Attention: long email :-)
David Sugar, maintainer of GNU Telephony project,
pointed me to the oRTP implementation and thus Linphone and asked
if it is possible to have ZRTP support for oRTP/Linphone.
ZRTP is a protcol that negotiates the necessary parameters to set-up
a secure RTP connections (SRTP). ZRTP was developed by Phil Zimmermann
(yes, Mr. "PGP") and is now available as RFC 6189, for further details
about ZRTP see:
I developed a ZRTP implementation which is part (an extension) of the
GNU ccRTP implementation and was first used in the Twinkle SIP client.
A Java version of this implementation is also available, same SVN
Of course GNU ZRTP is interoperable with Phil's ZRTP implementation
did a lot of interop-tests to make this happen.
About 7 months ago I got some information about the CSipSimple
aims to implement a SIP client for Android and uses the PJSIP stacks
the SIP, RTP, and media support. To enable ZRTP for CSipSimple I added a
C-wrapper to the GNU ZRTP C++ implementation and we implemented a PJSIP
transport module to enable PJSIP/PJSUA based applications to use ZRTP
"out-of-the-box". For those who are more interessted in this just have a
oRTP / Linphone
Because a C-wrapper is available and oRTP supports transport plugins
current SRTP transport seems to use this, but Linphone does not use SRTP
currently) it is IMHO possible to integrate GNU ZRTP into oRTP and thus
Linphone. The following "artwork" :-) depicts how such an integration
: | SRTP for |
: | ZRTP |
: | C Wrapper |
uses : |
+----------------+ +------------+---+ : +-+-----------------+
| Linphone | | | : |C| |
| enables | uses | zrtp_transport | uses | | GNU ZRTP |
| ZRTP transport +------+ implements +------+W| core |
| and implements | | ZrtpCallback | : |r| implementation |
|ZrtpUserCallback| | | : |a| (ZRtp et al) |
+----------------+ +----------------+ : |p| |
oRTP application for oRTP transport : Existing GNU ZRTP
example Linphone for ZRTP (new) : C-wrapper
GNU ZRTP is the existing ZRTP implementation that handles the ZRTP
protocol, performs necessary ZRTP computations, maintains some data in a
file etc. I implemented this part in C++ (it's stable, tested to work
Phil Zimmermann's implementation) and it's licencse is GPL v3. I also
implemented a C Wrapper to make GNU ZRTP accessible to C
This is a new oRTP transport that links into the transport stream,
similar to the current SRTP transport. This transport acts as a
controls the flow of ZRTP, RTP, and SRTP data. This is obviously a new
module. IMHO it should live in the somewhere parallel to oRTP source,
parallel to the other transport modules (just a proposal). This module
will be the main development during the planned ZRTP integration.
is the "glue" between applications like Linphone and the ZRTP
If ZRTP and thus SRTP are not engaged or active the zrtp_transport
like the normal oRTP RTP implementtaion.
Instead of using the existing SRTP implementation I use an own SRTP
implementation (also a C++ implementation that has a C Wrapper). Some
reasons why: the current libsrtp does not support AES 256 out-of-the-box
which is required for ZRTP. In addition ZRTP defines some more modern
authentiation mechanisms in SRTP (Skein MAC). In addition the
uses either openSSL or libgcrpyt as crypto backends, thus no own
of the AES cipher or bignum but reusing proven and well tested
This module would live in an appropriate third party directory. As a
note: openSSL is availabe for Android, have a look at CSipSimple
ZRTP uses openSSL on Android, for example.
GNU ZRTP core requires some external support functions, for example
data via RTP, get a mutex, get a timer, etc. Because these functions
dependent the zrtp_transport module implements these functions and
them via callback to GNU ZRTP.
An application may (and should) implement these callback methods.
uses the callback methods to inform the application about status
example if security was established, which cipher was activated, and
simple user interactions.
To implement this I obviously need some help from oRTP / Linphone
particular with the build and configuration stuff and the intrinsics
transport mechanisms. I would start to evaluate the SRTP transport to
learning curve. However, some support would be highly appreciated
once I had a
first rough draft of the zrtp_transport code.
Some discussions how to integrate the user callback functions in
could be the next steps after we have a working zrtp_transport, in
to setup secure connections for audio and video - yes, this works if the
application supports both :-) .
Ideas, comments, feedback, "ready-to-run-code" :-) , etc are
Linphone-developers mailing list