It should not be a compatibility issue as long as you use the same cipher suite combination in the policy. In general, though I would suggest using openssl with libsrtp. It might be your key or some other config that is not matching. The best is to have some kind of test setup with predicable outcomes when debugging auth/encryption failures.
good luck. ________________________________ From: lmcdasi@yahoo.com lmcdasi@yahoo.com Sent: Monday, June 19, 2023 4:00 PM To: libsrtp@lists.packetizer.com libsrtp@lists.packetizer.com; Paul E. Jones paulej@packetizer.com; Pascal Bühler (pabuhler) pabuhler@cisco.com Subject: Re: [libsrtp] Q: libsrtp debug
H,
Thank you. I finally figure out that I had a JNA memory map issue in srtp_policy_t. The deprecated_ekt was set to null. Now I'm getting an SRTP_ERR_STATUS_AUTH_FAIL failure. I think I pass the key properly tough I might be wrong.
I'm sending audio using gstreamer. The 'srtpenc' plugin is using OpenSSL to encrypt the audio pkt.
I'm wondering if I have some form of incompatibility between the openssl encryption used by gstreamer and libsrtp. I have seen that libsrtp can use openssl but I do not know if there is any extra setup.
If this is not a concern then I need to focus on the key ....
BR, Dan S.
On Friday, June 16, 2023 at 03:50:53 a.m. EDT, Pascal Bühler (pabuhler) pabuhler@cisco.com wrote:
Hi, The best would be to recreate with simple c code, ie find out the values you pass and try to reproduce. Bad param is returned from a lot of places so it is hard for use to guess what you are doing. Enabling some debug is an option to try and help isolate the issue, but a reproducible test case would be the best.
pascal ________________________________ From: libsrtp libsrtp-bounces@lists.packetizer.com on behalf of lmcdasi--- via libsrtp libsrtp@lists.packetizer.com Sent: Friday, June 16, 2023 2:08 AM To: libsrtp@lists.packetizer.com libsrtp@lists.packetizer.com; Paul E. Jones paulej@packetizer.com Subject: Re: [libsrtp] Q: libsrtp debug
It is the 2nd parameter because if I call in the java intelij debugger srtp_create(session, null) it works.
I did print the policy .... it is not null & the deprecated field == null so it cannot be that bad param.
I do call:
libSrtp.srtp_crypto_policy_set_rtp_default(rtpCryptoPolicy); libSrtp.srtp_crypto_policy_set_rtp_default(rtcpCryptoPolicy);
I did look at the 'C' code and unless I miss something I think I got the correct values and srtp_valid_policy should not fail with BAD_PARAM there. Then, I did:
rtpCryptoPolicy.setSec_serv(SrtpSecServ.sec_serv_conf_and_auth.getValue()); // I was unable so far to map the enum with jna thus I used the enum - int conversion rtcpCryptoPolicy.setSec_serv(SrtpSecServ.sec_serv_none.getValue());
final var srtpPolicy = new srtp_policy_t(); srtpPolicy.setAllow_repeat_tx(0); srtpPolicy.setRtp(rtpCryptoPolicy); srtpPolicy.setRtcp(rtcpCryptoPolicy); srtpPolicy.setKey(srtpKey); srtpPolicy.setWindow_size(128);
So far - I think I match the +/- same steps as the test/rtpdecoder.c
But then the session is created when 1st rtp pkt is received:
session = new srtp_ctx_t.ByReference(); final var srtpSsrc = new srtp_ssrc_t(0); // I used the ssrc from the rtp pkt - same error. By default the constructor is setting type to: SrtpSsrcType.ssrc_any_inbound.getValue(); srtpPolicy.setSsrc(srtpSsrc); final var srtpErrStatus = libSrtp.srtp_create(session, srtpPolicy);
I'm getting BAD_PARAM ....Calling manually in the debug libSrtp.srtp_create(session, null); gives OK ....
I just noticed that there is a: srtp_set_debug_module method but when I used it I get fail as status code. I'm trying to see if I can activate that and hope it might print some useful info
On Thursday, June 15, 2023 at 03:53:41 p.m. EDT, Paul E. Jones paulej@packetizer.com wrote:
Do you mean this? https://github.com/cisco/libsrtp/blob/main/srtp/srtp.c#L2975
Is the first parameter NULL?
The call to srtp_valid_policy() can also return that here: https://github.com/cisco/libsrtp/blob/main/srtp/srtp.c#L326
Or are you making another call that is failing? In any case, the best way to find it is to read the C code to see what conditions return that result.
Paul
------ Original Message ------
From "lmcdasi--- via libsrtp" <libsrtp@lists.packetizer.commailto:libsrtp@lists.packetizer.com>
To "libsrtp@lists.packetizer.commailto:libsrtp@lists.packetizer.com" <libsrtp@lists.packetizer.commailto:libsrtp@lists.packetizer.com> Date 6/15/2023 2:25:32 PM Subject [libsrtp] Q: libsrtp debug
I'm trying to use the library in java. I have wrote all jna mapping's required. When the code is executing create_session I'm getting SRTP_ERR_STATUS_BAD_PARAM
I do not see where my error is & enabling logs in the library may help.
Any suggestions ? Thx.