linphone-developers
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Linphone-developers] Testing AES3 with EC and B256 on Android


From: Johan Pascal
Subject: Re: [Linphone-developers] Testing AES3 with EC and B256 on Android
Date: Mon, 27 Apr 2015 23:54:02 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.6.0

Hi Peter,
it shall be ok now for android, the bug may still be present on iOS but not for long.

Johan

On 26/04/15 17:46, Peter Villeneuve wrote:
Great thanks. Let me know when it's updated and I'll test it again and
report back.

Cheers and thanks for your hard work,

Peter

On Sun, Apr 26, 2015 at 10:11 AM, Johan Pascal
<address@hidden <mailto:address@hidden>> wrote:

    Peter,
    bzrtp submodule in the linphone-android repository is outdated and
    older than the insertion of B256 capability...

    I'll fix the bug and update the module by tomorrow night.

    Johan


    On 26/04/15 00:12, Johan Pascal wrote:

        Peter,
        you're right, something is wrong with B256 SAS. SAS is not correctly
        forwarded to linphone from mediastreamer2(only 4 chars in any
        case). It
        looks like in your case B256 is not used at all while I think it
        may be
        used but displayed SAS will be anyway, so I'm missing something
        else.

        If you can send me a wireshark trace of the ZRTP packets it may
        help.

        I'll fix the error I found in the coming days.

        Johan

        On 25/04/15 23:39, Peter Villeneuve wrote:

            Hi Johan,

            Thanks for your reply. I took a look at the code and indeed
            EC is not
            present yet which would explain why it's never used as you said.

            I went ahead and moved the zrtp_XXX_suites settings into
            linphonerc_default instead of linphonerc_factory, made sure
            they were in
            the SIP section and recompiled.

            Now indeed one can see in the logs that it is reading the
            configuration:

            04-25 22:31:05.980 I/linphone(4972): Configured srtp crypto
            suite:
            AES_CM_128_HMAC_SHA1_80
            04-25 22:31:05.985 I/linphone(4972): Configured srtp crypto
            suite:
            AES_CM_128_HMAC_SHA1_32
            04-25 22:31:05.985 I/linphone(4972): Configured srtp crypto
            suite:
            AES_CM_256_HMAC_SHA1_80
            04-25 22:31:05.985 I/linphone(4972): Configured srtp crypto
            suite:
            AES_CM_256_HMAC_SHA1_32
            04-25 22:31:05.985 I/linphone(4972): Configured zrtp cipher:
            'MS_ZRTP_CIPHER_AES3'
            04-25 22:31:05.985 I/linphone(4972): Configured zrtp hash:
            'MS_ZRTP_HASH_S256'
            04-25 22:31:05.985 I/linphone(4972): Configured zrtp auth tag:
            'MS_ZRTP_AUTHTAG_HS80'
            04-25 22:31:05.985 I/linphone(4972): Configured zrtp SAS type:
            'MS_ZRTP_SAS_B256'
            04-25 22:31:05.985 I/linphone(4972): Configured zrtp key
            agreement:
            'MS_ZRTP_KEY_AGREEMENT_EC38'
            04-25 22:31:05.985 I/linphone(4972): MSAudioMixer
            [0x5cc9c550] is
            entering bypass mode.
            04-25 22:31:05.985 I/linphone(4972): Creating ZRTP engine on
            rtp session
            [0x5cc06048]
            04-25 22:31:06.035 I/linphone(4972): Starting ZRTP engine on
            rtp session
            [0x5cc06048]


            And now indeed the block ciphering seems correct (AES256)
            although SAS
            rendering is still only 4 character instead of B256.


            04-25 22:31:07.640 I/linphone(4972): ZRTP Receive packet
            type DHPart2
            04-25 22:31:07.755 I/linphone(4972): ZRTP Send packet type
            Confirm1 on
            rtp session [0x5cc06048]
            04-25 22:31:07.755 W/linphone(4972): MSAudio MSTicker: We
            are late of
            110 miliseconds.
            04-25 22:31:07.770 I/linphone(4972): ZRTP Receive packet
            type DHPart2
            04-25 22:31:07.770 I/linphone(4972): ZRTP Send packet type
            Confirm1 on
            rtp session [0x5cc06048]
            04-25 22:31:07.770 W/linphone(4972): MSAudio MSTicker: We
            are late of
            116 miliseconds.
            04-25 22:31:07.775 I/linphone(4972): ZRTP Receive packet
            type Confirm2
            04-25 22:31:07.775 I/linphone(4972): ZRTP secrets are ready for
            receiver; auth tag algo is *HS80 and cipher algo is AES256*
            04-25 22:31:07.775 I/linphone(4972):
            media_stream_set_srtp_recv_key():
            key 0a..b5 stream sessions is [0x5cc01090]
            04-25 22:31:07.775 I/linphone(4972):
            media_stream_set_srtcp_recv_key():
            key 0a..b5 stream sessions is [0x5cc01090]
            04-25 22:31:07.775 I/linphone(4972): ZRTP Send packet type
            Conf2ACK on
            rtp session [0x5cc06048]
            04-25 22:31:07.775 I/linphone(4972): ZRTP secrets are ready
            for sender;
            auth tag algo is HS80 and cipher algo is AES256
            04-25 22:31:07.775 I/linphone(4972):
            media_stream_set_srtp_send_key():
            key ed..33 stream sessions is [0x5cc01090]
            04-25 22:31:07.775 I/linphone(4972):
            media_stream_set_srtcp_send_key():
            key ed..33 stream sessions is [0x5cc01090]
            04-25 22:31:07.775 I/linphone(4972): ZRTP secrets on: *SAS
            is essk*
            previously verified yes
            04-25 22:31:07.780 I/linphone(4972): Event dispatched to
            all: secrets
            are on


            So we're almost there. It seems only SAS is still not working as
            expected.
            I can send you the full log file directly if you're
            interested, but I
            don't want to spam the list.

            Cheers,
            Peter


            On Sat, Apr 25, 2015 at 9:15 PM, Johan Pascal
            <address@hidden <mailto:address@hidden>
            <mailto:address@hidden
            <mailto:address@hidden>>> wrote:

                 Hi Peter,
                 for EC it's perfectly normal, it had not been
            implemented yet. DH2k
                 and DH3k(default) are the only key agreement available
            in bzrtp even
                 if linphone won't complain if you set EC in your config
            file.

                 For SAS rendering and block ciphering, it's more
            surprising.

                  From your log it looks like the configuration is never
            found as the
                 log shall mention it right after the Configured srtp
            crypto suite
                 part. Can you send me the complete log file please? Did
            you insert
                 the zrtp_XXX_suites settings in the sip section of the
            config file?

                 I plan to include a more accurate trace on the ZRTP
                 negotiation(complete set of algo used) and it may even
            make its way
                 to the GUI at least on the desktop version for now.
            I'll keep you
                 updated on this.

                 regards,

                 Johan



                 On 25/04/15 21:00, Peter Villeneuve wrote:

                     Hi guys,

                     I just downloaded latest git and compiled from scratch.

                     I have applied to my linphonerc_factory the
            following configs
                     taken from
                     here

            
https://lists.gnu.org/archive/html/linphone-developers/2015-03/msg00022.html


                     At the end of my linphonerc_factory I have added

                     zrtp_key_agreements_suites=MS_ZRTP_KEY_AGREEMENT_EC38
                     zrtp_cipher_suites=MS_ZRTP_CIPHER_AES3
                     zrtp_auth_suites=MS_ZRTP_AUTHTAG_HS80
                     zrtp_hash_suites=MS_ZRTP_HASH_S256
                     zrtp_sas_suites=MS_ZRTP_SAS_B256


                     So far so good. Everything compiles fine and when I
            run the apk
                     on two
                     different phones I'm able to establish audio and
            negotiate ZRTP
                     as expected.

                     However, I have enabled debugging and looking
            through logcat it
                     seems
                     that the cipher suite used is still AES1. Also, the key
            negotiation
                     seems to be DH instead of EC.

                     Here are the relevant bits from the logfile:

                     04-25 17:14:09.609 I/linphone(5863): Configured
            srtp crypto
            suite:
                     AES_CM_128_HMAC_SHA1_80
                     04-25 17:14:09.609 I/linphone(5863): Configured
            srtp crypto
            suite:
                     AES_CM_128_HMAC_SHA1_32
                     04-25 17:14:09.609 I/linphone(5863): Configured
            srtp crypto
            suite:
                     AES_CM_256_HMAC_SHA1_80
                     04-25 17:14:09.609 I/linphone(5863): Configured
            srtp crypto
            suite:
                     AES_CM_256_HMAC_SHA1_32
                     04-25 17:14:09.609 I/linphone(5863): Creating ZRTP
            engine on rtp
                     session
                     [0x582de150]


                     and later after the call is established and the key is
            negotiated:

                     04-25 17:14:11.484 I/linphone(5863): New call state
                     [UpdatedByRemote]
                     04-25 17:14:11.484 I/linphone(5863): ZRTP Receive
            packet type
                     DHPart2
                     04-25 17:14:11.544 I/linphone(5863): ZRTP Send
            packet type
                     Confirm1 on
                     rtp session [0x582de150]
                     04-25 17:14:11.544 W/linphone(5863): MSAudio
            MSTicker: We are
                     late of 54
                     miliseconds.
                     04-25 17:14:11.559 I/linphone(5863): ZRTP Receive
            packet type
                     DHPart2
                     04-25 17:14:11.564 I/linphone(5863): ZRTP Send
            packet type
                     Confirm1 on
                     rtp session [0x582de150]
                     04-25 17:14:11.574 I/linphone(5863): ZRTP Receive
            packet type
                     Confirm2
                     04-25 17:14:11.574 I/linphone(5863): ZRTP secrets
            are ready for
                     receiver; *auth tag algo is HS80 and cipher algo is
            AES128*

                     04-25 17:14:11.574 I/linphone(5863):
                     media_stream_set_srtp_recv_key():
                     key 45..a2 stream sessions is [0x58e0be98]
                     04-25 17:14:11.574 I/linphone(5863):
                     media_stream_set_srtcp_recv_key():
                     key 45..a2 stream sessions is [0x58e0be98]
                     04-25 17:14:11.574 I/linphone(5863): ZRTP Send
            packet type
                     Conf2ACK on
                     rtp session [0x582de150]
                     04-25 17:14:11.579 I/linphone(5863): ZRTP secrets
            are ready for
                     sender;
                     auth tag algo is HS80 and cipher algo is AES128
                     04-25 17:14:11.579 I/linphone(5863):
                     media_stream_set_srtp_send_key():
                     key da..8e stream sessions is [0x58e0be98]
                     04-25 17:14:11.579 I/linphone(5863):
                     media_stream_set_srtcp_send_key():
                     key da..8e stream sessions is [0x58e0be98]
                     04-25 17:14:11.579 I/linphone(5863): ZRTP secrets
            on: SAS is g5hm
                     previously verified yes
                     04-25 17:14:11.579 I/linphone(5863): Event
            dispatched to all:
                     secrets are on
                     04-25 17:14:11.579 E/linphone(5863):
            srtp_unprotect() failed
            (7) on
                     stream ctx [0x589d4860]


                     As you can see, even though I installed the apk on
            both phones,
                     it seems
                     linphone still chooses to use AES 128 with DH and
            SAS is still
                     using 4
                     character SAS instead of B256.
                     Am I doing anything wrong? How can I test out AES3
            and EC with
                     B256 SAS?
                     It would be great if we could see in the call's UI
            some info
                     regarding
                     what type of algo was negotiated so we don't have
            to enable
                     debugging
                     and look through the logs to find out this useful info.

                     Thoughts?

                     Cheers,

                     Peter



                     _______________________________________________
                     Linphone-developers mailing list
            address@hidden
            <mailto:address@hidden>
                     <mailto:address@hidden
            <mailto:address@hidden>>
            https://lists.nongnu.org/mailman/listinfo/linphone-developers


                 _______________________________________________
                 Linphone-developers mailing list
            address@hidden
            <mailto:address@hidden>
            <mailto:address@hidden
            <mailto:address@hidden>>
            https://lists.nongnu.org/mailman/listinfo/linphone-developers




            _______________________________________________
            Linphone-developers mailing list
            address@hidden
            <mailto:address@hidden>
            https://lists.nongnu.org/mailman/listinfo/linphone-developers


        _______________________________________________
        Linphone-developers mailing list
        address@hidden
        <mailto:address@hidden>
        https://lists.nongnu.org/mailman/listinfo/linphone-developers


    _______________________________________________
    Linphone-developers mailing list
    address@hidden <mailto:address@hidden>
    https://lists.nongnu.org/mailman/listinfo/linphone-developers




_______________________________________________
Linphone-developers mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/linphone-developers




reply via email to

[Prev in Thread] Current Thread [Next in Thread]