Re: [Linphone-developers] bzrtp support for AES with 256-bit keys

[Ben Sartor]

Hi Johan,

thank you for taking time to look at the patches.

> ...
> - packet parsing shall not add AES3 by default when empty cc description
> arrives: the patch in packetParser.c shall not be needed.(if it doesn't
> work without it there is an other problem)

You are right. Updated Patch is attached.

> 
> Before merging it we must add in the libbzrtp API a function to select
> and order the algo actually used : someone may prefer to use AES128.
> 
> While mandatory algorithm only were available it wasn't needed but it
> shall be done if we introduce some non-mandatory ones. The idea would be
> to add in libbzrtp :
> - a function to retrieve the available algo after the context has been
> created.
> - a function to set an ordered list of algo to be used which would be
> called just after context creation. The ordered list shall be created by
> mediastreamer2 based on the retrieved available algo list and user
> preference.
> 
> Do you think you can add them to your patch on bzrtp?

Yes. Just to be sure, did you mean implementing functions like this:

void bzrtp_setSupportedCipherTypes(bzrtpContext_t *zrtpContext, uint8_t 
availableTypes[7], const uint8_t availableTypesCount);

uint8_t bzrtp_getSupportedCipherTypes(bzrtpContext_t *zrtpContext, uint8_t 
availableTypes[7]);

> This means we also must add a way to store the user configuration in
> linphone. I was thinking the easiest way would be to store it in the
> config file and access it only manually for now. I can implement this if
> you're lost on the way linphone manage the config file.

I haven't had a look to  linphone config file management, yet. Let's see how 
far 
I get or if you find time first.

> Last, this must be covered by automatic tests.(Key exchange between two
> users using different set of cipher block algo)

I'm not sure what you mean: Would you prefer a test similar to the existing 
"test_algoAgreement" or would it be better to write a test for the function 
"selectCommonAlgo" directly?

I hope I will find time to post new by the end of the week.

Kind Regards
 Ben

> Also in order to merge your patch we would need you to sign the
> contributor's agreement:
> http://www.belledonne-communications.com/downloads/Belledonne_communications
> _CA.pdf
> 
> regards,
> 
> johan
> 
> On 13/01/15 23:32, Ben Sartor wrote:
> > Hi,
> > 
> > sorry, here are the patches.
> > 
> > Kind Regards
> > 
> >   Ben
> >> 
> >> Hi,
> >> 
> >> according to the recent bzrtp discussion [1], I made first patches adding
> >> support for AES with 256-bit keys. The first two patches apply to bzrtp.
> >> The third patch applies to mediastreamer2.
> >> 
> >> I have tested them on linux and on an iPhone talking to CSipSimple (on
> >> Android).
> >> 
> >> What do think? Is it possible to merge these patches?
> >> 
> >> Kind Regards
> >> 
> >>   Ben
> > 
> > _______________________________________________
> > Linphone-developers mailing list
> > address@hidden
> > https://lists.nongnu.org/mailman/listinfo/linphone-developers
> 
> _______________________________________________
> Linphone-developers mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/linphone-developers

-- 
———————————————————
https://www.simlar.org
free and secure calls

fon: +49-(0)221-999 999 30
fax: +49-(0)221-999 999 31                                   
mail: address@hidden

github: https://github.com/simlar/
———————————————————

0002-added-cipher-algorithm-AES-with-256-bit-keys-AES3.patch
Description: Text Data