[sip-comm-dev] SRTP Patch


#1

Hi all,

Here is the latest patch of SRTP implementation. Sorry for the delay.
I should post this patch on Friday. :slight_smile:

Two major achievements recently done are:
1. I added javadoc comments to all the code I wrote.
2. I tested F8 mode encryption and HMC SHA1 authentication code and,
of course, fixed
some minor bugs to get the code working. I've tested them with SIP
Communicator itself on windows.
3. Replay checking's code is done, but the test result is not good.
Calculation is not correct all the time. I've spent some time on this
bug. But until now, no big progress. So I commented out the line
calling checkReplay() method. I will try to fix this bug as soon as
possible, perhaps before Monday. :slight_smile:

Until now, this patch should have the major functionalities required
for a simple SRTP implementation. And for inter-sc communication, it
may be enough. (With a simple customized key exchange mechanism.)

But for secured communication with other clients, a standard key
management protocol is required. Next week I will discuss this with my
mentor Romain and do the survey work at first.

I believe there are still potential places that we can do better and
bugs hidden in the implementation. So if you have any comments or
found any bugs. Please let me know. Thank you for your support. :slight_smile:

PS: I've attached 3 files:
1. sc-srtp-impl-v0.5.patch is a patch against the latest CVS revision,
generated using eclipse.
2. sc-srtp-impl-v0.5.src.zip is a zip archive containing all the code
I wrote and the modified files. If you just want to have a look at my
work without checking out the
whole project, or if you have problems applying the patch, please use this one.
3. bcprov-jdk14-137.zip is a modified version of the original bouncy
castle bcprov-jdk14-137.jar. The original jar is in CVS. But if you
encounter strange class
not found exception. You can try this.

Best regards,
Su

sc-srtp-impl-v0.5.patch (106 KB)

sc-srtp-impl-v0.5.src.zip (55.6 KB)

bcprov-jdk14-137.zip (1.12 MB)


#2

Hi all,

Good news: the replay check code's bug is fixed. :slight_smile:
See attachment.

sc-srtp-impl-v0.6.patch (107 KB)

sc-srtp-impl-v0.6.src.zip (55.7 KB)

路路路

On 8/18/07, Bing SU <nova.su@gmail.com> wrote:

Hi all,

Here is the latest patch of SRTP implementation. Sorry for the delay.
I should post this patch on Friday. :slight_smile:

Two major achievements recently done are:
1. I added javadoc comments to all the code I wrote.
2. I tested F8 mode encryption and HMC SHA1 authentication code and,
of course, fixed
some minor bugs to get the code working. I've tested them with SIP
Communicator itself on windows.
3. Replay checking's code is done, but the test result is not good.
Calculation is not correct all the time. I've spent some time on this
bug. But until now, no big progress. So I commented out the line
calling checkReplay() method. I will try to fix this bug as soon as
possible, perhaps before Monday. :slight_smile:

Until now, this patch should have the major functionalities required
for a simple SRTP implementation. And for inter-sc communication, it
may be enough. (With a simple customized key exchange mechanism.)

But for secured communication with other clients, a standard key
management protocol is required. Next week I will discuss this with my
mentor Romain and do the survey work at first.

I believe there are still potential places that we can do better and
bugs hidden in the implementation. So if you have any comments or
found any bugs. Please let me know. Thank you for your support. :slight_smile:

PS: I've attached 3 files:
1. sc-srtp-impl-v0.5.patch is a patch against the latest CVS revision,
generated using eclipse.
2. sc-srtp-impl-v0.5.src.zip is a zip archive containing all the code
I wrote and the modified files. If you just want to have a look at my
work without checking out the
whole project, or if you have problems applying the patch, please use this one.
3. bcprov-jdk14-137.zip is a modified version of the original bouncy
castle bcprov-jdk14-137.jar. The original jar is in CVS. But if you
encounter strange class
not found exception. You can try this.

Best regards,
Su


#3

Hi Su,

Thank you for the patches submission and taking the time to fix the last issues!
I'll be online tomorrow, let's discuss the key management survey via instant messaging (due to time difference, it'll certainly be late afternoon in China when I'll come up online).

Cheers,
romain

路路路

On 2007/08/18, at 22:42, Bing SU wrote:

Hi all,

Good news: the replay check code's bug is fixed. :slight_smile:
See attachment.

On 8/18/07, Bing SU <nova.su@gmail.com> wrote:

Hi all,

Here is the latest patch of SRTP implementation. Sorry for the delay.
I should post this patch on Friday. :slight_smile:

Two major achievements recently done are:
1. I added javadoc comments to all the code I wrote.
2. I tested F8 mode encryption and HMC SHA1 authentication code and,
of course, fixed
some minor bugs to get the code working. I've tested them with SIP
Communicator itself on windows.
3. Replay checking's code is done, but the test result is not good.
Calculation is not correct all the time. I've spent some time on this
bug. But until now, no big progress. So I commented out the line
calling checkReplay() method. I will try to fix this bug as soon as
possible, perhaps before Monday. :slight_smile:

Until now, this patch should have the major functionalities required
for a simple SRTP implementation. And for inter-sc communication, it
may be enough. (With a simple customized key exchange mechanism.)

But for secured communication with other clients, a standard key
management protocol is required. Next week I will discuss this with my
mentor Romain and do the survey work at first.

I believe there are still potential places that we can do better and
bugs hidden in the implementation. So if you have any comments or
found any bugs. Please let me know. Thank you for your support. :slight_smile:

PS: I've attached 3 files:
1. sc-srtp-impl-v0.5.patch is a patch against the latest CVS revision,
generated using eclipse.
2. sc-srtp-impl-v0.5.src.zip is a zip archive containing all the code
I wrote and the modified files. If you just want to have a look at my
work without checking out the
whole project, or if you have problems applying the patch, please use this one.
3. bcprov-jdk14-137.zip is a modified version of the original bouncy
castle bcprov-jdk14-137.jar. The original jar is in CVS. But if you
encounter strange class
not found exception. You can try this.

Best regards,
Su

<sc-srtp-impl-v0.6.patch>
<sc-srtp-impl-v0.6.src.zip>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#4

Hi Su,

First of all, sorry for taking so long to review your GSoC patch.
I have committed most of it recently in our development tree, thank you again for your great contribution! I must say that your code is clear and well-written, I did not have much modifications to make. Here are a few things I changed so far:

- Fixed few minor Javadoc
- Fixed few wrong code indentation
- Fixed some function names to respect code convention
- I replaced all of the private "_field" with "field", and prefixed them with "this" when accessing them from the same class
- I made some few fields private/public:
聽聽聽- in SRTPDigest.java: HMAC hmac -> private HMAC hmac
聽聽聽- in SRTCPTransformer.java: SRTPTransformEngine engine -> private SRTPTransformEngine engine;
聽聽聽- in SRTPCipherCTR.java: void getCipherSream() -> public void getCipherSream()

I still have to merge the code from CallSessionImpl.java and build.xml, but first I'd have a little question about bouncycastle: you told us you changed a bit the jar to fix some errors. Could you tell us the changes you made to that customized bouncy castle jar? Actually we are not very positive to use a modified jar as this would need constant modifications of the library each time we want to update it. If you tell us more about that, maybe we can find another solution to the problem?

Also, in SRTPCipherCTR.java and TransformOutputStream.java, there are 2 TODOs ("TODO error handling"), I'd like to get your opinion on the best way to implement the error handling in both cases, if you have some ideas? I'd like at least to add more comments for people interested in going on the implementation.

Thank you,

Romain

路路路

On 2007/08/18, at 22:42, Bing SU wrote:

Hi all,

Good news: the replay check code's bug is fixed. :slight_smile:
See attachment.

On 8/18/07, Bing SU <nova.su@gmail.com> wrote:

Hi all,

Here is the latest patch of SRTP implementation. Sorry for the delay.
I should post this patch on Friday. :slight_smile:

Two major achievements recently done are:
1. I added javadoc comments to all the code I wrote.
2. I tested F8 mode encryption and HMC SHA1 authentication code and,
of course, fixed
some minor bugs to get the code working. I've tested them with SIP
Communicator itself on windows.
3. Replay checking's code is done, but the test result is not good.
Calculation is not correct all the time. I've spent some time on this
bug. But until now, no big progress. So I commented out the line
calling checkReplay() method. I will try to fix this bug as soon as
possible, perhaps before Monday. :slight_smile:

Until now, this patch should have the major functionalities required
for a simple SRTP implementation. And for inter-sc communication, it
may be enough. (With a simple customized key exchange mechanism.)

But for secured communication with other clients, a standard key
management protocol is required. Next week I will discuss this with my
mentor Romain and do the survey work at first.

I believe there are still potential places that we can do better and
bugs hidden in the implementation. So if you have any comments or
found any bugs. Please let me know. Thank you for your support. :slight_smile:

PS: I've attached 3 files:
1. sc-srtp-impl-v0.5.patch is a patch against the latest CVS revision,
generated using eclipse.
2. sc-srtp-impl-v0.5.src.zip is a zip archive containing all the code
I wrote and the modified files. If you just want to have a look at my
work without checking out the
whole project, or if you have problems applying the patch, please use this one.
3. bcprov-jdk14-137.zip is a modified version of the original bouncy
castle bcprov-jdk14-137.jar. The original jar is in CVS. But if you
encounter strange class
not found exception. You can try this.

Best regards,
Su

<sc-srtp-impl-v0.6.patch>
<sc-srtp-impl-v0.6.src.zip>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net