[Asterisk-Users] Voice Encryption
Scott Huang
huang321 at gmail.com
Wed Sep 28 19:05:32 MST 2005
Hi, Michael and Tim,
Thanks for the help. It looks like Mark Spencer checked in some basic IAX
encryption code in Dec, 2004. When "encryption" is set, IAX encrypts frames
using AES128 which is the only supported algorithm. As of clients, I would
think KIAX and DIAX would work as well.
Thanks
-Scott
Date: Wed, 28 Sep 2005 14:28:11 -0700
From: Michael Jia <michael.mjia at gmail.com>
Subject: Re: [Asterisk-Users] Voice Encryption
To: Asterisk Users Mailing List - Non-Commercial Discussion
<asterisk-users at lists.digium.com>
Cc: kzliao at yahoo.com
Message-ID: <692781cd0509281428324cb5eb at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi, Scott
The source code I found is in chan_iax.c, from the name of parameters, it
looks like it is using
AES. Can anyone here confirm that?
static int encrypt_frame(aes_encrypt_ctx *ecx, struct ast_iax2_full_hdr *fh,
unsigned char *poo, int *datalen)
{
int padding;
unsigned char *workspace;
workspace = alloca(*datalen + 32);
if (!workspace)
return -1;
if (ntohs(fh->scallno) & IAX_FLAG_FULL) {
struct ast_iax2_full_enc_hdr *efh = (struct ast_iax2_full_enc_hdr *)fh;
if (option_debug)
ast_log(LOG_DEBUG, "Encoding full frame with length %d\n", *datalen);
padding = 16 - ((*datalen - sizeof(struct ast_iax2_full_enc_hdr)) % 16);
padding = 16 + (padding & 0xf);
memcpy(workspace, poo, padding);
memcpy(workspace + padding, efh->encdata, *datalen - sizeof(struct
ast_iax2_full_enc_hdr));
*datalen += padding;
workspace[15] &= 0xf0;
workspace[15] |= (padding & 0xf);
memcpy_encrypt(efh->encdata, workspace, *datalen, ecx);
if (*datalen >= 32 + sizeof(struct ast_iax2_full_enc_hdr))
memcpy(poo, workspace + *datalen - 32, 32);
} else {
struct ast_iax2_mini_enc_hdr *efh = (struct ast_iax2_mini_enc_hdr *)fh;
if (option_debug)
ast_log(LOG_DEBUG, "Encoding mini frame with length %d\n", *datalen);
padding = 16 - ((*datalen - sizeof(struct ast_iax2_mini_enc_hdr)) % 16);
padding = 16 + (padding & 0xf);
memset(workspace, 0, padding);
memcpy(workspace + padding, efh->encdata, *datalen - sizeof(struct
ast_iax2_mini_enc_hdr));
workspace[15] &= 0xf0;
workspace[15] |= (padding & 0x0f);
*datalen += padding;
memcpy_encrypt(efh->encdata, workspace, *datalen, ecx);
if (*datalen >= 32 + sizeof(struct ast_iax2_mini_enc_hdr))
memcpy(poo, workspace + *datalen - 32, 32);
}
return 0;
}
On 9/28/05, tim panton <tpanton at attglobal.net> wrote:
>
>
> On 28 Sep 2005, at 07:26, Michael Jia wrote:
>
> Hi, Scott
>
> This is Michael Jia. So far, I searched the lists and with the following
> email threads
> http://lists.digium.com/pipermail/asterisk-dev/2004-December/008295.html
> I don't know what is the current working status now. Maybe somone in the
> lists
> knows.
>
>
> Last I heard IAX2 in CVS Head has encryption that works between 2 asterisk
> systems. There is no documentation (yet) except the source code, and no
> clients that support it (yet).
>
> Tim.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20050928/be2e98d7/attachment.htm
More information about the asterisk-users
mailing list