DTLS-SRTP support

[ibc]

I would like to use Botan library within my C++ project which is a WebRTC server. WebRTC requires DTLS and the extension DTLS-SRTP defined in RFC 5764:

Such a extension is used to negotiate the cipher used for the SRTP session key and the key itself. The OpenSSL API is basically as follows:

// Once the DTLS connection is established:

uint8_t material[SRTP_MASTER_LENGTH * 2];
uint8_t localMasterKey[SRTP_MASTER_LENGTH];
uint8_t remoteMasterKey[SRTP_MASTER_LENGTH];
uint8_t *local_key, *local_salt, *remote_key, *remote_salt;

SSL_export_keying_material(ssl, material, SRTP_MASTER_LENGTH * 2,
"EXTRACTOR-dtls_srtp", 19, NULL, 0, 0);

if (dtls_setup == SETUP_ACTIVE) {
  local_key = material;
  remote_key = local_key + SRTP_MASTER_KEY_LENGTH;
  local_salt = remote_key + SRTP_MASTER_KEY_LENGTH;
  remote_salt = local_salt + SRTP_MASTER_SALT_LENGTH;
} else {
  remote_key = material;
  local_key = remote_key + SRTP_MASTER_KEY_LENGTH;
  remote_salt = local_key + SRTP_MASTER_KEY_LENGTH;
  local_salt = remote_salt + SRTP_MASTER_SALT_LENGTH;
}

// After this we can get the local and remote master keys for SRTP and
use them within libsrtp.

Given that Botan implements DTLS, may you please add support for this extension so Botan becomes another WebRTC capable DTLS library?

[randombit]

I've added this extension in the main branch and it (as well as the key material export) seems to interop with OpenSSL 1.0.1j.

I'll caution that the DTLS code is still not well tested WRT loss and reordering during handshakes, please open an issue if you run into problems.

[ibc]

Sorry for the delay. May I know the current status of DTLS in Botan? I mean packet loss, reordering and retransmissions. I also assume that DTLS-SRTP comes with 1.11 (not yet released as stable version), am I right?

[ibc]

I did not read the changelog:

DTLS now supports timeouts and handshake retransmits. Timeout checking is triggered by the application calling the new TLS::Channel::timeout_check.

:)