Re: [Linphone-developers] bzrtp support for AES with 256-bit keys

[Johan Pascal]

Hi Ben,
thanks for the patch, I had a quick look at it, it's nicely coded but I 
found small issues:
- packet parsing shall not add AES3 by default when empty cc description 
arrives: the patch in packetParser.c shall not be needed.(if it doesn't 
work without it there is an other problem)

Before merging it we must add in the libbzrtp API a function to select 
and order the algo actually used : someone may prefer to use AES128.

While mandatory algorithm only were available it wasn't needed but it 
shall be done if we introduce some non-mandatory ones. The idea would be 
to add in libbzrtp :
- a function to retrieve the available algo after the context has been 
created.
- a function to set an ordered list of algo to be used which would be 
called just after context creation. The ordered list shall be created by 
mediastreamer2 based on the retrieved available algo list and user 
preference.

Do you think you can add them to your patch on bzrtp?

This means we also must add a way to store the user configuration in 
linphone. I was thinking the easiest way would be to store it in the 
config file and access it only manually for now. I can implement this if 
you're lost on the way linphone manage the config file.

Last, this must be covered by automatic tests.(Key exchange between two 
users using different set of cipher block algo)

Also in order to merge your patch we would need you to sign the 
contributor's agreement:
http://www.belledonne-communications.com/downloads/Belledonne_communications_CA.pdf

regards,

johan


On 13/01/15 23:32, Ben Sartor wrote:
> Hi,
>
> sorry, here are the patches.
>
> Kind Regards
>   Ben
>
>
> > Hi,
> >
> > according to the recent bzrtp discussion [1], I made first patches adding
> > support for AES with 256-bit keys. The first two patches apply to bzrtp. The
> > third patch applies to mediastreamer2.
> >
> > I have tested them on linux and on an iPhone talking to CSipSimple (on
> > Android).
> >
> > What do think? Is it possible to merge these patches?
> >
> > Kind Regards
> >   Ben
>
>
>
> _______________________________________________
> Linphone-developers mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/linphone-developers