[asterisk-dev] AES-GCM mode SRTP

Matthew Jordan mjordan at digium.com
Mon Nov 11 11:00:03 CST 2013

On Fri, Nov 8, 2013 at 12:13 PM, Kristian Kielhofner <kris at kriskinc.com>wrote:

> JIRA created:
> https://issues.asterisk.org/jira/browse/ASTERISK-22832
> On Thu, Nov 7, 2013 at 10:17 PM, Kristian Kielhofner <kris at kriskinc.com>
> wrote:
> > This patch is feature complete and has been tested with a pjsip client
> > also supporting AES_GCM_128_8.  I'm waiting for my license agreement
> > to be approved before I create an issue with a patch to track this.
> >
> > On Thu, Nov 7, 2013 at 12:23 PM, Kristian Kielhofner <kris at kriskinc.com>
> wrote:
> >> Hello,
> >>
> >>   I'm working on getting AES-GCM mode supported with SRTP.  Long story
> >> short it offers significant performance advantages, especially on
> >> systems that support AES-NI.
> >>
> >>   There is a branch of libsrtp that supports AES-NI and AES-GCM via
> openssl:
> >>
> >> https://github.com/cisco/libsrtp/tree/feature-openssl
> >>
> >>   IETF draft:
> >>
> >> http://tools.ietf.org/html/draft-ietf-avtcore-srtp-aes-gcm-10
> >>
> >>   I'm currently testing support for AES_GCM_128_8 with pjsip and
> >> FreeSWITCH (it works).  I'd love to add Asterisk to this list.  I'm
> >> working on a patch (I just can't seem to get chan_sip to prefer
> >> AES_GCM_128_8) but in the meantime I thought I'd check with the list
> >> to see if there's any interest or work done on this already.
> >>
> >> Thanks!
> >>

The patch looks good for the parsing/understanding of the attribute. Thanks
for the contribution!

Unfortunately, Asterisk is a little goofy in that it assumed there were
only two tag lengths possible (32 or 80). You can take a look where it
parses out the encryption_taglen parameter here in chan_sip:

} else if (!strcasecmp(v->name, "encryption_taglen")) {
ast_set2_flag(&peer->flags[2], !strcasecmp(v->value, "32"),

You'd probably want to eschew the usage of flags and instead store the tag
length value directly on the peer. You'd then have to extract that before
calling crypto_get_attrib/ast_sdp_srtp_get_attrib - those should probably
be updated to take in an enum value specifying the tag length, as opposed
to a binary option.

Similarly, res_pjsip would need to get updated to parse out a tag length
instead of having a 'use 32 instead of 80' option.

In both cases, some care would have to be taken to ensure that DTLS is also
configured correctly - I'm not sure if it can use the AES-GCM option as

Matthew Jordan
Digium, Inc. | Engineering Manager
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at: http://digium.com & http://asterisk.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20131111/26ab6ce5/attachment.html>

More information about the asterisk-dev mailing list