linphone-developers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Linphone-developers] b256 SAS implementation for bzrtp

From: Johan Pascal
Subject: Re: [Linphone-developers] b256 SAS implementation for bzrtp
Date: Tue, 10 Mar 2015 14:37:09 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 
Hi Eli,
thanks for your patch. I had a quick look at it and it seems fine.
Note that until recently bzrtp didn't consider on reception of Hello Packets the mandatory algorithm if a non mandatory was present in the Hello, which lead to a ZRTP key exchange failure if peer give only a non mandatory algo (as it may do) in the Hello packet and self support mandatory algo only.
This has been fixed now and also the mandatory algorithms are always added to the set of available one, even if it shall work without, in the self Hello packet which ensure backward compatibility with old versions of bzrtp.
About having a dedicated zrtp_cipher_suites setting in the linphonerc, I didn't really check it but as far as I understood if present it will have precedence on the srtp_crypto_suite(which remains in force when using SDES) setting, am I correct?
I'll try to review more accurately and push your patches by the end of the week. 

regards,

Johan

On 10/03/15 11:48, Eli Burke wrote:

Building on Ben Sartor’s excellent BZRTP patches to add support for the
non-mandatory algorithms, here are patches to add the b256 SAS format.
Instead of returning a 4 character SAS string like “7jb3” it will return
two words such as “seabird:asteroid”. Per the RFC, the words come from
the PGP Word List and should not be localized:
http://en.wikipedia.org/w/index.php?title=PGP_word_list

oRTP and ms2 need small patches to extend the length of the SAS variable
in the eventData structure. liblinphone was patched to add linphonerc
overrides for each set of algorithms. No default values are changed from
stock Linphone: Ben’s patch sets sensible ZRTP defaults based on the
config setting for “srtp_crypto_suites”, this patch adds e.g:
zrtp_key_agreements_suites=MS_ZRTP_KEY_AGREEMENT_EC38
zrtp_cipher_suites=MS_ZRTP_CIPHER_AES3
zrtp_auth_suites=MS_ZRTP_AUTHTAG_HS80
zrtp_hash_suites=MS_ZRTP_HASH_S256
zrtp_sas_suites=MS_ZRTP_SAS_B256
Note that due to the nature of the ZRTP spec, the mandatory algorithms
are always added and used during the initial ZRTP handshake, so it is
not necessary to specify B32 to be backwards compatible with older clients.












_______________________________________________
Linphone-developers mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/linphone-developers
reply via email to
[Prev in Thread] Current Thread [Next in Thread]