Hi guys,
Just wanted to followup and give some feedback.
Indeed the issue has been fixed (at least on Android - I don't have iOS
to test with) and SAS now works as expected.
I did however notice somewhere in the logs something about a certain
file not being found. I believe it was something like
"files/.linphone.ecstate for read"
I assume this is related to the fact that Elliptic Curve has not been
implemented in bzrtp, correct?
Also, how about the possibility of having some kind of audio chime after
ZRTP has been negotiated so we can know the media is encrypted without
looking at the screen. Is that even possible without implementing go
clear / clear ack in bzrtp?
Thanks again for your help.
Cheers,
Peter
On Mon, Apr 27, 2015 at 10:54 PM, Johan Pascal
<address@hidden <mailto:address@hidden>> wrote:
Hi Peter,
it shall be ok now for android, the bug may still be present on iOS
but not for long.
Johan
On 26/04/15 17:46, Peter Villeneuve wrote:
Great thanks. Let me know when it's updated and I'll test it
again and
report back.
Cheers and thanks for your hard work,
Peter
On Sun, Apr 26, 2015 at 10:11 AM, Johan Pascal
<address@hidden <mailto:address@hidden>
<mailto:address@hidden
<mailto:address@hidden>>> wrote:
Peter,
bzrtp submodule in the linphone-android repository is
outdated and
older than the insertion of B256 capability...
I'll fix the bug and update the module by tomorrow night.
Johan
On 26/04/15 00:12, Johan Pascal wrote:
Peter,
you're right, something is wrong with B256 SAS. SAS is
not correctly
forwarded to linphone from mediastreamer2(only 4 chars
in any
case). It
looks like in your case B256 is not used at all while I
think it
may be
used but displayed SAS will be anyway, so I'm missing
something
else.
If you can send me a wireshark trace of the ZRTP
packets it may
help.
I'll fix the error I found in the coming days.
Johan
On 25/04/15 23:39, Peter Villeneuve wrote:
Hi Johan,
Thanks for your reply. I took a look at the code
and indeed
EC is not
present yet which would explain why it's never used
as you said.
I went ahead and moved the zrtp_XXX_suites settings
into
linphonerc_default instead of linphonerc_factory,
made sure
they were in
the SIP section and recompiled.
Now indeed one can see in the logs that it is
reading the
configuration:
04-25 22:31:05.980 I/linphone(4972): Configured
srtp crypto
suite:
AES_CM_128_HMAC_SHA1_80
04-25 22:31:05.985 I/linphone(4972): Configured
srtp crypto
suite:
AES_CM_128_HMAC_SHA1_32
04-25 22:31:05.985 I/linphone(4972): Configured
srtp crypto
suite:
AES_CM_256_HMAC_SHA1_80
04-25 22:31:05.985 I/linphone(4972): Configured
srtp crypto
suite:
AES_CM_256_HMAC_SHA1_32
04-25 22:31:05.985 I/linphone(4972): Configured
zrtp cipher:
'MS_ZRTP_CIPHER_AES3'
04-25 22:31:05.985 I/linphone(4972): Configured
zrtp hash:
'MS_ZRTP_HASH_S256'
04-25 22:31:05.985 I/linphone(4972): Configured
zrtp auth tag:
'MS_ZRTP_AUTHTAG_HS80'
04-25 22:31:05.985 I/linphone(4972): Configured
zrtp SAS type:
'MS_ZRTP_SAS_B256'
04-25 22:31:05.985 I/linphone(4972): Configured
zrtp key
agreement:
'MS_ZRTP_KEY_AGREEMENT_EC38'
04-25 22:31:05.985 I/linphone(4972): MSAudioMixer
[0x5cc9c550] is
entering bypass mode.
04-25 22:31:05.985 I/linphone(4972): Creating ZRTP
engine on
rtp session
[0x5cc06048]
04-25 22:31:06.035 I/linphone(4972): Starting ZRTP
engine on
rtp session
[0x5cc06048]
And now indeed the block ciphering seems correct
(AES256)
although SAS
rendering is still only 4 character instead of B256.
04-25 22:31:07.640 I/linphone(4972): ZRTP Receive
packet
type DHPart2
04-25 22:31:07.755 I/linphone(4972): ZRTP Send
packet type
Confirm1 on
rtp session [0x5cc06048]
04-25 22:31:07.755 W/linphone(4972): MSAudio
MSTicker: We
are late of
110 miliseconds.
04-25 22:31:07.770 I/linphone(4972): ZRTP Receive
packet
type DHPart2
04-25 22:31:07.770 I/linphone(4972): ZRTP Send
packet type
Confirm1 on
rtp session [0x5cc06048]
04-25 22:31:07.770 W/linphone(4972): MSAudio
MSTicker: We
are late of
116 miliseconds.
04-25 22:31:07.775 I/linphone(4972): ZRTP Receive
packet
type Confirm2
04-25 22:31:07.775 I/linphone(4972): ZRTP secrets
are ready for
receiver; auth tag algo is *HS80 and cipher algo is
AES256*
04-25 22:31:07.775 I/linphone(4972):
media_stream_set_srtp_recv_key():
key 0a..b5 stream sessions is [0x5cc01090]
04-25 22:31:07.775 I/linphone(4972):
media_stream_set_srtcp_recv_key():
key 0a..b5 stream sessions is [0x5cc01090]
04-25 22:31:07.775 I/linphone(4972): ZRTP Send
packet type
Conf2ACK on
rtp session [0x5cc06048]
04-25 22:31:07.775 I/linphone(4972): ZRTP secrets
are ready
for sender;
auth tag algo is HS80 and cipher algo is AES256
04-25 22:31:07.775 I/linphone(4972):
media_stream_set_srtp_send_key():
key ed..33 stream sessions is [0x5cc01090]
04-25 22:31:07.775 I/linphone(4972):
media_stream_set_srtcp_send_key():
key ed..33 stream sessions is [0x5cc01090]
04-25 22:31:07.775 I/linphone(4972): ZRTP secrets
on: *SAS
is essk*
previously verified yes
04-25 22:31:07.780 I/linphone(4972): Event
dispatched to
all: secrets
are on
So we're almost there. It seems only SAS is still
not working as
expected.
I can send you the full log file directly if you're
interested, but I
don't want to spam the list.
Cheers,
Peter
On Sat, Apr 25, 2015 at 9:15 PM, Johan Pascal
<address@hidden
<mailto:address@hidden>
<mailto:address@hidden
<mailto:address@hidden>>
<mailto:address@hidden
<mailto:address@hidden>
<mailto:address@hidden
<mailto:address@hidden>>>> wrote:
Hi Peter,
for EC it's perfectly normal, it had not been
implemented yet. DH2k
and DH3k(default) are the only key agreement
available
in bzrtp even
if linphone won't complain if you set EC in
your config
file.
For SAS rendering and block ciphering, it's more
surprising.
From your log it looks like the configuration
is never
found as the
log shall mention it right after the
Configured srtp
crypto suite
part. Can you send me the complete log file
please? Did
you insert
the zrtp_XXX_suites settings in the sip
section of the
config file?
I plan to include a more accurate trace on the
ZRTP
negotiation(complete set of algo used) and it
may even
make its way
to the GUI at least on the desktop version for
now.
I'll keep you
updated on this.
regards,
Johan
On 25/04/15 21:00, Peter Villeneuve wrote:
Hi guys,
I just downloaded latest git and compiled
from scratch.
I have applied to my linphonerc_factory the
following configs
taken from
here
https://lists.gnu.org/archive/html/linphone-developers/2015-03/msg00022.html
At the end of my linphonerc_factory I have
added
zrtp_key_agreements_suites=MS_ZRTP_KEY_AGREEMENT_EC38
zrtp_cipher_suites=MS_ZRTP_CIPHER_AES3
zrtp_auth_suites=MS_ZRTP_AUTHTAG_HS80
zrtp_hash_suites=MS_ZRTP_HASH_S256
zrtp_sas_suites=MS_ZRTP_SAS_B256
So far so good. Everything compiles fine
and when I
run the apk
on two
different phones I'm able to establish
audio and
negotiate ZRTP
as expected.
However, I have enabled debugging and looking
through logcat it
seems
that the cipher suite used is still AES1.
Also, the key
negotiation
seems to be DH instead of EC.
Here are the relevant bits from the logfile:
04-25 17:14:09.609 I/linphone(5863):
Configured
srtp crypto
suite:
AES_CM_128_HMAC_SHA1_80
04-25 17:14:09.609 I/linphone(5863):
Configured
srtp crypto
suite:
AES_CM_128_HMAC_SHA1_32
04-25 17:14:09.609 I/linphone(5863):
Configured
srtp crypto
suite:
AES_CM_256_HMAC_SHA1_80
04-25 17:14:09.609 I/linphone(5863):
Configured
srtp crypto
suite:
AES_CM_256_HMAC_SHA1_32
04-25 17:14:09.609 I/linphone(5863):
Creating ZRTP
engine on rtp
session
[0x582de150]
and later after the call is established
and the key is
negotiated:
04-25 17:14:11.484 I/linphone(5863): New
call state
[UpdatedByRemote]
04-25 17:14:11.484 I/linphone(5863): ZRTP
Receive
packet type
DHPart2
04-25 17:14:11.544 I/linphone(5863): ZRTP Send
packet type
Confirm1 on
rtp session [0x582de150]
04-25 17:14:11.544 W/linphone(5863): MSAudio
MSTicker: We are
late of 54
miliseconds.
04-25 17:14:11.559 I/linphone(5863): ZRTP
Receive
packet type
DHPart2
04-25 17:14:11.564 I/linphone(5863): ZRTP Send
packet type
Confirm1 on
rtp session [0x582de150]
04-25 17:14:11.574 I/linphone(5863): ZRTP
Receive
packet type
Confirm2
04-25 17:14:11.574 I/linphone(5863): ZRTP
secrets
are ready for
receiver; *auth tag algo is HS80 and
cipher algo is
AES128*
04-25 17:14:11.574 I/linphone(5863):
media_stream_set_srtp_recv_key():
key 45..a2 stream sessions is [0x58e0be98]
04-25 17:14:11.574 I/linphone(5863):
media_stream_set_srtcp_recv_key():
key 45..a2 stream sessions is [0x58e0be98]
04-25 17:14:11.574 I/linphone(5863): ZRTP Send
packet type
Conf2ACK on
rtp session [0x582de150]
04-25 17:14:11.579 I/linphone(5863): ZRTP
secrets
are ready for
sender;
auth tag algo is HS80 and cipher algo is
AES128
04-25 17:14:11.579 I/linphone(5863):
media_stream_set_srtp_send_key():
key da..8e stream sessions is [0x58e0be98]
04-25 17:14:11.579 I/linphone(5863):
media_stream_set_srtcp_send_key():
key da..8e stream sessions is [0x58e0be98]
04-25 17:14:11.579 I/linphone(5863): ZRTP
secrets
on: SAS is g5hm
previously verified yes
04-25 17:14:11.579 I/linphone(5863): Event
dispatched to all:
secrets are on
04-25 17:14:11.579 E/linphone(5863):
srtp_unprotect() failed
(7) on
stream ctx [0x589d4860]
As you can see, even though I installed
the apk on
both phones,
it seems
linphone still chooses to use AES 128 with
DH and
SAS is still
using 4
character SAS instead of B256.
Am I doing anything wrong? How can I test
out AES3
and EC with
B256 SAS?
It would be great if we could see in the
call's UI
some info
regarding
what type of algo was negotiated so we
don't have
to enable
debugging
and look through the logs to find out this
useful info.
Thoughts?
Cheers,
Peter
_______________________________________________
Linphone-developers mailing list
address@hidden
<mailto:address@hidden>
<mailto:address@hidden
<mailto:address@hidden>>
<mailto:address@hidden
<mailto:address@hidden>
<mailto:address@hidden
<mailto:address@hidden>>>
https://lists.nongnu.org/mailman/listinfo/linphone-developers
_______________________________________________
Linphone-developers mailing list
address@hidden
<mailto:address@hidden>
<mailto:address@hidden
<mailto:address@hidden>>
<mailto:address@hidden
<mailto:address@hidden>
<mailto:address@hidden
<mailto:address@hidden>>>
https://lists.nongnu.org/mailman/listinfo/linphone-developers
_______________________________________________
Linphone-developers mailing list
address@hidden
<mailto:address@hidden>
<mailto:address@hidden
<mailto:address@hidden>>
https://lists.nongnu.org/mailman/listinfo/linphone-developers
_______________________________________________
Linphone-developers mailing list
address@hidden
<mailto:address@hidden>
<mailto:address@hidden
<mailto:address@hidden>>
https://lists.nongnu.org/mailman/listinfo/linphone-developers
_______________________________________________
Linphone-developers mailing list
address@hidden
<mailto:address@hidden>
<mailto:address@hidden
<mailto:address@hidden>>
https://lists.nongnu.org/mailman/listinfo/linphone-developers
_______________________________________________
Linphone-developers mailing list
address@hidden
<mailto:address@hidden>
https://lists.nongnu.org/mailman/listinfo/linphone-developers
_______________________________________________
Linphone-developers mailing list
address@hidden <mailto:address@hidden>
https://lists.nongnu.org/mailman/listinfo/linphone-developers
_______________________________________________
Linphone-developers mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/linphone-developers