[asterisk-bugs] [JIRA] (ASTERISK-28167) 256 cipher during outgoing calls

Malcolm Davenport (JIRA) noreply at issues.asterisk.org
Fri Nov 16 16:33:47 CST 2018


     [ https://issues.asterisk.org/jira/browse/ASTERISK-28167?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Malcolm Davenport updated ASTERISK-28167:
-----------------------------------------

    Labels: pjsip  (was: pjsip security)

> 256 cipher during outgoing calls
> --------------------------------
>
>                 Key: ASTERISK-28167
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28167
>             Project: Asterisk
>          Issue Type: Bug
>          Components: pjproject/pjsip
>    Affects Versions: 15.6.1
>         Environment: Debian 9  x86_64
> OpenSSL 1.1.0f  25 May 2017
> openssl ciphers:
> ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK-AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:RSA-PSK-AES256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK-AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA
>            Reporter: Evgeny
>            Assignee: Evgeny
>            Severity: Minor
>              Labels: pjsip
>
> Outgoing calls from (through) Asterisk 15.6.1 to Bria Mobile 5.4.3.108509 coudn't have cipher more than 128 cipher in SDP.
> Asterisk doesn't provide more that one cipher for establishing media in SDP
> {noformat}
> [ log ]
> [ endpoint -> Asterisk 15.6.1 (PJSIP) -> Bria Mobile ]
> xv=0
> xo=- 1214669129 1214669129 IN IP4 172.25.73.249
> xs=Asterisk
> xc=IN IP4 172.25.73.249
> xt=0 0
> xm=audio 19716 RTP/SAVP 18 8 0 101
> xa=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:8uS5QdiGu0CCxCf7BiBNbn58/CemIGWucwznTmpv
> xa=rtpmap:18 G729/8000
> xa=fmtp:18 annexb=no
> xa=rtpmap:8 PCMA/8000
> xa=rtpmap:0 PCMU/8000
> xa=rtpmap:101 telephone-event/8000
> xa=fmtp:101 0-16
> xa=ptime:20
> xa=maxptime:150
> xa=sendrecv
> {noformat}
> During incoming call SDP has multiple ciphers
> {noformat}
> [ log ]
> [ Asterisk 15.6.1 (PJSIP) <- Bria Mobile ]
> xv=0
> xo=- 1192253840736 1 IN IP4 91.25...
> xs=Cpc session
> xc=IN IP4 91.25...
> xt=0 0
> xm=audio 48112 RTP/SAVP 18 101
> xa=rtpmap:18 G729/8000
> xa=fmtp:18 annexb=no
> xa=rtpmap:101 telephone-event/8000
> xa=fmtp:101 0-15
> xa=crypto:1 AES_256_CM_HMAC_SHA1_80 inline:4eKmAS423WOe8GKpO5HuvIZ+T+0326FzMsNT6zXVOCNUrMVmVl6UN8893v1x3Q==
> xa=crypto:2 AES_256_CM_HMAC_SHA1_32 inline:r4afx6ibhJnuI3pwR3pAcu8aJKt9hHGSVh8nVW6bqCMSBAndVyuSEvXkgvAPcw==
> xa=crypto:3 AES_CM_128_HMAC_SHA1_80 inline:O+pJcaai9betFXvpYY80cdawCHGlXeeSp9mlAg+5
> xa=crypto:4 AES_CM_128_HMAC_SHA1_32 inline:usEncd0HMQ2+5bvTOKoJ03PnzLUxp8fabIw7fyII
> xa=sendrecv
> xa=nortpproxy:yes
> {noformat}
> Clients agree to 256 cipher
> [ log ]
> https://community.asterisk.org/t/pjsip-cipher-256/77157/11?u=nodorgrom



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list