linphone-developers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Linphone-developers] How to set AES 256 bit encryption?

From: Gaurang Gohil
Subject: Re: [Linphone-developers] How to set AES 256 bit encryption?
Date: Wed, 28 Nov 2018 18:58:30 +0530
Hello , Eli Burke
I have segmentation fault issue during the video calling (linphone).
the issue was generated just before the crash.
[swscaler @ 0xacc1a360] 1600x1200 -> 16854672x-1226279709 is invalid scaling dimension

On Wed, Nov 28, 2018 at 6:47 PM Eli Burke <address@hidden> wrote:

> Date: Wed, 28 Nov 2018 05:34:07 -0700
> From: Yoshi Takagawa <address@hidden>
> To: address@hidden
> Subject: Re: [Linphone-developers] How to set AES 256 bit encryption?
> Message-ID: <address@hidden>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hello Gaurang Gohil,
>
> Thank you very much for your very prompt reply.
>
> I found the files you referenced and I see no parameter obviously listed in ether file to modify an AES parameter.  What do I need to add and which file to do I need to add it?
>
> The totality of my /home/username/.config/Unknown Organization/linphone.conf file contents are as follows:


You can control the SRTP and ZRTP ciphers with the following.

[sip]
srtp_crypto_suites=AES_CM_256_HMAC_SHA1_80, AES_CM_128_HMAC_SHA1_32, AES_CM_128_HMAC_SHA1_80
zrtp_key_agreements_suites=MS_ZRTP_KEY_AGREEMENT_DH3K
zrtp_cipher_suites=MS_ZRTP_CIPHER_AES3
zrtp_auth_suites=MS_ZRTP_AUTHTAG_HS80
zrtp_hash_suites=MS_ZRTP_HASH_S384
zrtp_sas_suites=MS_ZRTP_SAS_B256

You need to look through source code to find valid values (grep helps). 
submodules/mediastreamer2/include/mediastreamer2/zrtp.h
and
submodules/mediastreamer2/include/mediastreamer2/ms_srtp.h
(SRTP crypto suites are mapped ASCII -> enum in submodules//mediastreamer2/src/voip/mediastream.c)

I also have a note to myself:
"; AES_CM_256_HMAC_SHA1_80 and AES_CM_256_HMAC_SHA1_32 require server-side support”

Unfortunately… I don’t remember the circumstances for writing that note. Possibly it was related to our Freeswitch VOIP server. For sanity’s sake I suggest you edit your srtp_crypto_suites down to one working 128 bit cipher, verify it, and then test the two 256 bit ciphers individually (one-leg and two-leg calls) to make sure they work in your environment.

-Eli


_______________________________________________
Linphone-developers mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/linphone-developers
reply via email to
[Prev in Thread] Current Thread [Next in Thread]