linphone-developers
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Linphone-developers] ZRTP support for oRTP - Linphone


From: aleksei drassen
Subject: Re: [Linphone-developers] ZRTP support for oRTP - Linphone
Date: Wed, 29 Jun 2011 23:54:13 +0100

Hi, accidentally i read this discussion, mmm maybe that: http://www.zrtp.org/home can be usefull to implement zrtp on linphone?
 
 
cheers
 

Date: Wed, 29 Jun 2011 12:31:58 +0200
From: address@hidden
To: address@hidden
Subject: Re: [Linphone-developers] ZRTP support for oRTP - Linphone

Who needs telecommunications?
Letters have worked fine since a very long time.

On 6/29/2011 9:54 AM, Maxim Podbereznyy wrote:
who needs this?
29.06.2011 1:23 пользователь "Earl" <address@hidden> написал:
> Dear Gunnar, dear Simon,
>
> Gunnar you make a good point, thanks for your post.
>
> One other desirable thing would be secure file transfer.
>
> Simon, the fellow behind anti-sip has written some proprietary code
> to do secure file transfer. Werner knows some details about this.
> In my opinion, as long as Linphone is always getting better, why not
> add secure file transfer at some point in the future?
>
> Regards, Earl
>
> On 6/28/2011 4:43 PM, Gunnar Hellström wrote:
>> This is an important decision and development.
>> Please remember to enable ZRTP in a media agnostic way, so that it can
>> be used for
>
>> audio, video and real-time text - as desired.
>>
>> Regards
>>
>> Gunnar
>> ----------------------------------------------------------------------------------
>>
>>
>> Simon Morlat skrev 2011-06-28 15:41:
>>> Dear Werner,
>>>
>>> Thank you for your long email !
>>> We apreciate the technical description you wrote regarding zrtp
>>> integration, we now have a clear view of what 's to be done and how
>>> GNU zrtp is architectured.
>>> Guillaume and I have looked into GNU zrtp and the patch you did for
>>> pjsip. We have decided to work on this topic so you all can expect a
>>> release of linphone with gnu-zrtp in a mid-term future.
>>>
>>> Best regards,
>>>
>>> Simon
>>>
>>> On 26/06/2011 11:07, Werner Dittmann wrote:
>>>> Dear all,
>>>>
>>>> Attention: long email :-)
>>>>
>>>>
>>>> David Sugar, maintainer of GNU Telephony project,
>>>> (see http://www.gnutelephony.org/index.php/GNU_Telephony)
>>>> pointed me to the oRTP implementation and thus Linphone and asked
>>>> if it is possible to have ZRTP support for oRTP/Linphone.
>>>>
>>>>
>>>> Some background:
>>>>
>>>> ZRTP is a protcol that negotiates the necessary parameters to set-up
>>>> a secure RTP connections (SRTP). ZRTP was developed by Phil Zimmermann
>>>> (yes, Mr. "PGP") and is now available as RFC 6189, for further details
>>>> about ZRTP see:
>>>> http://zfoneproject.com/zrtp_ietf.html
>>>>
>>>> I developed a ZRTP implementation which is part (an extension) of the
>>>> GNU ccRTP implementation and was first used in the Twinkle SIP client.
>>>> A Java version of this implementation is also available, same SVN
>>>> repository
>>>> as ccRTP.
>>>>
>>>> Of course GNU ZRTP is interoperable with Phil's ZRTP implementation
>>>> and we
>>>> did a lot of interop-tests to make this happen.
>>>>
>>>> About 7 months ago I got some information about the CSipSimple
>>>> project that
>>>> aims to implement a SIP client for Android and uses the PJSIP stacks
>>>> to get
>>>> the SIP, RTP, and media support. To enable ZRTP for CSipSimple I
>>>> added a
>>>> C-wrapper to the GNU ZRTP C++ implementation and we implemented a PJSIP
>>>> transport module to enable PJSIP/PJSUA based applications to use ZRTP
>>>> "out-of-the-box". For those who are more interessted in this just
>>>> have a
>>>> look at:
>>>> http://github.com/wernerd/ZRTP4PJ
>>>>
>>>>
>>>> oRTP / Linphone
>>>>
>>>> Because a C-wrapper is available and oRTP supports transport plugins
>>>> (the
>>>> current SRTP transport seems to use this, but Linphone does not use
>>>> SRTP
>>>> currently) it is IMHO possible to integrate GNU ZRTP into oRTP and thus
>>>> Linphone. The following "artwork" :-) depicts how such an
>>>> integration could
>>>> be done:
>>>>
>>>>
>>>> : +-----------+
>>>> : | SRTP for |
>>>> : | ZRTP |
>>>> : +-----------+
>>>> : | C Wrapper |
>>>> : +-----+-----+
>>>> uses : |
>>>> +----------------+
>>>> | :
>>>> +----------------+ +------------+---+ :
>>>> +-+-----------------+
>>>> | Linphone | | | :
>>>> |C| |
>>>> | enables | uses | zrtp_transport | uses | | GNU
>>>> ZRTP |
>>>> | ZRTP transport +------+ implements +------+W|
>>>> core |
>>>> | and implements | | ZrtpCallback | : |r|
>>>> implementation |
>>>> |ZrtpUserCallback| | | : |a| (ZRtp et
>>>> al) |
>>>> +----------------+ +----------------+ :
>>>> |p| |
>>>> :
>>>> +-+-----------------+
>>>> :
>>>> oRTP application for oRTP transport : Existing GNU ZRTP
>>>> with
>>>> example Linphone for ZRTP (new) : C-wrapper
>>>> (modified)
>>>>
>>>>
>>>> Description:
>>>>
>>>> GNU ZRTP
>>>> GNU ZRTP is the existing ZRTP implementation that handles the ZRTP
>>>> protocol, performs necessary ZRTP computations, maintains some data
>>>> in a
>>>> file etc. I implemented this part in C++ (it's stable, tested to
>>>> work with
>>>> Phil Zimmermann's implementation) and it's licencse is GPL v3. I also
>>>> implemented a C Wrapper to make GNU ZRTP accessible to C
>>>> implementations.
>>>>
>>>> zrtp_transport
>>>> This is a new oRTP transport that links into the transport stream,
>>>> similar to the current SRTP transport. This transport acts as a
>>>> filter that
>>>> controls the flow of ZRTP, RTP, and SRTP data. This is obviously a new
>>>> module. IMHO it should live in the somewhere parallel to oRTP source,
>>>> parallel to the other transport modules (just a proposal). This module
>>>> will be the main development during the planned ZRTP integration.
>>>> This module
>>>> is the "glue" between applications like Linphone and the ZRTP
>>>> implementation.
>>>> If ZRTP and thus SRTP are not engaged or active the zrtp_transport
>>>> behaves
>>>> like the normal oRTP RTP implementtaion.
>>>>
>>>> SRTP-ZRTP
>>>> Instead of using the existing SRTP implementation I use an own SRTP
>>>> implementation (also a C++ implementation that has a C Wrapper). Some
>>>> reasons why: the current libsrtp does not support AES 256
>>>> out-of-the-box
>>>> which is required for ZRTP. In addition ZRTP defines some more modern
>>>> authentiation mechanisms in SRTP (Skein MAC). In addition the
>>>> ZRTP/SRTP module
>>>> uses either openSSL or libgcrpyt as crypto backends, thus no own
>>>> implementation
>>>> of the AES cipher or bignum but reusing proven and well tested
>>>> implementations.
>>>> This module would live in an appropriate third party directory. As a
>>>> side
>>>> note: openSSL is availabe for Android, have a look at CSipSimple
>>>> project thus
>>>> ZRTP uses openSSL on Android, for example.
>>>>
>>>> ZrtpCallback
>>>> GNU ZRTP core requires some external support functions, for example
>>>> to send
>>>> data via RTP, get a mutex, get a timer, etc. Because these
>>>> functions are system
>>>> dependent the zrtp_transport module implements these functions and
>>>> provides
>>>> them via callback to GNU ZRTP.
>>>>
>>>> ZrtpUserCallback
>>>> An application may (and should) implement these callback methods.
>>>> zrtp_transport
>>>> uses the callback methods to inform the application about status
>>>> changes, for
>>>> example if security was established, which cipher was activated, and
>>>> some other
>>>> simple user interactions.
>>>>
>>>>
>>>> To implement this I obviously need some help from oRTP / Linphone
>>>> gurus, in
>>>> particular with the build and configuration stuff and the intrinsics
>>>> of the
>>>> transport mechanisms. I would start to evaluate the SRTP transport
>>>> to lower the
>>>> learning curve. However, some support would be highly appreciated
>>>> once I had a
>>>> first rough draft of the zrtp_transport code.
>>>>
>>>> Some discussions how to integrate the user callback functions in
>>>> Linphone etc
>>>> could be the next steps after we have a working zrtp_transport, in
>>>> particular
>>>> to setup secure connections for audio and video - yes, this works if
>>>> the
>>>> application supports both :-) .
>>>>
>>>> Ideas, comments, feedback, "ready-to-run-code" :-) , etc are
>>>> appreciated.
>>>>
>>>> Best regards,
>>>> Werner



_______________________________________________ Linphone-developers mailing list address@hidden https://lists.nongnu.org/mailman/listinfo/linphone-developers

reply via email to

[Prev in Thread] Current Thread [Next in Thread]