[Asterisk-Dev] Re: SRTP with keymanagement, SIP over TCP
Mikael Magnusson
mikaelmagnusson at glocalnet.net
Thu Dec 8 05:55:26 MST 2005
On Thu, Dec 08, 2005 at 01:14:14AM -0800, Wolfgang S. Rupprecht wrote:
>
> John Todd <jtodd at loligo.com> writes:
> > - ensure that you are testing against inexpensive equipment (Sipura
> > is an SRTP device which is cheap...)
>
> Did Sipura ever release enough information for folks to make their own
> "mini-certificates"? P.17 - P.19 of 841AdminGuide1105.pdf has some
> good hints, but I haven't been able to make enough sense of it to
> generate one from openssl.
>
> -wolfgang
I was able to figure out how the mini certificates work by reading that
document. They have left out important information about the algorithms.
The mini certificate contains a 512-bit RSA modulus (n) as the Public Key,
and a 1024-bit RSA modulus (n) is appended as the Public Key of the
signing "CA". Both have a public exponent (e) of 0x10001 (65537). The
Signature is a SHA1 message digest of the User Name, User ID, Expiration
Date and Public Key padded with PKCS1 padding and encrypted with the
private key of the "CA".
/Mikael
More information about the asterisk-dev
mailing list