[asterisk-bugs] [JIRA] (ASTERISK-22832) Support AES-GCM mode in SRTP
A. Sresnewsky (JIRA)
noreply at issues.asterisk.org
Sun Jul 3 21:49:56 CDT 2016
[ https://issues.asterisk.org/jira/browse/ASTERISK-22832?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=231284#comment-231284 ]
A. Sresnewsky edited comment on ASTERISK-22832 at 7/3/16 9:49 PM:
------------------------------------------------------------------
How this patch would work for Asterisk versions 1.8 and/or 11 ? It can´t find sdp_srtp.h and sdp_srtp.c (closest is channels/sip/sdp_crypto.c) but I´ve tried applying it manually anyways without success obviously (ended-up with a res_srtp.c:256: error: ‘AES_128_GCM’ undeclared first use in this function error). Using libsrtp 1.5.2 compiled with latest OpenSSL (passed the AES-GCM test). Recently Freeswitch and pjSIP based clients have implemented AES-128-GCM/AES-256-GCM but Asterisk seens to be lagging behind.
(Restricted to Public group)
was (Author: agbsres):
How this patch would work for Asterisk versions 1.8 and/or 11 ? It can´t find sdp_srtp.h and sdp_srtp.c (closest is channels/sip/sdp_crypto.c) but I´ve tried applying it manually to end-up with a res_srtp.c:256: error: ‘AES_128_GCM’ undeclared (first use in this function) error. Using libsrtp 1.5.2 compiled with latest OpenSSL (passed the AES-GCM test). Recently Freeswitch and pjSIP based clients have implemented AES-128-GCM/AES-256-GCM but Asterisk seens to be lagging behind.
(Restricted to Public group)
> Support AES-GCM mode in SRTP
> ----------------------------
>
> Key: ASTERISK-22832
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-22832
> Project: Asterisk
> Issue Type: Improvement
> Security Level: None
> Components: Channels/chan_sip/SRTP
> Affects Versions: SVN
> Environment: Linux x86_64
> Reporter: Kristian Kielhofner
> Severity: Minor
> Attachments: asterisk-1.8-srtp-crypto_kernel-include.patch, asterisk_gcm_draft10.patch, asterisk_gcm.patch
>
>
> There is a version of libsrtp that supports AES-NI and AES-GCM mode:
> https://github.com/cisco/libsrtp/pull/34
> More on AES-GCM mode:
> http://tools.ietf.org/html/draft-ietf-avtcore-srtp-aes-gcm-10
> https://crypto.stanford.edu/RealWorldCrypto/slides/gueron.pdf
> AES-GCM mode improves the performance of SRTP on systems with and without support for the AES-NI instruction set.
> Performance test results pending.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list