--- via libsrtp <libsrtp@lists.packetizer.com>
Sent: Friday, June 16, 2023 2:08 AM
To: libsrtp@lists.packetizer.com <libsrtp@lists.packetizer.com>; Paul E. Jones <paulej@packetizer.com>
Subject: Re: [libsrtp] Q: libsrtp debug

It is the 2nd parameter because if I call in the java intelij debugger srtp_create(session, null) it works.

I did print the policy .... it is not null & the deprecated field == null so it cannot be that bad param.

I do call:

libSrtp.srtp_crypto_policy_set_rtp_default(rtpCryptoPolicy);

libSrtp.srtp_crypto_policy_set_rtp_default(rtcpCryptoPolicy);

I did look at the 'C' code and unless I miss something I think I got the correct values and srtp_valid_policy should not fail with BAD_PARAM there. Then, I did:

rtpCryptoPolicy.setSec_serv(SrtpSecServ.sec_serv_conf_and_auth.getValue()); // I was unable so far to map the enum with jna thus I used the enum - int conversion

rtcpCryptoPolicy.setSec_serv(SrtpSecServ.sec_serv_none.getValue());

final var srtpPolicy = new srtp_policy_t();

srtpPolicy.setAllow_repeat_tx(0);

srtpPolicy.setRtp(rtpCryptoPolicy);

srtpPolicy.setRtcp(rtcpCryptoPolicy);

srtpPolicy.setKey(srtpKey);

srtpPolicy.setWindow_size(128);

So far - I think I match the +/- same steps as the test/rtpdecoder.c

But then the session is created when 1st rtp pkt is received:

session = new srtp_ctx_t.ByReference();

final var srtpSsrc = new srtp_ssrc_t(0); // I used the ssrc from the rtp pkt - same error. By default the constructor is setting type to: SrtpSsrcType.ssrc_any_inbound.getValue();

srtpPolicy.setSsrc(srtpSsrc);

final var srtpErrStatus = libSrtp.srtp_create(session, srtpPolicy);

I'm getting BAD_PARAM ....Calling manually in the debug libSrtp.srtp_create(session, null); gives OK ....

I just noticed that there is a: srtp_set_debug_module method but when I used it I get fail as status code. I'm trying to see if I can activate that and hope it might print some useful info

On Thursday, June 15, 2023 at 03:53:41 p.m. EDT, Paul E. Jones <paulej@packetizer.com> wrote:

Do you mean this?

https://github.com/cisco/libsrtp/blob/main/srtp/srtp.c#L2975

Is the first parameter NULL?

The call to srtp_valid_policy() can also return that here:

https://github.com/cisco/libsrtp/blob/main/srtp/srtp.c#L326

Or are you making another call that is failing? In any case, the best way to find it is to read the C code to see what conditions return that result.

Paul

------ Original Message ------

From "lmcdasi--- via libsrtp" <libsrtp@lists.packetizer.com>

To "libsrtp@lists.packetizer.com" <libsrtp@lists.packetizer.com>

Date 6/15/2023 2:25:32 PM

Subject [libsrtp] Q: libsrtp debug

I'm trying to use the library in java. I have wrote all jna mapping's required. When the code is executing create_session I'm getting SRTP_ERR_STATUS_BAD_PARAM

I do not see where my error is & enabling logs in the library may help.

Any suggestions ? Thx.