Hi Johan,
Thanks for your reply. I took a look at the code and indeed EC is not present yet which would explain why it's never used as you said.
I went ahead and moved the zrtp_XXX_suites settings into linphonerc_default instead of linphonerc_factory, made sure they were in the SIP section and recompiled.
Now indeed one can see in the logs that it is reading the configuration:
04-25 22:31:05.980 I/linphone(4972): Configured srtp crypto suite: AES_CM_128_HMAC_SHA1_80
04-25 22:31:05.985 I/linphone(4972): Configured srtp crypto suite: AES_CM_128_HMAC_SHA1_32
04-25 22:31:05.985 I/linphone(4972): Configured srtp crypto suite: AES_CM_256_HMAC_SHA1_80
04-25 22:31:05.985 I/linphone(4972): Configured srtp crypto suite: AES_CM_256_HMAC_SHA1_32
04-25 22:31:05.985 I/linphone(4972): Configured zrtp cipher: 'MS_ZRTP_CIPHER_AES3'
04-25 22:31:05.985 I/linphone(4972): Configured zrtp hash: 'MS_ZRTP_HASH_S256'
04-25 22:31:05.985 I/linphone(4972): Configured zrtp auth tag: 'MS_ZRTP_AUTHTAG_HS80'
04-25 22:31:05.985 I/linphone(4972): Configured zrtp SAS type: 'MS_ZRTP_SAS_B256'
04-25 22:31:05.985 I/linphone(4972): Configured zrtp key agreement: 'MS_ZRTP_KEY_AGREEMENT_EC38'
04-25 22:31:05.985 I/linphone(4972): MSAudioMixer [0x5cc9c550] is entering bypass mode.
04-25 22:31:05.985 I/linphone(4972): Creating ZRTP engine on rtp session [0x5cc06048]
04-25 22:31:06.035 I/linphone(4972): Starting ZRTP engine on rtp session [0x5cc06048]
And now indeed the block ciphering seems correct (AES256) although SAS rendering is still only 4 character instead of B256.
04-25 22:31:07.640 I/linphone(4972): ZRTP Receive packet type DHPart2
04-25 22:31:07.755 I/linphone(4972): ZRTP Send packet type Confirm1 on rtp session [0x5cc06048]
04-25 22:31:07.755 W/linphone(4972): MSAudio MSTicker: We are late of 110 miliseconds.
04-25 22:31:07.770 I/linphone(4972): ZRTP Receive packet type DHPart2
04-25 22:31:07.770 I/linphone(4972): ZRTP Send packet type Confirm1 on rtp session [0x5cc06048]
04-25 22:31:07.770 W/linphone(4972): MSAudio MSTicker: We are late of 116 miliseconds.
04-25 22:31:07.775 I/linphone(4972): ZRTP Receive packet type Confirm2
04-25 22:31:07.775 I/linphone(4972): ZRTP secrets are ready for receiver; auth tag algo is HS80 and cipher algo is AES256
04-25 22:31:07.775 I/linphone(4972): media_stream_set_srtp_recv_key(): key 0a..b5 stream sessions is [0x5cc01090]
04-25 22:31:07.775 I/linphone(4972): media_stream_set_srtcp_recv_key(): key 0a..b5 stream sessions is [0x5cc01090]
04-25 22:31:07.775 I/linphone(4972): ZRTP Send packet type Conf2ACK on rtp session [0x5cc06048]
04-25 22:31:07.775 I/linphone(4972): ZRTP secrets are ready for sender; auth tag algo is HS80 and cipher algo is AES256
04-25 22:31:07.775 I/linphone(4972): media_stream_set_srtp_send_key(): key ed..33 stream sessions is [0x5cc01090]
04-25 22:31:07.775 I/linphone(4972): media_stream_set_srtcp_send_key(): key ed..33 stream sessions is [0x5cc01090]
04-25 22:31:07.775 I/linphone(4972): ZRTP secrets on: SAS is essk previously verified yes
04-25 22:31:07.780 I/linphone(4972): Event dispatched to all: secrets are on
So we're almost there. It seems only SAS is still not working as expected.
I can send you the full log file directly if you're interested, but I don't want to spam the list.
Cheers,
Peter