[jitsi~svn:9538] Implement paranoid mode for ZRTP.


#1

Thanks for committing this Werner!

Just a very minor one but since we are all about uniformity: we refer to
this as "Mode Paranoia" rather than "Paranoid mode" :slight_smile: .

路路路

On 19.04.12 21:23, wernerd@java.net wrote:

Project: jitsi
Repository: svn
Revision: 9538
Author: wernerd
Date: 2012-04-19 18:23:23 UTC
Link:

Log Message:
------------
Implement paranoid mode for ZRTP.

Refer to the in-line documentation of enableParanoidMode flag in ZRTPTransformerEngine.java to read the full description.

Revisions:
----------
9538

Modified Paths:
---------------
trunk/src/net/java/sip/communicator/impl/neomedia/transform/zrtp/ZRTPTransformEngine.java
trunk/lib/installer-exclude/zrtp4j-light.jar

Diffs:
------
Index: trunk/src/net/java/sip/communicator/impl/neomedia/transform/zrtp/ZRTPTransformEngine.java

--- trunk/src/net/java/sip/communicator/impl/neomedia/transform/zrtp/ZRTPTransformEngine.java (revision 9537)
+++ trunk/src/net/java/sip/communicator/impl/neomedia/transform/zrtp/ZRTPTransformEngine.java (revision 9538)
@@ -353,6 +353,39 @@

聽聽聽聽聽private boolean mitmMode = false;

+ /**
+ * Enable or disable paranoid mode.
+ *
+ * The Paranoid mode controls the behaviour and handling of the SAS verify
+ * flag. If Panaoid mode is set to flase then ZRtp applies the normal
+ * handling. If Paranoid mode is set to true then the handling is:
+ *
+ * <ul>
+ * <li> Force the SAS verify flag to be false at srtpSecretsOn() callback.
+ * This gives the user interface (UI) the indication to handle the SAS
+ * as <b>not verified</b>. See implementation note below.</li>
+ * <li> Don't set the SAS verify flag in the <code>Confirm</code> packets,
+ * thus the other also must report the SAS as <b>not verified</b>.</li>
+ * <li> ignore the <code>SASVerified()</code> function, thus do not set the
+ * SAS to verified in the ZRTP cache. </li>
+ * <li> Disable the <b>Trusted PBX MitM</b> feature. Just send the
+ * <code>SASRelay</code> packet but do not process the relayed data.
+ * This protects the user from a malicious "trusted PBX".</li>
+ * </ul>
+ * ZRtp performs alls other steps during the ZRTP negotiations as usual, in
+ * particular it computes, compares, uses, and stores the retained secrets.
+ * This avoids unnecessary warning messages. The user may enable or disable
+ * the Paranoid mode on a call-by-call basis without breaking the key
+ * continuity data.
+ *
+ * <b>Implementation note:</b></br>
+ * An application shall always display the SAS code if the SAS verify flag
+ * is <code>false</code>. The application shall also use mechanisms to
+ * remind the user to compare the SAS code, for example useing larger fonts,
+ * different colours and other display features.
+ */
+ private boolean enableParanoidMode = false;
+
聽聽聽聽聽private ZRTCPTransformer zrtcpTransformer = null;

聽聽聽聽聽/**
@@ -503,7 +536,9 @@
聽聽聽聽聽聽聽聽聽聽聽聽聽config = new ZrtpConfigure();
聽聽聽聽聽聽聽聽聽聽聽聽聽config.setStandardConfig();
聽聽聽聽聽聽聽聽聽}
-
+ if (enableParanoidMode) {
+ config.setParanoidMode(enableParanoidMode);
+ }
聽聽聽聽聽聽聽聽聽zrtpEngine = new ZRtp(zf.getZid(), this, clientIdString, config, mitmMode);

聽聽聽聽聽聽聽聽聽if (timeoutProvider == null)
@@ -1289,11 +1324,35 @@
聽聽聽聽聽}

聽聽聽聽聽/**
+ * Enables or disables paranoid mode.
+ *
+ * For further explanation of paranoid mode refer to the documentation
+ * of ZRtp class.
+ *
+ * @param yesNo
+ * If set to true then paranoid mode is enabled.
+ */
+ public void setParanoidMode(boolean yesNo) {
+ enableParanoidMode = yesNo;
+ }
+
+ /**
+ * Check status of paranoid mode.
+ *
+ * @return
+ * Returns true if paranoid mode is enabled.
+ */
+ public boolean isParanoidMode() {
+ return enableParanoidMode;
+ }
+
+ /**
聽聽聽聽聽聽* Check the state of the enrollment mode.
聽聽聽聽聽聽*
聽聽聽聽聽聽* If true then we will set the enrollment flag (E) in the confirm
- * packets and performs the enrollment actions. A MitM (PBX) enrollment service sets this flagstarted this ZRTP
- * session. Can be set to true only if mitmMode is also true.
+ * packets and performs the enrollment actions. A MitM (PBX)
+ * enrollment service sets this flag.
+ *
聽聽聽聽聽聽* @return status of the enrollmentMode flag.
聽聽聽聽聽聽*/
聽聽聽聽聽public boolean isEnrollmentMode() {
@@ -1308,7 +1367,7 @@
聽聽聽聽聽聽*
聽聽聽聽聽聽* If true then we will set the enrollment flag (E) in the confirm
聽聽聽聽聽聽* packets and perform the enrollment actions. A MitM (PBX) enrollment
- * service must sets this mode to true.
+ * service must set this mode to true.
聽聽聽聽聽聽*
聽聽聽聽聽聽* Can be set to true only if mitmMode is also true.
聽聽聽聽聽聽*
Index: trunk/lib/installer-exclude/zrtp4j-light.jar

Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream

--
Emil Ivov, Ph.D. 67000 Strasbourg,
Project Lead France
Jitsi
emcho@jitsi.org PHONE: +33.1.77.62.43.30
http://jitsi.org FAX: +33.1.77.62.47.31